am970theanswer.com Open in urlscan Pro
2606:4700:20::ac43:5166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://am970theanswer.com/
Submission Tags: @phishunt_io
Submission: On January 11 via api (January 11th 2021, 4:58:17 am UTC) from ES

Summary HTTP 176 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 45 domains to perform 176 HTTP transactions. The main IP is 2606:4700:20::ac43:5166, located in United States and belongs to CLOUDFLARENET, US. The main domain is am970theanswer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2020. Valid for: a year.

This is the only time am970theanswer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:20:... 2606:4700:20::ac43:5166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
39	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	65.9.7.2 65.9.7.2	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
14	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:30a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	35.156.26.195 35.156.26.195	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
5	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:280::3926	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	31.12.71.114 31.12.71.114	44099 (RUNISO-AS...) (RUNISO-AS RUNISO Autonomous System)
1	31.12.68.105 31.12.68.105	44099 (RUNISO-AS...) (RUNISO-AS RUNISO Autonomous System)
2	13.224.194.96 13.224.194.96	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	165.227.72.15 165.227.72.15	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	52.89.201.114 52.89.201.114	16509 (AMAZON-02) (AMAZON-02)
4	52.207.161.225 52.207.161.225	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.194.17 13.224.194.17	16509 (AMAZON-02) (AMAZON-02)
3	3.125.0.64 3.125.0.64	16509 (AMAZON-02) (AMAZON-02)
3 13	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
16 22	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4200:c62d:9d75:78d5:62b7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.28.42.15 52.28.42.15	16509 (AMAZON-02) (AMAZON-02)
2	13.225.80.37 13.225.80.37	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	3.220.82.225 3.220.82.225	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.210.81 184.30.210.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.30.234.204 52.30.234.204	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2.18.233.89 2.18.233.89	16625 (AKAMAI-AS) (AKAMAI-AS)
176	51

2 2606:4700:20::ac43:5166 (United States)

ASN13335 (CLOUDFLARENET, US)

am970theanswer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.saleminteractivemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

media.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.7.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)

campaign.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:30a (United States)

ASN13335 (CLOUDFLARENET, US)

salemlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.26.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com

us.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

content.cdn.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:280::3926 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

proxy.webwidgets.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.12.71.114 (New York, United States) 1 redirects

ASN44099 (RUNISO-AS RUNISO Autonomous System, FR)

node.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.12.68.105 (Begijnendijk, Belgium)

ASN44099 (RUNISO-AS RUNISO Autonomous System, FR)

nodeeu.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.194.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-96.fra2.r.cloudfront.net

cdn2.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.227.72.15 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

pulse-sim.salemwebnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.201.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-201-114.us-west-2.compute.amazonaws.com

aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.207.161.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-161-225.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-17.fra2.r.cloudfront.net

cdn.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com

tracking.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.183 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:c62d:9d75:78d5:62b7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.42.15 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.80.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-37.fra2.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.82.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-82-225.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.210.81 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.234.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.89 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com

99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	saleminteractivemedia.com cdn.saleminteractivemedia.com	2 MB
24	googlesyndication.com 9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	908 KB
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	141 KB
9	justpremium.com us.ads.justpremium.com cdn.justpremium.com pre.ads.justpremium.com tracking.justpremium.com	74 KB
6	googletagservices.com www.googletagservices.com	188 KB
6	google.com 1 redirects adservice.google.com www.google.com	1 KB
6	aptivada.com campaign.aptivada.com cdn2.aptivada.com aptivada.com	97 KB
5	facebook.com www.facebook.com	712 B
5	facebook.net connect.facebook.net	224 KB
5	gstatic.com fonts.gstatic.com	59 KB
4	postrelease.com jadserve.postrelease.com	3 KB
4	townhall.com media.townhall.com	182 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	salemlivechat.com salemlivechat.com	201 KB
3	targetspot.com 1 redirects content.cdn.targetspot.com node.targetspot.com nodeeu.targetspot.com	2 KB
2	openx.net 1 redirects us-u.openx.net	416 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	977 B
2	exelator.com 1 redirects loadm.exelator.com	3 KB
2	pro-market.net 2 redirects fei.pro-market.net	851 B
2	intentiq.com sync.intentiq.com
2	tapad.com 1 redirects pixel.tapad.com	908 B
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	googletagmanager.com www.googletagmanager.com	58 KB
2	jsdelivr.net cdn.jsdelivr.net	10 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	am970theanswer.com am970theanswer.com	14 KB
1	rackcdn.com 99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com	51 KB
1	rubiconproject.com pixel.rubiconproject.com	774 B
1	google.de www.google.de	552 B
1	googleadservices.com 1 redirects www.googleadservices.com	386 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	agkn.com 1 redirects aa.agkn.com	325 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	google.ch adservice.google.ch	803 B
1	salemwebnetwork.com pulse-sim.salemwebnetwork.com	85 B
1	accuweather.com proxy.webwidgets.accuweather.com	45 KB
1	ntv.io s.ntv.io	101 KB
1	swncdn.com media.swncdn.com	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
176	45

	Domain	Requested by
35	cdn.saleminteractivemedia.com	am970theanswer.com cdn.saleminteractivemedia.com
22	um.simpli.fi	16 redirects
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	am970theanswer.com securepubads.g.doubleclick.net www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	www.facebook.com	am970theanswer.com connect.facebook.net
5	www.google.com	1 redirects securepubads.g.doubleclick.net
5	connect.facebook.net	cdn.saleminteractivemedia.com am970theanswer.com connect.facebook.net
5	fonts.gstatic.com	fonts.googleapis.com
4	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net
4	jadserve.postrelease.com	s.ntv.io am970theanswer.com
4	media.townhall.com	am970theanswer.com
4	www.google-analytics.com	am970theanswer.com www.google-analytics.com
4	salemlivechat.com	am970theanswer.com salemlivechat.com ajax.googleapis.com
3	tracking.justpremium.com	am970theanswer.com
3	pre.ads.justpremium.com	us.ads.justpremium.com cdn.justpremium.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	aptivada.com	campaign.aptivada.com
2	cdn2.aptivada.com	am970theanswer.com
2	us.ads.justpremium.com	am970theanswer.com us.ads.justpremium.com
2	www.googletagmanager.com	am970theanswer.com
2	campaign.aptivada.com	am970theanswer.com campaign.aptivada.com
2	cdn.jsdelivr.net	am970theanswer.com
2	am970theanswer.com	cdn.saleminteractivemedia.com
1	99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com	am970theanswer.com
1	pixel.rubiconproject.com
1	www.google.de
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	s-jsonp.moatads.com	am970theanswer.com
1	z.moatads.com	s.ntv.io
1	9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	cdn.justpremium.com	us.ads.justpremium.com
1	pulse-sim.salemwebnetwork.com	am970theanswer.com
1	nodeeu.targetspot.com	am970theanswer.com
1	node.targetspot.com	1 redirects
1	proxy.webwidgets.accuweather.com	am970theanswer.com proxy.webwidgets.accuweather.com
1	ajax.googleapis.com	salemlivechat.com
1	content.cdn.targetspot.com	am970theanswer.com
1	s.ntv.io	am970theanswer.com
1	media.swncdn.com	am970theanswer.com
1	tag.simpli.fi	am970theanswer.com
1	maxcdn.bootstrapcdn.com	am970theanswer.com
1	fonts.googleapis.com	am970theanswer.com
176	62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
app.radio.com
saleminteractivemedia.com
townhall.com
salemmedia.com
cdn.saleminteractivemedia.com
publicfiles.fcc.gov
salemcareerhub.com
wnym.christianjobs.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
cdn.saleminteractivemedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-16` - `2022-04-16`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.swncdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2022-04-14`	2 years	crt.sh
campaign.aptivada.com Amazon	`2020-08-06` - `2021-09-06`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tracking.justpremium.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
*.cdn.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-16` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.webwidgets.accuweather.com DigiCert Secure Site ECC CA-1	`2020-08-15` - `2021-11-14`	a year	crt.sh
*.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-25` - `2021-04-19`	2 years	crt.sh
*.aptivada.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.townhall.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-21` - `2021-02-20`	2 years	crt.sh
pulse-sim.salemwebnetwork.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
justpremium.com Amazon	`2020-05-02` - `2021-06-02`	a year	crt.sh
*.google.ch GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-02-18` - `2021-05-19`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://am970theanswer.com/
Frame ID: E4F7C8816329AC63881C3011F543964D
Requests: 126 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=656&widget_type=widget&app_type=&environment=external
Frame ID: C644FEEA8D612B7D1E44101F20E6E22F
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: F943C8BCE10C896AF489CB51FF40B6AF
Requests: 1 HTTP requests in this frame

Frame: https://salemlivechat.com//themes/skinnable/invitation/bubble.png
Frame ID: B5E464021E44C507E9BAA3BC413F552C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 9EB7B36F48086D6D0BCEA4A2A551B9C1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 6FE687901605B28443EAD649EEC6FABD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 8EE49E628D367A9F170DAEE6C8FCF5D1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: EB72AB5C93FECECD3DB157861747598F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteEEirz5GzVLmCmevkKOFlq4qbbYBCxH9_4MAy0FJtn3y1WycgQDLSl2QWI_nBugM0cL_o6sWQ68YMABTt3GEeljuFSoQUALlnM60L7F3o8uXv3wWmkjEyDNKh-VFT2u7-lBo7MTb4UTLal0PC2Y0OE901Ja6UJytLPLy9PhJKnN--Wc0ca5jQJisTYQ1n0yLKgbS1ayvBqXG8WauwWRK8W4V9szp2lH5ORrKgfdHwyjTPhtvqT7QNJaqgrkJfI3yPDDDLSM8QrQ&sai=AMfl-YTszhKi7nH7M8o255F0axOjxWWDyyRq4sQSfYa1_4mK_t-eVkKGa_fFJtUe5ylday9vmjnrtv4aBl6FZisES8HvCIxVirXSi4RJAZu30UdaKktlpfa46DaShi0r6eWl&sig=Cg0ArKJSzPTshrisxEYUEAE&adurl=
Frame ID: AEE8DF2450B8BEEA026BFCFA77C832D7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyeruffTyf3v_v-qvCpo2lml3anGKDlnMvs2Q8XxDW1lYtvPNaqteKMvQC823xbUcZ-7A_2sD55NRqVq2CQ5kMMm71d3PzllWFTl6OCLRzqqUrhoNmdcwAcG3rwNzRnZ1YMQ0jhW3oFmkpqRWcPgess4e1kTsRMbsVIt9Dn2YOzQ0At171uS4JVe5Pz-9btSqwm9v7rgpP1zcnEOJQDeodFDO-UKGJGJUss_3fsHX8HEK2jAW_GE5NqQGYgqixRSS9OmTQ-NOFYA&sai=AMfl-YTV3CgaNznpJ0LiUObfCbZiuSGTfPJrSrDqN2QhYOT_ZsaPDIpoo-yptr_BXroLCG0DN5m98gUXwq89p1djMfwbIkHOyhVSM1qg-qvUMqkdyB9qGFV9HunPwfYK83Gm&sig=Cg0ArKJSzHbPwonZqJJNEAE&adurl=
Frame ID: 87C13C4059EC6BB2027F86702228C5F8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0jdkD6H_6kBDofyyy7G0M_CKePCGn29HbZOcuUYHz8Sc0hvSNtSRR0y7r0CmMY9uDHnsN5-SsCU8rO3JX2aJF-V9li1Ch-4XedU9bHMveZC0VOsw2faBTggiIB9qDFUun-S0zBECNVvBGic9R4eFXFs6dkI4IAFI3-FkVC4XDUd37PGAfWPVNTiLXSShfp2lVHhAUdJ4buPn1VbBVsoZyTGdvi_vVGkr1phlDls5e0FvUR3gtEuJfe8W9YoMGSjdRc0BQ9gbRHw&sai=AMfl-YRsJx67qEQwIraoXJTktdN0MXNMGP4HOyFlUMFQat0Vm189axjSKu0cOpXfuj2_nZJTdetXzfKpiQ-twcaFi4HjFSh29WSjoh3MPgzMcBjjGFW_SpfYR48zGYR5cfrS&sig=Cg0ArKJSzPKPIaybqqQ6EAE&adurl=
Frame ID: D31D68744F678CB8122C23945318DD3C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstHhUme0Fe3Rt1AEWSRYFBa4rTdb-qvEQnQbNYYFt3_PpC74yIGVUjCPghuFM_3qa9EVJbVYOTIGg24tWnZH8_bsYNkajZQAMAcdkZQvvRqgoNNmpH-9hMheE_R0m_WwAidhvCm938TJ9FckRuHb8fW672dHM46eFf1Teg8skSuM_BTQmmlo1kaKdHD6UKVO_tr21QlqgfW-Cojh8npLtO-ucQzxaMWen62Ob2aFSaZKOC_DyfQo60xCmM8nufAwpmxxWDMPQ_cg&sai=AMfl-YTgqcuzpmQO5kfMpNyhu8_L_GzkOIp1KXqOJ0nt9KY8_i-Uzkoh3jj5vTzY6W75PiOylbLI1PtQ7Z1f5uLiOLfeU5sNi5qvRHGchEbpypWXFb76e8K8idwWBHtgwUzf&sig=Cg0ArKJSzCPFAuDQzHJVEAE&adurl=
Frame ID: 323FA47D2204A5E7758F32DF187A2F77
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc2nG4zhOdfIsiPzDqts_GPI5IRywXE3s0Rhb0exurwJq1pwkXTBHdxv0XmMmHdiEnxr4kvHr2oGvTKjM8eHq_rtpcRdboFJRFm-lq1QusCvpB-jLQOBWicM4JLNwjoL7JRKwiWUXjkDivV5YPrgnKZYGcoplxy4rBRW2uiVLbYqTH5ZBBz1KST09Ler-19dd-pUqbsPPEQa1FZXNyfv5l30pMDyNx95aua6y-5OvbpU2ZpgLrwWi5oG5ynBUXYcQkwqVEXy0wMQ&sai=AMfl-YQHeYLcRgjgaZGTcncbarPhnoJoJrQkqbMtxH2FbOQXn2dCluanIRev320dBSpA2SNLBWrQKUd_UudFCLkJnW7tLurQbzEe-NIrsKQzcs_7iUvEPveJoJb12qREHSKW&sig=Cg0ArKJSzLShHlnI6sk7EAE&adurl=
Frame ID: 6AB1088824F4E071C2E0D6B253B9D002
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2F441A5AC28D8271734CBC5795AD3DFD
Requests: 1 HTTP requests in this frame

Frame: https://campaign.aptivada.com/proform/907580?js=true&parent=https%3A%2F%2Fam970theanswer.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Frame ID: E84D461067F7EB529C7080A9094D5DF0
Requests: 1 HTTP requests in this frame

Frame: https://tracking.justpremium.com/tracking.gif?rid=r-c555452b-5541-4687-9386-eddcd938336c-51702-528271432&sid=r-2c63ede3-b40d-417e-b44c-fd691abe4712-44156-513412753&uid=r-e5d60761-fc14-4654-a788-2d78dfad7c4c-44156-513430933&vr=v2.50.375&ru=https%3A%2F%2Fam970theanswer.com%2F&tt=1610341078183&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=attk6bh1610341078183&et=&aid=427900,427900,427900,427900,419815,419815,419815,419814,419814,419814,419813,419813,419813,419811,419811,419811&said=1144374,1135142,1124959,1124960,1089126,1089127,1089128,1089122,1089123,1089124,1089118,1089119,1089120,1089110,1089111,1089112&ei=430439%2C22407669%2C146753%2C20659642%2C22369165%2C20254628%2C430432%2C22369164%2C20254627%2C430429%2C22369163%2C20254626%2C430427%2C22369161%2C20254624%2C430430&fc=hv,hv,hv,hv,pd,pd,pd,ca,ca,ca,pu,pu,pu,sa,sa,sa&sp=39,1,24,32,1,32,39,1,32,39,1,32,39,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112422&dr=1032&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A6320%7D&ty=ex
Frame ID: B3D1463AA446B0E5EFD57DA770DCB5B3
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f0d75952ef94%26domain%3Dam970theanswer.com%26origin%3Dhttps%253A%252F%252Fam970theanswer.com%252Ff2adf73925cc7ec%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FAM970TheAnswer%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500
Frame ID: 3C682692083A5180EC02941FD637C90A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 8BDCD24FF50D40FEC58C78D39A7D9B57
Requests: 1 HTTP requests in this frame

Frame: https://99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com/_7972.png
Frame ID: 044B08A8CD6E5B7802C33E754E25798F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

176
Requests

99 %
HTTPS

39 %
IPv6

45
Domains

62
Subdomains

51
IPs

8
Countries

4987 kB
Transfer

8375 kB
Size

34
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/AM970TheAnswer
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/am970theanswer
Title: Find us on Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/am970theanswer
Title: Find us on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCG4QFQiEhSEM3Rfyuskp1bw
Title: Find us on YouTube

Search URL Search Domain Scan URL

URL: https://app.radio.com/download-WNYM-AM
Title: Find us on Radio.com

Search URL Search Domain Scan URL

URL: https://saleminteractivemedia.com/ListenLive/Player/WNYMAM
Title: Listen Live

Search URL Search Domain Scan URL

URL: https://townhall.com/columnists//kurtschlichter/2021/01/10/the-libfascist-purge-n2582903

Search URL Search Domain Scan URL

URL: https://townhall.com/columnists//kevinmccullough/2021/01/10/freespeechmonday-and-deplatforming-amerika-n2582886

Search URL Search Domain Scan URL

URL: https://townhall.com/columnists//myrakahnadams/2021/01/10/quick-compelling-bible-study-vol-43-a-house-divided-against-itself-n2582852

Search URL Search Domain Scan URL

URL: https://townhall.com/columnists//arthurschaper/2021/01/10/for-those-who-believe-christ-is-still-king-and-the-king-is-with-us-n2582754

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out
Title: California - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-radio-stations-ccpa-privacy-notice-for-california-residents/
Title: California - CCPA Notice

Search URL Search Domain Scan URL

URL: https://salemmedia.com/privacy-policy-for-salem-media-group-radio-stations/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/shared/docs/terms-of-use.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/227/media/eeo.pdf?t=2021-01-11T04:57:57
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/wnym
Title: FCC Online Public File

Search URL Search Domain Scan URL

URL: https://salemcareerhub.com/
Title: Salem Career Hub

Search URL Search Domain Scan URL

URL: https://wnym.christianjobs.com/
Title: Christian Jobs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://node.targetspot.com/userdata/?callback=tsCookieCallback HTTP 302
https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback

Request Chain 155

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 156

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 157

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://um.simpli.fi/aa_px?sk=165001003663000091241

Request Chain 159

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 162

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=76EA27195FE842EEB1115DBE9DDEEDEE;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=76EA27195FE842EEB1115DBE9DDEEDEE;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2829488926842048422

Request Chain 163

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0&xl8blockcheck=1

Request Chain 165

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 166

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 167

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 168

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE&dnr=1

Request Chain 169

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 170

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1610341079755&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=19r7X5m2MK_U7_UPspqp0A4&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=19r7X5m2MK_U7_UPspqp0A4&cid=CAQSKQCNIrLM6NOSru_ihpvwN1t07bkNlDiZYbMmsaIUDDfSFXX7R_Jh6-os&random=2655170219 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=19r7X5m2MK_U7_UPspqp0A4&cid=CAQSKQCNIrLM6NOSru_ihpvwN1t07bkNlDiZYbMmsaIUDDfSFXX7R_Jh6-os&random=2655170219&ipr=y

Request Chain 171

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE&__user_check__=1&sync_id=93e61416-53c9-11eb-b49b-1ab52fe71706

Request Chain 172

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 173

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=76EA27195FE842EEB1115DBE9DDEEDEE&expires=365

Request Chain 174

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEDRueYBcYRCkqkNtHSSs97U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=76EA27195FE842EEB1115DBE9DDEEDEE HTTP 302
https://um.simpli.fi/g_match?id=

176 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
am970theanswer.com/ 74 KB
14 KB 317ms
279ms Document
text/html 2606:4700:20::ac43:5166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:5166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df96736c02621f33c8106254245da04b074b040a1f8816879694a50fcf8164b7

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://*.sim-cms.net http://sdk.listenlive.co 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: am970theanswer.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:51 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d1fa1b036df1d8d0e9e6f59f0e7e0e13c1610341071; expires=Wed, 10-Feb-21 04:57:51 GMT; path=/; domain=.am970theanswer.com; HttpOnly; SameSite=Lax; Secure
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
permissions-policy: autoplay 'self'
content-security-policy: default-src https: http://*.sim-cms.net http://sdk.listenlive.co 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com;
cf-cache-status: DYNAMIC
cf-request-id: 079167d2370000c2a96bad0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xXFh1E0yw41YR0calEbSCVt6M7aRhdnbj7EUhBa%2BZwYkPByFStz3bDMgptUeVuVsXTcnE5LGkS6oOL81B6AkvRsN3CaMAnrLeX%2BD5kCqaa3hgpQ%2BCKuj6CFFz4v1K%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60fc0f305a53c2a9-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 36ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6843b486f69732b500cac5ae94d1c7570a9c37991d3324693269d26a3c541c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 04:57:51 GMT
server: ESF
date: Mon, 11 Jan 2021 04:57:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jan 2021 04:57:51 GMT

GET
H2 200 smart-app-banner.css
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 6 KB
1 KB 26ms
11ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 272663
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1312
etag: W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM"
x-served-by: cache-fra19126-FRA
date: Mon, 11 Jan 2021 04:57:51 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 head.74bd60820bb6369b76ab.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 2 KB
1 KB 130ms
50ms Script
application/x-javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/head.74bd60820bb6369b76ab.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 77225d54295bb3a965a87ba5579172b75b0487d6ff59dc774c47ec6f301c8f45

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: MuQsRlGfS3XcvUae/NhT+g==
content-length: 899
x-ms-lease-status: unlocked
last-modified: Tue, 05 Jan 2021 01:07:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B11656B8394B
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds008.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 421fa0a4-a01e-003c-1a01-e3bc58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31004698
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ntbase.css
cdn.saleminteractivemedia.com/dist/a2bc1034/site-css/2019nt/ 183 KB
30 KB 111ms
30ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/a2bc1034/site-css/2019nt/ntbase.css?hash=d8eec5e70d65f96867db
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 229a43f73612c664600cf99cd40c6550e01fef8ac0c8ba019f87f08d83923dc5

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: tK5FXy++Ndd29KNNIXdOuQ==
content-length: 29935
x-ms-lease-status: unlocked
last-modified: Fri, 08 Jan 2021 01:45:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B37720CC40E6
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds240.fr8.c
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4c6e7384-101e-0025-3564-e59030000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31267395
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 tuition2020.d8eec5e70d65f96867db.css
cdn.saleminteractivemedia.com/dist/static/css/ 59 B
272 B 129ms
49ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/css/tuition2020.d8eec5e70d65f96867db.css
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b707e495b5c993c23e4b4adc7dada42f6bf09f8014b90891d63dea41ffc5661a

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: pDRTw3WJPLAURMIsuDIP3w==
content-length: 79
x-ms-lease-status: unlocked
last-modified: Tue, 05 Jan 2021 01:07:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B11656B615E5
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds052.fr8.c
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a5b66258-e01e-003b-5201-e34add000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31004698
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 5064ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://am970theanswer.com
Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 a2fee930-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 123ms
58ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

ef417acb1eb7a0b598a917566e8c2ae52e71b029ec145eed3527b5d73fdf7040

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 11 Jan 2021 04:57:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3096
x-request-id: FlkUrE30J5GWD2UM8kwB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pulse-sim.js Show response
media.swncdn.com/pulse/ 2 KB
1 KB 81ms
26ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.swncdn.com/pulse/pulse-sim.js?v=1
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 0bdd18746a58467caa5c0e552f1ba38cb34a9dda20131d55d9441c899f26a448

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:52 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2018 20:04:48 GMT
server: nginx
etag: "1516737888"
x-hw: 1610341072.dop011.fr8.t,1610341072.cds266.fr8.hn,1610341072.cds267.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 920
x-proxy-cache: MISS

GET
H2 200 widget.js Show response
campaign.aptivada.com/ 74 KB
14 KB 90ms
29ms Script
application/javascript 65.9.7.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/widget.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a2a8fef4adaa2dbd753b044cd9f0a9fe7106486e6a8332c882054fb1ea69546

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qn6gYsEmjPX7EYbqVijny_u1flvxyrS0
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 17:06:22 GMT
server: AmazonS3
age: 107688
etag: W/"2cbaf6bfebe0aeba2d4d1fa915351fd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
date: Sun, 10 Jan 2021 22:54:35 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fflCaKBdZmyIl7PmtkKXSIbF_vw9fRhSPc5_Kd5jjLrHd0eGXQ8QCg==

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 347 KB
101 KB 127ms
59ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: db413b9f5f54f2c87c446007d0af148719f0f13629b285e410df0cc3db3f7e8a

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:57:52 GMT
Content-Encoding: gzip
x-amz-request-id: 66995AA03CBF2792
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: rpqoYYj0M6AiJ2iO7N2TP0C44By66rVWRkVuEz3lXz+sZu/t1XgzON/Jknum+q0LmDrwdUXswqM=
Last-Modified: Thu, 07 Jan 2021 23:12:37 GMT
Server: AmazonS3
ETag: "d3bf7ea698cec8bf5e201ba81ba7fa6e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 86ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

2a957719ab4bdaef0012c99f196b5388210d766ae4601abdd7ab6a698d4a539e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "751 / 127 of 1000 / last-modified: 1610302927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18997
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:52 GMT

GET
H2 200 smart-app-banner.js Show response
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 25 KB
9 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1239582
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8896
etag: W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw"
x-served-by: cache-fra19126-FRA
date: Mon, 11 Jan 2021 04:57:51 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invitation.ashx Show response
salemlivechat.com/scripts/ 758 KB
198 KB 817ms
786ms Script
text/javascript 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/scripts/invitation.ashx?company=wnymam
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 86d457ad30d1119a5121a038fae6768c844dc6125279aec322e3a0acd5036fb3

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
p3p: policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
cf-request-id: 079167d6a500004a98ce31f000000001
x-ua-compatible: IE=edge
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u7TBqHF5N2e3eE0YWmLnM49qJnI06joDenX9%2F0gTuNte0s6YIBJJG3dkU9Af3X8ThOr92jukNtBX2yGgwCa24kJCROFehGOtK3tPYhJd1E%2F5WiPL04cAsa7zmhNDEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
cf-ray: 60fc0f3768b84a98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain

GET
H2 200 04f38c35-f4cf-42e5-ab4c-20ccf726acf4.jpg
cdn.saleminteractivemedia.com/associated-press/data/photos/2021/10/ 78 KB
79 KB 574ms
574ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/associated-press/data/photos/2021/10/04f38c35-f4cf-42e5-ab4c-20ccf726acf4.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e5586e0db74f9d54c379419caab99568fa49c3ddcc17963dc19624d220366523

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:55 GMT
content-md5: t+I0JKzuqqKS6bLV2UPOIA==
content-length: 80208
x-ms-lease-status: unlocked
last-modified: Sun, 10 Jan 2021 22:15:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B5B53597D80E
x-hw: 1610341074.dop126.fr8.t,1610341074.cds241.fr8.hn,1610341075.cds224.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b52348dc-201e-0062-01d6-e74f5b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 c5049422-5bc5-46f3-8017-0233055188d2.jpg
cdn.saleminteractivemedia.com/associated-press/data/photos/2021/9/ 143 KB
143 KB 30ms
30ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/associated-press/data/photos/2021/9/c5049422-5bc5-46f3-8017-0233055188d2.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e799d48e40a02b054fab477207c7179d85c45f8dada4127470d7c113b38f1ec

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:55 GMT
content-md5: TUUfnAV9Zpa8qHsMzwDIjw==
content-length: 146535
x-ms-lease-status: unlocked
last-modified: Sun, 10 Jan 2021 01:35:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B507FA302E75
x-hw: 1610341075.dop126.fr8.t,1610341075.cds241.fr8.hn,1610341075.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 924dafa9-d01e-005e-5172-e7fb80000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 b50432d1-9c44-4d93-83a6-d43168c7af13.jpg
cdn.saleminteractivemedia.com/associated-press/data/photos/2021/9/ 64 KB
64 KB 31ms
31ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/associated-press/data/photos/2021/9/b50432d1-9c44-4d93-83a6-d43168c7af13.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 778a3a62300ef9f90de6b3b4cf07ec16d7a4ffef263761994081b0a66ba3e601

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:55 GMT
content-md5: ZWTGAZMWdSJcPIZbRSh4nw==
content-length: 65491
x-ms-lease-status: unlocked
last-modified: Sun, 10 Jan 2021 01:35:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B507F96FBCD7
x-hw: 1610341075.dop126.fr8.t,1610341075.cds241.fr8.hn,1610341075.cds224.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 08fcf08f-801e-0009-4972-e7120d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 71 KB
29 KB 50ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRHG9F2

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6fa7e4fb942f5fc5c8db186bb96eafe7a83ffde57581ba790232541f91cdaa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29021
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:55 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 71 KB
29 KB 44ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a429d36e6f06a061c4d4c6680dd1c8979abfade487b5a3356611ffc6f2a55a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29062
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Jan 2021 04:57:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5903
date: Mon, 11 Jan 2021 03:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 11 Jan 2021 05:19:32 GMT

GET
H2 200 legacy-main.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 4 KB
2 KB 30ms
29ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 37b7718daf4c52bfb6fb354ca33d9ff302aa53f275789c4a4a3174425a8b11c5

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:55 GMT
content-encoding: gzip
content-md5: lGhB1rnosDv+GdFcm+kHAQ==
content-length: 1357
x-ms-lease-status: unlocked
last-modified: Tue, 22 Dec 2020 18:22:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8A6A67B02038C
x-hw: 1610341075.dop126.fr8.t,1610341075.cds241.fr8.hn,1610341075.cds012.fr8.c
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 83e83a16-e01e-003b-7d91-d84add000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=29856986
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 vendor.411f7c4a9d2ab74024e4.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 154 KB
51 KB 29ms
29ms Script
application/x-javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.411f7c4a9d2ab74024e4.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f9492193b6d8549844c1cbd80c2608ccf41e3467654e2d24f78e021c81f0541b

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: dPrZ8sQsISCvQ22DJUiI/g==
content-length: 51649
x-ms-lease-status: unlocked
last-modified: Tue, 05 Jan 2021 01:07:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B11656C694AF
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds271.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a2183c5f-c01e-002c-2001-e38abe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31004699
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2018a-2018ccm-2019nt~promotions2020~radiohost2020~surround~tuition2020.2dadecb9df9f039b0584.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 43 KB
10 KB 33ms
33ms Script
application/x-javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt~promotions2020~radiohost2020~surround~tuition2020.2dadecb9df9f039b0584.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8264aaef589f8b63291d4c61d1acd51f300890d375b24f15f83ec86bda0d7e6e

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: +4J01JJ3ZIo84nxbr7UoQg==
content-length: 9795
x-ms-lease-status: unlocked
last-modified: Tue, 05 Jan 2021 01:07:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B11656B7279C
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds205.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5e9680c8-f01e-0060-6401-e34da1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31004699
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2018a-2018ccm-2019nt.2aba2ecc7cde50892823.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 165 KB
31 KB 29ms
29ms Script
application/x-javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.2aba2ecc7cde50892823.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 55d37798d33bab9e01224def53b84840610a257152a50c60bb811a0d836f97cc

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:51 GMT
content-encoding: gzip
content-md5: bFSEOjWvfnyWulThF2iPJw==
content-length: 31413
x-ms-lease-status: unlocked
last-modified: Tue, 05 Jan 2021 01:07:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B11656B86069
x-hw: 1610341071.dop126.fr8.t,1610341071.cds241.fr8.hn,1610341071.cds283.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0d45e2b3-001e-0013-2b01-e33d62000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31004699
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 js.php Show response
us.ads.justpremium.com/adserve/ 8 KB
4 KB 136ms
56ms Script
text/javascript 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/js.php?zone=112422
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4ce1dc6bca18227a0227f04f35af041a5e851c02c12ef912b40486e2532f03c6

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:56 GMT
content-encoding: gzip
cache-control: public, no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 43ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-22249776-4&cid=1840448419.1610341076&jid=1809953400&gjid=975534066&_gid=1897586957.1610341076&_u=IGBAgEABAAAAAE~&z=1533157141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jan 2021 04:57:56 GMT
content-type: text/plain
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
27 B 47ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=679629160&t=pageview&_s=1&dl=https%3A%2F%2Fam970theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=284976498&gjid=550878085&cid=1840448419.1610341076&tid=UA-22249776-3&_gid=1897586957.1610341076&_r=1&_slc=1&z=8505491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
392 B 43ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=679629160&t=pageview&_s=1&dl=https%3A%2F%2Fam970theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=2114445967&gjid=1663221786&cid=1840448419.1610341076&tid=UA-34961268-2&_gid=1897586957.1610341076&_r=1&_slc=1&z=1099838477

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=679629160&t=pageview&_s=1&dl=https%3A%2F%2Fam970theanswer.com%2F&ul=en-us&de=UTF-8&dt=AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1809953400&gjid=975534066&cid=1840448419.1610341076&tid=UA-22249776-4&_gid=1897586957.1610341076&z=691337167

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 03:14:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6190
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
423 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34961268-2&cid=1840448419.1610341076&jid=2114445967&gjid=1663221786&_gid=1897586957.1610341076&_u=IGDAAEABAAAAAG~&z=141095467

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jan 2021 04:57:56 GMT
content-type: text/plain
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
25 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-22249776-3&cid=1840448419.1610341076&jid=284976498&gjid=550878085&_gid=1897586957.1610341076&_u=IGDAAEABAAAAAG~&z=694651442

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jan 2021 04:57:56 GMT
content-type: text/plain
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ts2.js Show response
content.cdn.targetspot.com/content/act/beacon/ 1 KB
807 B 32ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://content.cdn.targetspot.com/content/act/beacon/_ts2.js

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:56 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 15:33:52 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"591dbee0-413"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://content-origin.cdn.targetspot.com/content/act/beacon/_ts2.js>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Mon, 18 Jan 2021 04:57:56 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am970theanswer.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 23:24:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:11:15 GMT
server: sffe
age: 279220
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12192
x-xss-protection: 0
expires: Fri, 07 Jan 2022 23:24:16 GMT

GET
H2 200 pubads_impl_2021010901.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 33ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

a51d2f16c588ccbb50815cd6936b66109c2974809a5c4800ee2e54d2a0d25872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:32:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: salemlivechat.com
URL: https://salemlivechat.com/scripts/invitation.ashx?company=wnymam

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70360
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jan 2022 09:25:16 GMT

GET
H2 200 pinghandler.ashx Show response
salemlivechat.com/handlers/slim/ 47 B
591 B 625ms
625ms Script
text/javascript 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/handlers/slim/pinghandler.ashx?company=wnymam&ecid=FthVB4JIMHZ5LnDNpxhyMYAJg4G0F81z81Y7mN/kg7oGqtdiJ+gWOaQ=&visitorId=undefined&agentAliasId=7972&operatorId=undefined&profileId=182509&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer=
Requested by: Host: salemlivechat.com
URL: https://salemlivechat.com/scripts/invitation.ashx?company=wnymam
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 75e2d4b1b602b4e00badfd2ae44c49df83ec6ffe42efcb47fda60c6e333b6a6a

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-length: 164
cf-request-id: 079167e75d00004a98dc339000000001
x-ua-compatible: IE=edge
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ENZYgALN1uRpkUL9mli4q3XVqcWs7%2FO6i9K3%2FsHfAV%2FbTSak%2Fu6hK8sbXI7gAUmEWeZSVJmZm3UsKokwR%2Bwjmnp3Vw1i4BkuqxsEdraRD6GLjN%2BicYnaRtPXYAOEuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,no-transform
cf-ray: 60fc0f522d114a98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain

GET
H2 200 med_sticker.js Show response
proxy.webwidgets.accuweather.com/js/ 136 KB
45 KB 80ms
24ms Script
application/javascript 2a02:26f0:6c00:280::3926
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.webwidgets.accuweather.com/js/med_sticker.js
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:280::3926 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 24f8ce2b1d1571de4d203ef11ba6d172db1819a35d906f4fd8ab2b0fe90a3f74

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 14:11:39 GMT
server: Kestrel
etag: "1d670b27eef8184"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=76666
request-context: appId=cid-v1:367c9844-1596-4b91-b82c-27d28c925650
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 45482
expires: Tue, 12 Jan 2021 02:15:42 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 33ms
19ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am970theanswer.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 07:38:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 249546
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 08 Jan 2022 07:38:50 GMT

GET
H/1.1

200
OK

/ Show response
nodeeu.targetspot.com/userdata/
Redirect Chain

https://node.targetspot.com/userdata/?callback=tsCookieCallback
https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback

146 B
609 B

163ms
39ms

Script
text/html

31.12.68.105
RUNISO-AS RUNISO ...

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.12.68.105 Begijnendijk, Belgium, ASN44099 (RUNISO-AS RUNISO Autonomous System, FR),
Reverse DNS
Software: / Express
Resource Hash: 1640446ae949260736a11acfe10c18de162aa7dece7f68facf16da535f1ac71b

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 11 Jan 2021 05:03:26 GMT
X-Powered-By: Express
Content-Length: 146
Content-Type: text/html; charset=utf-8

Redirect headers

access-control-allow-origin: *
date: Mon, 11 Jan 2021 04:58:04 GMT
vary: Accept
x-powered-by: Express
content-length: 81
location: //nodeeu.targetspot.com/userdata/?callback=tsCookieCallback
content-type: text/plain

GET
H2 200 iframeLoader.gif
cdn2.aptivada.com/images/ 30 KB
30 KB 107ms
31ms Image
image/gif 13.224.194.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/images/iframeLoader.gif
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-96.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 13:02:28 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Apr 2018 06:54:22 GMT
server: AmazonS3
age: 316529
etag: "5f587297cec677d528a5fb6f7184ff5e"
x-cache: Hit from cloudfront
x-amz-version-id: wWpi.PVolYNt17y93yspJcx5ZO5Tq8hV
cache-control: max-age=15780000, s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/gif
content-length: 30578
x-amz-cf-id: F2mB53ol7RRdkb7_UwgY7ADMbnbgo_qmlR9diEjM-wM2ujfGY691bw==

GET
H2 200 icomoon.woff
cdn.saleminteractivemedia.com/content/icomoon/fonts/ 8 KB
9 KB 85ms
31ms Font
application/octet-stream 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff
Requested by: Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/a2bc1034/site-css/2019nt/ntbase.css?hash=d8eec5e70d65f96867db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3e62f93074782f5a71a8c3a14980158f603197b0e290767da6bebda314c6dd9

Request headers

Origin: https://am970theanswer.com
Referer: https://cdn.saleminteractivemedia.com/dist/a2bc1034/site-css/2019nt/ntbase.css?hash=d8eec5e70d65f96867db
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: BXT3eHS+Vh3oqnwm+wc+Fg==
content-length: 8564
x-ms-lease-status: unlocked
last-modified: Sat, 05 Sep 2020 17:46:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D851C3A9420357
x-hw: 1610341077.dop052.fr8.t,1610341077.cds233.fr8.hn,1610341077.cds148.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8158b8c4-901e-0059-6266-840d05000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=20602820
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am970theanswer.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 08:39:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 245879
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Sat, 08 Jan 2022 08:39:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.2aba2ecc7cde50892823.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f909ec6660bfc8dfe6e8ad64f2ed7ea41bdcaf25ea1dcb6d8e28cc7845475ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RehxJUIoxV7ALqV98iDdoQ==
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Jan 2021 05:09:47 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: aQ1brJ3uGW9IsRnbM/+BvOsGPbm/aHUk4gI1BYf4U9nX2KOsORdltp78AKlkqELYWX8JWmfPMfaBT4V6hhElDA==
x-fb-trip-id: 686109401
x-fb-content-md5: cfbc5957cc0e822ff864ac3835a95f1b
date: Mon, 11 Jan 2021 04:57:57 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "86bd56f2496be5fb74731d8e222a94f3"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 getprogramguideinfo Show response
am970theanswer.com/ 322 B
684 B 229ms
223ms XHR
application/json 2606:4700:20::ac43:5166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://am970theanswer.com/getprogramguideinfo

Requested by

Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.411f7c4a9d2ab74024e4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:5166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38ca9561c4be073745bccf75a06cc35f42cb24d2103491c30c76dc884a0897d

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://*.sim-cms.net http://sdk.listenlive.co 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com;
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
arr-disable-session-affinity: true
cf-request-id: 079167e85a0000c2a969b44000000001
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
referrer-policy: no-referrer-when-downgrade
x-aspnetmvc-version: 5.2
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qqVrwLeKbx%2FchFVUzwxHyD5IaMzGdk%2B9%2BQTi%2B5aWQv85kN6cWMDwOj6wtJhA8fJBxecal7QY5s8jbegf2JOG2jM%2Fj01tt1%2FCcn9PJShSmUwVJhm7lq7P2gKzYKSJyRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
permissions-policy: autoplay 'self'
content-security-policy: default-src https: http://*.sim-cms.net http://sdk.listenlive.co 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com;
cf-ray: 60fc0f53ca71c2a9-FRA

GET
H2 200 template3_logo.png
cdn.saleminteractivemedia.com/shared/images/logos/227/ 17 KB
17 KB 42ms
33ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/logos/227/template3_logo.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f3b8613e37dcb0eb79736d945722a2ae6787a08e3e3125016c78261d1d2bbfc6

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: OfLBZKaCYf/q/gQavl13Og==
x-ms-meta-uploadedby: Hanlon,John
content-length: 17225
x-ms-lease-status: unlocked
last-modified: Mon, 02 Dec 2019 21:04:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7776B32D87A34
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds253.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a43bd401-801e-0002-1982-e30a79000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 header-background-image.png
cdn.saleminteractivemedia.com/227/media/site-assets/ 195 KB
195 KB 42ms
34ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/media/site-assets/header-background-image.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ddfeddf32de34d6de594d032805e8579d267b7f59c28b48b0952e640f1124719

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: IO6rScGm47jEY3jxX4ftCQ==
content-length: 199849
x-ms-lease-status: unlocked
last-modified: Fri, 05 Jul 2019 18:27:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7017663CFE6D7
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds009.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 348e4a68-e01e-0030-23c6-e652a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 play-button.png
cdn.saleminteractivemedia.com/shared/images/ 2 KB
2 KB 54ms
46ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/play-button.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: iK52X5B86FHk7qX9XxbesA==
content-length: 1851
x-ms-lease-status: unlocked
last-modified: Fri, 26 Oct 2018 17:40:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D63B6A1D42BC9E
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds098.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d870b686-401e-0014-7b66-84cbe7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=20602845
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 hero-banner-4.png
cdn.saleminteractivemedia.com/227/content/210121/ 758 KB
758 KB 54ms
46ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/content/210121/hero-banner-4.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d7d42ec263814bb6bb614b2a155051d9466ba01f74e5cab2dd8310fec53936f4

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: Swf730dXe0mE9brChbSz1g==
x-ms-meta-uploadedby: Fusaro,Cara
content-length: 776043
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jul 2020 12:36:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D82984E96F235A
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds215.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8ad48571-601e-0021-50c6-e665b2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 sa21is-web-ad-880x440a.jpg
cdn.saleminteractivemedia.com/199/content/237099/ 87 KB
87 KB 54ms
46ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/content/237099/sa21is-web-ad-880x440a.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3163bdf4cffe251650215729df49011c5525325c4f2e1ca5b02371dc24e38fe4

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: ZsTf9hyi2eHXeooxjMus7w==
x-ms-meta-uploadedby: Schweinsburg,Larry
content-length: 88918
x-ms-lease-status: unlocked
last-modified: Mon, 09 Nov 2020 01:28:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8844EC7853E47
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds239.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f5e4ceba-601e-0047-7658-e3d7e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 regnery-january-2021-the-parasitic-mind-880x440-1-1-2021.jpg
cdn.saleminteractivemedia.com/199/content/239017/ 39 KB
39 KB 497ms
490ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/199/content/239017/regnery-january-2021-the-parasitic-mind-880x440-1-1-2021.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c8c7b595fe507982c8d06c77d4adbbe249d944070439aee32c90944c02b16795

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: wJVvUr9KQ+1x+d1WHhTfkA==
x-ms-meta-uploadedby: Hanlon,John
content-length: 40208
x-ms-lease-status: unlocked
last-modified: Sun, 03 Jan 2021 21:37:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B02FB5BD58C0
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds206.fr8.pr
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 7dc0ee42-f01e-0024-39d6-e791cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 email-subscription-center-880x440.jpg
cdn.saleminteractivemedia.com/245/content/208152/ 58 KB
58 KB 77ms
70ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/208152/email-subscription-center-880x440.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b4e5c8113578cddb15261513cdf05a9d81ece60e3d7157ebb21dbbb7aacb19e7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: gll/7r92mgfKUaltT36qIg==
content-length: 58992
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:36:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B1F7681BC68
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: ccb76445-201e-0026-2760-d99337000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=29945976
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 advertise-on-am-970-the-answer.png
cdn.saleminteractivemedia.com/227/content/228291/ 219 KB
220 KB 104ms
98ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/content/228291/advertise-on-am-970-the-answer.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fd477b02052b11f6cc338c6e73bc0c06100d793cfdd1b20b915826195070e0ee

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: pZ32sIYTA5y6RaQqc+n01Q==
x-ms-meta-uploadedby: Hubbard,Courtney
content-length: 224683
x-ms-lease-status: unlocked
last-modified: Tue, 14 Apr 2020 20:23:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7E0B1A3072BAA
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds237.fr8.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0aea633a-b01e-004e-6dad-e5cd66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 albeercast-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 44 KB
45 KB 108ms
102ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/albeercast-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3bfbb9588367f99a6e5bb0a6c8d81182fea3654b774b869eb08be005325b833e

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: 9rAHsqAP/aASMoqKPTkzlQ==
content-length: 45391
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:42:25 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B204674A36A
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds141.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: a64f3125-301e-0039-7d72-e74827000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31493321
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 gillederman-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 15 KB
15 KB 110ms
103ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/gillederman-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c12e65f2fbf85caa31c92ffb932da9f16ed8ccd9eeb123d575f91508d26c756d

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: 3FtHwkL7RJjRYEIkStD1Iw==
content-length: 15420
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:42:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B2051D913C4
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds056.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 44527ca6-a01e-0051-4e52-e11676000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=30819575
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 hugh-hewitt-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 15 KB
15 KB 110ms
103ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/hugh-hewitt-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31c23b6201161dea3af2e166fc8d2f5bcaa8a12bc92275b2ebff52469af260c8

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: 5SmBZnRmA+R1L/XE4O+V6A==
content-length: 15534
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:42:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B2055468763
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds097.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 3c4186e4-501e-0000-0bdf-b80883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=26372110
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-constitution-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/239153/ 148 KB
148 KB 110ms
104ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/239153/2-constitution-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1609e7137db464ab406caa137fabf256f5f7d17ac977318eb48113458795e4d7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: v0tckdkTkkhrxuCzfW7c2w==
x-ms-meta-uploadedby: Hanlon,John
content-length: 151477
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jan 2021 14:06:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B3156E67B8D7
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds065.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 92dd71dd-501e-0000-220a-e50883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-ballot-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/239107/ 19 KB
19 KB 111ms
106ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/239107/2-ballot-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 69e89dac634ee2bd84fcc4e3e29457ae0c2d9e8db08bec998c579038913ef58d

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: kxuOCSoVPh12qjK3KJU2tg==
x-ms-meta-uploadedby: Hanlon,John
content-length: 18950
x-ms-lease-status: unlocked
last-modified: Wed, 06 Jan 2021 14:25:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B24EF6346592
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 6f959d0e-d01e-0033-6f24-e551ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 a8b6af2e-2ce0-45dc-b887-f6ebc75364eb.jpg
media.townhall.com/townhall/reu/ha/2021/6/ 26 KB
27 KB 87ms
30ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2021/6/a8b6af2e-2ce0-45dc-b887-f6ebc75364eb.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 269e52922b0515a3c05a139f32262c4259085b4d0d88488cc102712449a7462e

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "c66438f37cd23564f875af9287c19eaf841e7717"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 26954
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1610341077.dop011.fr8.t,1610341077.cds290.fr8.hn,1610341077.cds006.fr8.c

GET
H2 200 767354a1-39b1-4844-a9f2-4b638b1450d8.jpg
media.townhall.com/townhall/reu/ha/2018/285/ 50 KB
50 KB 140ms
83ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2018/285/767354a1-39b1-4844-a9f2-4b638b1450d8.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 137b2c048fbf48116d55b15729ff72b10e2667ff3a96d6614dcd80f8b196db3a

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "29eebbb241660699a0ef27f90cde33f24098f845"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 50942
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1610341077.dop011.fr8.t,1610341077.cds290.fr8.hn,1610341077.cds287.fr8.c

GET
H2 200 94a5a3c6-6b7c-46fa-b8e1-256f69bc36aa.jpg
media.townhall.com/townhall/reu/ha/2015/217/ 63 KB
63 KB 87ms
30ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2015/217/94a5a3c6-6b7c-46fa-b8e1-256f69bc36aa.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7e5485f0567752fb5533f3841d73acf90c4281425167abfaf065539f8fbaae3b

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "d64ad787a9b492a9e1a3dc259edab5258abe8c7a"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 64805
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1610341077.dop011.fr8.t,1610341077.cds290.fr8.hn,1610341077.cds246.fr8.c

GET
H2 200 8180bc36-c706-4c0d-a9b2-2528d23778e6.jpg
media.townhall.com/townhall/reu/ha/2015/236/ 42 KB
42 KB 152ms
95ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2015/236/8180bc36-c706-4c0d-a9b2-2528d23778e6.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 407a11ac92c4bb6548215574c3ac2ef664fc13c6126f3875e5727634a75e4755

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
server: nginx/1.10.3 (Ubuntu)
x-img: thmbor3
etag: "f257cf7e28cb86c541c8291046c88e2693b5d61d"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 42548
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1610341077.dop011.fr8.t,1610341077.cds290.fr8.hn,1610341077.cds283.fr8.c

GET
H2 200 2-white-house-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/239158/ 127 KB
127 KB 111ms
106ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/239158/2-white-house-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0de215f2741f0100c900c32e0e48dcfb9953ebc77fe8384a7b3bda43bee0e236

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: 1hM2tyeaB9av+lmSLDIUHQ==
x-ms-meta-uploadedby: Hanlon,John
content-length: 130063
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jan 2021 15:35:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B321CD95FB29
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds279.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: ba91e153-e01e-0056-1424-e5e0f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-christmas-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/238823/ 143 KB
144 KB 111ms
106ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/238823/2-christmas-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 36f7bc45b3669bd1f422cb7b8bd170b012fcd54e2f6e0dd02000ca3427a66013

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: K4M/Uy5GUDzdE4wjzhuNDA==
x-ms-meta-uploadedby: Hanlon,John
content-length: 146725
x-ms-lease-status: unlocked
last-modified: Wed, 23 Dec 2020 21:37:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8A78AE7517F1D
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds273.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c8029fba-b01e-004e-5701-e3cd66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-hollywood-boulevard-sign-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/238289/ 74 KB
74 KB 113ms
108ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/238289/2-hollywood-boulevard-sign-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f1b85d872126c373a65a516d8b63ecc29844e882b36f7e7e05e9e5c404fcb7b

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: pB5stixcnGf73+X3oAc8Ag==
x-ms-meta-uploadedby: Hanlon,John
content-length: 75297
x-ms-lease-status: unlocked
last-modified: Wed, 09 Dec 2020 13:53:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D89C49BF683493
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds054.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: dc8a3e7d-701e-0058-45b5-e60cf8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2-movie-review-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/238006/ 65 KB
65 KB 113ms
109ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/245/content/238006/2-movie-review-1000x500.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 82f4ddfef0c05aeaeecbef480ab52c138a5ad7886381dd9b59fc9c7b5c24d56f

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: K5jzR6TMA+HDU0GkRghzSw==
x-ms-meta-uploadedby: Hanlon,John
content-length: 66165
x-ms-lease-status: unlocked
last-modified: Wed, 02 Dec 2020 01:46:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D89664124CFD12
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds125.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e190407c-b01e-0045-2623-e4d512000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 larry-elder-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 19 KB
19 KB 114ms
110ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/larry-elder-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98319c9ed052f4da52858ecb50f0cc14cfc17723e201622d8b1a4b980c39e26f

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: e41Ujyb7QDjwDo4sv4wQHw==
content-length: 19678
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:42:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B205A4DC365
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds008.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 28c4ebcf-301e-0039-0b7d-a04827000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=23691510
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 dennis-prager-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 16 KB
16 KB 114ms
110ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/dennis-prager-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d2899ee5911819e5cb12ed2781f70080f05b1685ab7b022af8573d3c2c97c00a

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: pHspqKAlTdUjyzb0KQKmBw==
content-length: 16080
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:42:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B204E39122C
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds283.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4cd95f00-201e-0040-2e23-dd216d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=30359819
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 mike-gallagher-400x300.jpg
cdn.saleminteractivemedia.com/227/host/ 12 KB
12 KB 115ms
110ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/227/host/mike-gallagher-400x300.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0920925a83912a4b2cad8fd6b5e7dc7a2f1a2d6b2051aa3a5a95810daf2aed5d

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Jan 2021 04:57:57 GMT
content-md5: 8M1K152SqVR64jiEXCS5Ew==
content-length: 12520
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 15:43:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B205BB5E86D
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds120.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e4a5c6a5-f01e-002f-2fbf-8d89b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=21630619
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ping
pulse-sim.salemwebnetwork.com/ 0
85 B 390ms
115ms Image
text/plain 165.227.72.15
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pulse-sim.salemwebnetwork.com/ping?h=am970theanswer.com&p=%2F&u=123fc14c-caaa-461a-9e00-05cb3d96a15d&t=AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY&c=0.01
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.227.72.15 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 info.php
aptivada.com/promo/ Frame C644 0
0 665ms
261ms Document
text/html 52.89.201.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/info.php?widget_id=656&widget_type=widget&app_type=&environment=external
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.201.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-201-114.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: aptivada.com
:scheme: https
:path: /promo/info.php?widget_id=656&widget_type=widget&app_type=&environment=external
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-type: text/html; charset=UTF-8
content-length: 708
server: Apache
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
1 KB 614ms
367ms Script
text/javascript 52.207.161.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fam970theanswer.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-161-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 4e2dbd25321cf20a1e173c364a7e2d5f7193e8f10c7f3e074d9cde5087ec7dae

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 897
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 jpx.js Show response
cdn.justpremium.com/js/v2.50.375/ 281 KB
66 KB 314ms
33ms Script
text/javascript 13.224.194.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112422
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2deea221118e199cc8a8ffffa78dcec65f1563fdaeb3b3c6d4da483836d221d

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 01:24:40 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 14:17:56 GMT
server: AmazonS3
age: 963198
etag: W/"a4a9b94f50ddc53ab7d43b9d1dc56f83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: yB-J_WmY_5yoM3QxS_6SKuzGr0p4MTCGfYk0KFuUWmQSK6zQCOqZHw==

GET
H2 200 sync
pre.ads.justpremium.com/v/1.0/t/ Frame F943 0
0 37ms
29ms Document
text/html 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112422
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate
set-cookie: OX_u=; max-age=-1610341077.175; expires=Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure; jpxumaster=r-39472f00-e1be-4993-8485-52d690bafa15-35440-605429020; max-age=2592000; expires=Wed Feb 10 2021 04:57:57 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure;

GET
H2 200 / Show response
us.ads.justpremium.com/adserve/client/ 9 KB
3 KB 73ms
72ms XHR
application/json 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/client/?zone=112422&debug=1&ru=https%253A%252F%252Fam970theanswer.com%252F&sw=1600&sh=1200&ww=1600&wh=1200&ui=r-d98cde0b-0294-455b-bd00-16edfb41eb28-51702-528308647&tt=1610341077151&rid=r-c555452b-5541-4687-9386-eddcd938336c-51702-528271432&eu=0&cs=
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112422
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8d7cb9364f2685982549fcef9525ca8ef4be0aee6c42c940ccc7d4b4f1127913

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://am970theanswer.com
date: Mon, 11 Jan 2021 04:57:57 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ 43 B
332 B 125ms
26ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-c555452b-5541-4687-9386-eddcd938336c-51702-528271432&sid=r-68a0d317-97e7-425b-8b8a-4cc326c53f12-51702-528288643&uid=r-d98cde0b-0294-455b-bd00-16edfb41eb28-51702-528308647&vr=v2.50.375&ru=https%3A%2F%2Fam970theanswer.com%2F&tt=1610341077148&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=3665130547&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=112422&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22NO_DATA%22%2C%22riskHref%22%3A%5B%5D%2C%22content%22%3A%5B%22IAB_NEWS%22%5D%7D%7D&ty=ta
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:57:57 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am970theanswer.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:17:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 304844
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:17:13 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://am970theanswer.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 03:59:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:13 GMT
server: sffe
age: 262703
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Sat, 08 Jan 2022 03:59:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3FdngUzepwCZUF1SFhmwEvl5ilv4GUeaXGUXfZs0dBl6kf2dbnfI4JElkhCwuvbY9mrPEiyyu5WYaambaQz30Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Jan 2021 04:57:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bubble.png
salemlivechat.com//themes/skinnable/invitation/ Frame B5E4 606 B
1 KB 10ms
9ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://salemlivechat.com//themes/skinnable/invitation/bubble.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3294
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
content-length: 606
cf-request-id: 079167e8e700004a9811bdd000000001
x-ua-compatible: IE=edge
last-modified: Thu, 07 Jan 2021 18:01:18 GMT
server: cloudflare
etag: "02bfd181fe5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DWY9XwjJe3xi2SmFYCLQiF1Gp0TuACYhoN8fvW2ombIhgFkhgqWv9OTIG4IaOWQpqa3gVJSf8ZSh2GFmXawYONdD%2FVJspbPesJ6LOO0bBFdwrnEq%2B9hToQvN%2Bsgi%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 60fc0f54af444a98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain

GET
H2 200 playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 9EB7 0
0 49ms
49ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c829b6e6-a01e-005a-2e01-e30e02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 6FE6 0
0 48ms
48ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c829b6e6-a01e-005a-2e01-e30e02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 8EE4 0
0 47ms
47ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c829b6e6-a01e-005a-2e01-e30e02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds273.fr8.c

GET
H2 200 playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame EB72 0
0 46ms
46ms Document
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

:method: GET
:authority: cdn.saleminteractivemedia.com
:scheme: https
:path: /shared/images/playbuttonwhite.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-length: 692
content-type: image/svg+xml
last-modified: Mon, 10 Dec 2018 18:13:54 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
etag: 0x8D65ECB3EEA4474
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c829b6e6-a01e-005a-2e01-e30e02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-hw: 1610341077.dop126.fr8.t,1610341077.cds241.fr8.hn,1610341077.cds273.fr8.c

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
803 B 68ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=am970theanswer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=am970theanswer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 185 KB
23 KB 157ms
125ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2186038644462499&correlator=1060749774204915&output=ldjh&impl=fifs&eid=21067994%2C21068773%2C21069772%2C21068031&vrg=2021010901&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210111&iu_parts=6177%2Cslm.wnym%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x150%2C1200x150%2C300x300%7C450x450%2C880x110%7C1200x150%2C300x600%7C450x900%2C300x300%7C450x450%2C1200x150&prev_scp=pos%3Dskyline%7Cpos%3Dtopfeature%7Cpos%3Dtopbox%7Cpos%3Dmiddlefeature%7Cpos%3Dmiddlebox%7Cpos%3Dbottombox%7Cpos%3Dfooter&cookie_enabled=1&bc=31&abxe=1&lmt=1610341077&dt=1610341077323&dlt=1610341071695&idt=5593&frm=20&biw=1600&bih=1200&oid=3&adxs=200%2C200%2C200%2C520%2C1100%2C1100%2C200&adys=384%2C704%2C1159%2C3087%2C3087%2C3167%2C4800&adks=634455754%2C634455755%2C2226394773%2C352690582%2C1936328904%2C2226394774%2C634455744&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fam970theanswer.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0%7C1200x0%7C300x-1%7C880x0%7C300x-1%7C300x-1%7C1200x0&msz=1200x150%7C1200x150%7C300x-1%7C880x110%7C300x-1%7C300x-1%7C1200x150&ga_vid=1840448419.1610341076&ga_sid=1610341077&ga_hid=679629160&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

ef0e06cfc326e5f1558d7a17f574779da1c2e857d0fc1e0d678850b6b1fce04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23118
x-xss-protection: 0
google-lineitem-id: 5516801958,5553239477,5533395276,5506583660,5533395276,5532735024,5339568644
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138327770229,138332838570,138330475981,138326950678,138330060542,138330359599,138307702775
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 78ms
13ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
951 B 108ms
79ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

5321fdfa005f060031a9ce7f2b6c2f4641b56dbdc9ced6e8bbf0a75b7b866303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://am970theanswer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET search.json
proxy.webwidgets.accuweather.com/api/proxy/list/locations/v1/ 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=549d5c3da907ca84e786acc41b6a1cc9&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

285a9c87e53e17b57fcb153c5f17d8f6ca19e3c7141efa288873e519b8f2f9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://am970theanswer.com
Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ptvxmkhf2uC2Rv0EpB2kig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60131
x-fb-rlafr: 0
x-fb-debug: i4gxM1OI3NLPbnrmZWWlZQKZ+98hHdBSp5JQXcDLIZjHC4rx42FpwENP6eDLgTclEluL8IETwa9wJqmUIwt3ng==
x-fb-trip-id: 686109401
x-fb-content-md5: 1506d09f25e51c5c2e16a14f98d83028
x-frame-options: DENY
date: Mon, 11 Jan 2021 04:57:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5ff4412578f995a2e6760a92cacc9e2d"
timing-allow-origin: *
expires: Tue, 11 Jan 2022 03:24:52 GMT

GET
H2 200 122231121802269 Show response
connect.facebook.net/signals/config/ 240 KB
70 KB 91ms
89ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/122231121802269?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06bd8d3a89165302227065f7684632d89eea20b190e20e49ef7ca2072bb0e6a0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: a34ioxv+t/bELtBKWrQWIFP5vdSe1EYA9F77KT8euFWMrH/mbawQrJzCGwYVYvLBjm3BvZDMXSEEzAFopvlPFA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Jan 2021 04:57:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1113011653
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEE8 0
0 90ms
89ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteEEirz5GzVLmCmevkKOFlq4qbbYBCxH9_4MAy0FJtn3y1WycgQDLSl2QWI_nBugM0cL_o6sWQ68YMABTt3GEeljuFSoQUALlnM60L7F3o8uXv3wWmkjEyDNKh-VFT2u7-lBo7MTb4UTLal0PC2Y0OE901Ja6UJytLPLy9PhJKnN--Wc0ca5jQJisTYQ1n0yLKgbS1ayvBqXG8WauwWRK8W4V9szp2lH5ORrKgfdHwyjTPhtvqT7QNJaqgrkJfI3yPDDDLSM8QrQ&sai=AMfl-YTszhKi7nH7M8o255F0axOjxWWDyyRq4sQSfYa1_4mK_t-eVkKGa_fFJtUe5ylday9vmjnrtv4aBl6FZisES8HvCIxVirXSi4RJAZu30UdaKktlpfa46DaShi0r6eWl&sig=Cg0ArKJSzPTshrisxEYUEAE&adurl=

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame AEE8 18 KB
7 KB 91ms
75ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 12:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:13:15 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame AEE8 3 KB
2 KB 91ms
75ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 09:26:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEE8 104 KB
32 KB 88ms
66ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AEE8 0
0 49ms
26ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQ3OOHO_v2H0cKzHh7JAstBWPxKdHamjtNU_p-R460Ts-vnA6zuwfdJs0pLMIvY8c5Y1QM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14562807490649246073
tpc.googlesyndication.com/simgad/ Frame AEE8 31 KB
31 KB 112ms
96ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14562807490649246073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02348dd7b8bda6f620c2f691b91887421fcc99047e0871d3c70290b3dbaaa07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 18:47:02 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31232
x-xss-protection: 0
expires: Tue, 11 Jan 2022 04:57:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87C1 0
0 85ms
84ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyeruffTyf3v_v-qvCpo2lml3anGKDlnMvs2Q8XxDW1lYtvPNaqteKMvQC823xbUcZ-7A_2sD55NRqVq2CQ5kMMm71d3PzllWFTl6OCLRzqqUrhoNmdcwAcG3rwNzRnZ1YMQ0jhW3oFmkpqRWcPgess4e1kTsRMbsVIt9Dn2YOzQ0At171uS4JVe5Pz-9btSqwm9v7rgpP1zcnEOJQDeodFDO-UKGJGJUss_3fsHX8HEK2jAW_GE5NqQGYgqixRSS9OmTQ-NOFYA&sai=AMfl-YTV3CgaNznpJ0LiUObfCbZiuSGTfPJrSrDqN2QhYOT_ZsaPDIpoo-yptr_BXroLCG0DN5m98gUXwq89p1djMfwbIkHOyhVSM1qg-qvUMqkdyB9qGFV9HunPwfYK83Gm&sig=Cg0ArKJSzHbPwonZqJJNEAE&adurl=

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 87C1 18 KB
7 KB 85ms
76ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 12:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:13:15 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 87C1 3 KB
1 KB 86ms
76ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 09:26:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87C1 104 KB
32 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87C1 0
0 86ms
70ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMixJAMigtcCxZvZCVk22Cbs7q-lcrZ_0jusJx1xBN1GkAh-h8qU5zeypXIlBSf9qHpnjY
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 6673233808390632654
tpc.googlesyndication.com/simgad/ Frame 87C1 38 KB
38 KB 88ms
79ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6673233808390632654

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b756e74c6319250286f99bf0ddb5d73df3354bce2924afd73ff203fb15fbb0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 18:39:20 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38543
x-xss-protection: 0
expires: Tue, 11 Jan 2022 04:57:57 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
27ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D31D 0
0 34ms
34ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0jdkD6H_6kBDofyyy7G0M_CKePCGn29HbZOcuUYHz8Sc0hvSNtSRR0y7r0CmMY9uDHnsN5-SsCU8rO3JX2aJF-V9li1Ch-4XedU9bHMveZC0VOsw2faBTggiIB9qDFUun-S0zBECNVvBGic9R4eFXFs6dkI4IAFI3-FkVC4XDUd37PGAfWPVNTiLXSShfp2lVHhAUdJ4buPn1VbBVsoZyTGdvi_vVGkr1phlDls5e0FvUR3gtEuJfe8W9YoMGSjdRc0BQ9gbRHw&sai=AMfl-YRsJx67qEQwIraoXJTktdN0MXNMGP4HOyFlUMFQat0Vm189axjSKu0cOpXfuj2_nZJTdetXzfKpiQ-twcaFi4HjFSh29WSjoh3MPgzMcBjjGFW_SpfYR48zGYR5cfrS&sig=Cg0ArKJSzPKPIaybqqQ6EAE&adurl=

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame D31D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 12:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:13:15 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame D31D 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 09:26:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D31D 104 KB
32 KB 88ms
71ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D31D 0
0 37ms
20ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA8u6myigt1UZ3ebUK637kug6HqLjK3rNe1kgmMwUKGlhe4KyKB8LSkS8exDUxC05oEqrr
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 12094116824218205830
tpc.googlesyndication.com/simgad/ Frame D31D 233 KB
233 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12094116824218205830

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

825078eca5f55e6a5bc595d66431fcb25540c52def7076141ee27b1030c2434f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 11:18:49 GMT
x-content-type-options: nosniff
age: 63548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238580
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 11:53:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jan 2022 11:18:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 323F 0
0 83ms
79ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstHhUme0Fe3Rt1AEWSRYFBa4rTdb-qvEQnQbNYYFt3_PpC74yIGVUjCPghuFM_3qa9EVJbVYOTIGg24tWnZH8_bsYNkajZQAMAcdkZQvvRqgoNNmpH-9hMheE_R0m_WwAidhvCm938TJ9FckRuHb8fW672dHM46eFf1Teg8skSuM_BTQmmlo1kaKdHD6UKVO_tr21QlqgfW-Cojh8npLtO-ucQzxaMWen62Ob2aFSaZKOC_DyfQo60xCmM8nufAwpmxxWDMPQ_cg&sai=AMfl-YTgqcuzpmQO5kfMpNyhu8_L_GzkOIp1KXqOJ0nt9KY8_i-Uzkoh3jj5vTzY6W75PiOylbLI1PtQ7Z1f5uLiOLfeU5sNi5qvRHGchEbpypWXFb76e8K8idwWBHtgwUzf&sig=Cg0ArKJSzCPFAuDQzHJVEAE&adurl=

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 323F 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 12:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:13:15 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 323F 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 09:26:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 323F 104 KB
32 KB 81ms
72ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 200 5489547610634304564
tpc.googlesyndication.com/simgad/ Frame 323F 186 KB
186 KB 189ms
185ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5489547610634304564

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2a7ed9be28912788c9dd1fc20284221e7380efec539100b8d22a928b0f8b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Oct 2020 21:18:38 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189997
x-xss-protection: 0
expires: Tue, 11 Jan 2022 04:57:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AB1 0
0 76ms
72ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc2nG4zhOdfIsiPzDqts_GPI5IRywXE3s0Rhb0exurwJq1pwkXTBHdxv0XmMmHdiEnxr4kvHr2oGvTKjM8eHq_rtpcRdboFJRFm-lq1QusCvpB-jLQOBWicM4JLNwjoL7JRKwiWUXjkDivV5YPrgnKZYGcoplxy4rBRW2uiVLbYqTH5ZBBz1KST09Ler-19dd-pUqbsPPEQa1FZXNyfv5l30pMDyNx95aua6y-5OvbpU2ZpgLrwWi5oG5ynBUXYcQkwqVEXy0wMQ&sai=AMfl-YQHeYLcRgjgaZGTcncbarPhnoJoJrQkqbMtxH2FbOQXn2dCluanIRev320dBSpA2SNLBWrQKUd_UudFCLkJnW7tLurQbzEe-NIrsKQzcs_7iUvEPveJoJb12qREHSKW&sig=Cg0ArKJSzLShHlnI6sk7EAE&adurl=

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 6AB1 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 12:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 12:13:15 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 6AB1 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jan 2021 09:26:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AB1 104 KB
32 KB 74ms
71ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:57 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6AB1 0
0 22ms
18ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZOhKblvzpJ1qNPDpfOr-d4Wf-v13cFa5p1lB7yxmyelPjXfSOSYJ14M2NP4UMhgFnT0LJ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 18230172022952743128
tpc.googlesyndication.com/simgad/ Frame 6AB1 362 KB
362 KB 76ms
72ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18230172022952743128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b25ba2d42feb7ea0dae5c545937eecc37df2d2e2ee8d401866db0944905d9ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 11:54:12 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371076
x-xss-protection: 0
expires: Tue, 11 Jan 2022 04:57:57 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2F44 0
0 7ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 10 Jan 2021 19:09:50 GMT
expires: Mon, 10 Jan 2022 19:09:50 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 35287
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 preview.css
aptivada.com/promo/assets/css/ 8 KB
2 KB 200ms
199ms Stylesheet
text/css 52.89.201.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/assets/css/preview.css
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.201.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-201-114.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: ad0b39f390b09b089dcb7984459f325332e6731c8cbdf5ca2be2900c6537038e

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:57 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 19:49:25 GMT
server: Apache
etag: "1f5a-5b868da791be6-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1639

GET
H2 404 907580
campaign.aptivada.com/proform/ Frame E84D 0
0 193ms
193ms Document
text/html 65.9.7.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/proform/907580?js=true&parent=https%3A%2F%2Fam970theanswer.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: campaign.aptivada.com
:scheme: https
:path: /proform/907580?js=true&parent=https%3A%2F%2Fam970theanswer.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

content-type: text/html; charset=UTF-8
content-length: 790
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Dec 2020 22:23:49 GMT
x-amz-version-id: T2QbWY7RRI8ExDNmdnByv25PObprqzGQ
etag: "fad202cddbbe148e22362e5fdba0c391"
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-key: proform/907580
date: Mon, 11 Jan 2021 04:57:57 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jIiYXfeVHYI2MYxdYu30rzwGsF5NlABEUCgIHnZdeQO_lbOIN02xtA==

GET
H2 200 602934142_proform_907558_mobile_1607109057.jpg
cdn2.aptivada.com/files/app_graphics/ 51 KB
52 KB 71ms
69ms Image
image/jpeg 13.224.194.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/602934142_proform_907558_mobile_1607109057.jpg
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-96.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c24621b5df0ed8401204e2d81db2bf63294561152936abc2b1bbc376c98a959

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: XiVC18nk5hy3o6QYpDm5TAmr4JzYRFXd
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 19:10:58 GMT
server: AmazonS3
age: 51443
etag: "e0d16e14e1fef1cb0b53ec9e2d9fcb6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sun, 10 Jan 2021 14:40:35 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 52495
x-amz-cf-id: GSYd-XruQ3woIQzPruOc2wxZP0ToOUU-RPcr_aA4g4o2J8MQBn7sPA==

GET
DATA 200
OK truncated
/ Frame AEE8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7067667801b5064646b0a9c8bad5dd7370badc29cea00360805d3aca3eeacdac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 87C1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 498dfcf1b0f8cbcedcfa96d273bb31d499064b0ec99aaa6a641d9c629569ae3b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D31D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d11fb9f89a399776bd1a97352774bba8782a899add8fa56df65c798c655cb8bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 323F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c65770216e554e3134f6b622009959d01b7696463f1f1f4d3f8faf806c85e84b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6AB1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2000f0f267b88ea23eec902de021f9840fdc248cfce18ae796ec68d1941d8a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEE8 0
0 34ms
33ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupnzciimNM2p2Z9HTp5Ufsu3M2IrsvVrrTHP41so2znQeM5iaABuh65m99VqyDkq-GmK8SkdhkkkK5GakBr3_8HrKMt-DsQctPTw2GG7Sd-YE34dvtH93vD6lQqLHSoB8sDd3wh_dlKvycr3bKYJfSW93npuFwADO9f5fSx0PL34z3gVGrNoPFMomjYwWS83KjFWfec-16MGkHEjLYX0SjD6VCDMSGzPpRAnxpP4-iLnrOcsK18KZB9hVkenOF2BJSeFOzYIsPJxmR&sai=AMfl-YQcXh2KwQSoVz-JMy3M1a4URZQc6HD4--yUs4pGXzJFdLHgyWuI1jK3Ph_5InNCDTR83g3DgqGVfR0TJ_HVIy6-KOpJbjA-pBq1r58ayuVE6TvhMsjmfykIo-uLRC1M&sig=Cg0ArKJSzDmmobM78BwJEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87C1 0
0 35ms
35ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0eR0oJ7d8O1byHkR53zxcG80J4KTsD53-_ZKh_FRTCMQ2J7EBFqswbX8t5HokK5PiIDCkj4arzsDRpl-US1uNK4D_p20tj7cpal03tKhuSKJwDXYYKUjA3Li4POakwKDi6x6QbtkhSUqYU13Rbv9X5OQni4dU3j8vQm09OXdita7a3MG0cDjgk0OoJLPWOPFEX4oRIjrnnSvkR0SUA-spfjGVY9jrSthXhMQzSfehitgqieUnYSZn1YJF7MIyqFC-bDf3javcNuU8&sai=AMfl-YQBhpV6kLtJZ5LL59daKXkf-CB1OhCgK1_AMiw4YqNkaJowZxTapXnfHG58wREhL0d6n_JWJ0Tn931ui-3dTHvvttQQy_pZxQyvsQuuKEubySFUqepEY1COkgPhNI46&sig=Cg0ArKJSzHkgwti6gXZEEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H2 200 390961805259193 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390961805259193?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13f644ae0639b623ff4f48d782f1a8971db065c786914d8ca048d09e87907b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70517
x-fb-rlafr: 0
x-ua-compatible: IE=edge
pragma: private
x-fb-debug: aZTlg2kE0u55Dhhz6rtP+4OHZA60hGajKKGMXSh17s+yZX73K3AYlzbn9GMrqA/21dqistzJysj9Nwfbg7rbCQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 11 Jan 2021 04:57:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: private
x-content-id: 920688265
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 21ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=122231121802269&ev=PageView&dl=https%3A%2F%2Fam970theanswer.com%2F&rl=&if=false&ts=1610341078165&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1610341078163.976896760&it=1610341077527&coo=false&rqm=GET

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 115ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=15406
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:58 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39660
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 128ms
123ms Image
image/gif 52.207.161.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=13229&ntv_pl=1119713
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-161-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 127ms
122ms Image
image/gif 52.207.161.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=5e8ae9da-ba97-4f29-8b91-67d56d185cb5&ntv_fl=5j6K0SrXS9BkMDZOoNh3coAJxT1sSeq-uEVT_m1NrfRk9I_ybUevOdcZPf31VpOS1NJ3DEG5jqgRt0FN7dDQG4xjH1VnSOeNBGz2KkMCfuc=&ntv_ht=1dr7XwA&ntv_at=303,302&ntv_a=AAAAAAAAAA5BURA&ord=1610341078170&ntv_dpl=1041,1009,1011,1028,1029,1001,1034,1050,1003,1019,1007&ntv_it
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-161-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 128ms
123ms Image
image/gif 52.207.161.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=b0a64675-5e4f-4d76-8d35-9e4a68c77e91&ntv_fl=5j6K0SrXS9BkMDZOoNh3coAJxT1sSeq-uEVT_m1NrfRk9I_ybUevOdcZPf31VpOS1NJ3DEG5jqgRt0FN7dDQG4xjH1VnSOeNBGz2KkMCfuc=&ntv_ht=1dr7XwA&ntv_at=303&ntv_a=AAAAAAAAAA4RURA&ord=1610341078173&ntv_dpl=1041,1009,1011,1028,1029,1001,1034,1050,1003,1019,1007&ntv_it
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-161-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame B3D1 43 B
332 B 29ms
26ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-c555452b-5541-4687-9386-eddcd938336c-51702-528271432&sid=r-2c63ede3-b40d-417e-b44c-fd691abe4712-44156-513412753&uid=r-e5d60761-fc14-4654-a788-2d78dfad7c4c-44156-513430933&vr=v2.50.375&ru=https%3A%2F%2Fam970theanswer.com%2F&tt=1610341078183&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=attk6bh1610341078183&et=&aid=427900,427900,427900,427900,419815,419815,419815,419814,419814,419814,419813,419813,419813,419811,419811,419811&said=1144374,1135142,1124959,1124960,1089126,1089127,1089128,1089122,1089123,1089124,1089118,1089119,1089120,1089110,1089111,1089112&ei=430439%2C22407669%2C146753%2C20659642%2C22369165%2C20254628%2C430432%2C22369164%2C20254627%2C430429%2C22369163%2C20254626%2C430427%2C22369161%2C20254624%2C430430&fc=hv,hv,hv,hv,pd,pd,pd,ca,ca,ca,pu,pu,pu,sa,sa,sa&sp=39,1,24,32,1,32,39,1,32,39,1,32,39,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112422&dr=1032&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A6320%7D&ty=ex
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:57:58 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

POST
H2 200 / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ 2 B
382 B 171ms
169ms XHR
application/json 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1610341078187
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://am970theanswer.com
date: Mon, 11 Jan 2021 04:57:58 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D31D 0
0 35ms
34ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsun_bm0Rco0RqwRozzyewwKPtXch39lg1CkrbU4YaPf0VHIRzpZLpYraiKmZqSWNOXNc0TP9gdweswezTp4aqGzFzgTgtiAeTekB9eJiz9sCjsgezhW4R1TCerG_zAVyZRXdE07m_rjeYVPuS_y0EqnbBoKfO6YbVgE8WmTlZ3Tl90OvayjOUN1cVCI6ROjBRykaiUT99Vsu1mPMF2Vi_dmN7rxchyK81orphaCxLYb9-OWA_33t0qKn4dSSno9cOUY3FJq_hKQyddK&sai=AMfl-YRKUQ1vW9cI3GfTqNaoALim2MRKZYebyhHWS6kKh66Hrhrt8nzC_qd_6N2CbzYeZBRQdRGp37Zo-6fGJUiZCvxOWU4TtcTE70MfYtpCqK4TDqLPdLpPtutrXl02pkkC&sig=Cg0ArKJSzJQ--QcNe1p4EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 323F 0
0 35ms
34ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLGHivwIib3hvHsiJ4gyq8X6P4n6lXC5vQ0HSgpCnKspthGisKBNCqtSNNak7x2IxzET85iozNKxWStIktYFaSzjpTieSlEOaqlfgCvU5utBWTUGVjgyjxKt9D6WJS9R-yiqj9bwNVbXmvkn2eUTh3b--NhvFRcnXg_oBX3gsU1Gwm3RjG-SReu9YDavkK5M9OmYlwx2qsm1qcBooOljMae9CjT2xHWk4TSOlEckrPlAkp-0Gx1FZcrvzhMv6hqZGaqvUZ8JWACPJW&sai=AMfl-YTKoVEai1TOv7BjfwSuvtqa-maZoAoCzAA5A4fffxOR8BhHDlkchBRbaW1d6mTc1XG5H_w5s11mG8KCstFKi5oqiV26gbDURV3T0i7aa_QXXRr8HhQu3shlCBWSJISK&sig=Cg0ArKJSzC3K2s94tJ0kEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AB1 0
0 34ms
34ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH-3lp97eGSUkzBEPjht2xo3v1sbEfzO-raBaNHapbpWNpH7EjAZZh7iGa_RbVwMfuklsutUhzcvpHTkkyryzqCA1b_GnWgPeyidjjPZW8PXeKRquauBn6q8C1VjVxohJAPZecT94syWDJwMVypf4RNGsgcQAJV73mDhp4FtNQuYZrPfSrxefdUZ5hwXs-CCA_NvN2DzlBhugvUfwTgNsrO5XKT04wZwI_49TlLdASP9oxFOUEEt7CT8XQ1wl_Lkz31V5eGE3eIvPg&sai=AMfl-YQ3n1Q1WpaYI1dtA8VJmGBusxMajvzSSRWEC_D0gDT-QxiGsTvAFRhkV2CRXjuv10Fj-V3KawUIsuoBTbMpaS9pA66BYQteBEcZda9ho_n-PQs14InqLR5zU--qbaoz&sig=Cg0ArKJSzKZev6zCYKT6EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame B3D1 43 B
332 B 28ms
27ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-c555452b-5541-4687-9386-eddcd938336c-51702-528271432&sid=r-2c63ede3-b40d-417e-b44c-fd691abe4712-44156-513412753&uid=r-e5d60761-fc14-4654-a788-2d78dfad7c4c-44156-513430933&vr=v2.50.375&ru=https%3A%2F%2Fam970theanswer.com%2F&tt=1610341078284&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=aa0th9p1610341078284&et=&aid=427900,427900,427900,427900,419815,419815,419815,419814,419814,419814,419813,419813,419813,419811,419811,419811&said=1144374,1135142,1124959,1124960,1089126,1089127,1089128,1089122,1089123,1089124,1089118,1089119,1089120,1089110,1089111,1089112&ei=430439%2C22407669%2C146753%2C20659642%2C22369165%2C20254628%2C430432%2C22369164%2C20254627%2C430429%2C22369163%2C20254626%2C430427%2C22369161%2C20254624%2C430430&fc=hv,hv,hv,hv,pd,pd,pd,ca,ca,ca,pu,pu,pu,sa,sa,sa&sp=39,1,24,32,1,32,39,1,32,39,1,32,39,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112422&dr=1133&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A5636%7D&ty=adr
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:57:58 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Fam970theanswer.com%2F&rl=&if=false&ts=1610341078293&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1610341078163.976896760&it=1610341077527&coo=false&rqm=GET

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H2 200 15406 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
276 B 394ms
392ms Script
binary/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/15406?t=2021011511
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: HKoY6njnU0p.BtwOB_eciiVL4yk3684O
last-modified: Sat, 09 Jan 2021 06:02:04 GMT
server: AmazonS3
x-amz-request-id: B7C66DC6F65868F2
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Mon, 11 Jan 2021 04:57:58 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: OW8ZfXffIUlUUOdxnswT4TENjbRnO2smfblCcZQ74qkllg1RqbzWquhwTfPBGGdi4S0xapOhI28=

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=122231121802269&ev=Microdata&dl=https%3A%2F%2Fam970theanswer.com%2F&rl=&if=false&ts=1610341078668&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%2C%22meta%3Adescription%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1610341078163.976896760&it=1610341077527&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=Microdata&dl=https%3A%2F%2Fam970theanswer.com%2F&rl=&if=false&ts=1610341078795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%2C%22meta%3Adescription%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22AM%20970%20The%20Answer%20%7C%20AM%20970%20The%20Answer%20-%20New%20York%2C%20NY%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1610341078163.976896760&it=1610341077527&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: am970theanswer.com
URL: https://am970theanswer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 04:57:58 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEE8 42 B
747 B 34ms
13ms Fetch
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_i0XrvJ8-J7N-eScUilWZY2vlkdsTNenlo0iTFhzbQizB2R7cKbfPbkwcffhF_nrNDvGShPCgGrX8mJnrlwjuRVWifdTNUWD-FtJYirU&sig=Cg0ArKJSzOGij5UGOKwlEAE&id=osdim&mcvt=1000&p=384,200,534,1400&mtos=1000,1000,1000,1000,1009&tos=1000,0,0,0,9&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=634455754&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 87C1 42 B
725 B 42ms
28ms Fetch
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTmuzHpfT9EMwblFxAIiEEm0it2QtrbnG0HtZcLxaKsxgJPR_liVXKHbrC5HxEjOn7uSJT0DhGCzJIEV22l53Ov7Qw_ObeBYnwifhRj8I&sig=Cg0ArKJSzL_hBBuXf4JnEAE&id=osdim&mcvt=1000&p=874,200,1024,1400&mtos=1000,1000,1000,1000,1105&tos=1000,0,0,0,105&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=634455755&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 757 B
2 KB 98ms
31ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_1078384549121951._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

3d2a6ad0ba225c23ecd01a091980b1273616025dc0f787aa24f65e6eab8b951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 11 Jan 2021 04:57:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c5cc800a637b65276656eeda56baccf714de758227ed6e0a558200d39349d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jan 2021 04:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6389
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/v2.10/plugins/ Frame 3C68 0
0 100ms
98ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f0d75952ef94%26domain%3Dam970theanswer.com%26origin%3Dhttps%253A%252F%252Fam970theanswer.com%252Ff2adf73925cc7ec%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FAM970TheAnswer%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=549d5c3da907ca84e786acc41b6a1cc9&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f0d75952ef94%26domain%3Dam970theanswer.com%26origin%3Dhttps%253A%252F%252Fam970theanswer.com%252Ff2adf73925cc7ec%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FAM970TheAnswer%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0M9j7CrnXlG7xbdvT..Bf-9rW...1.0.Bf-9rW.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: uSPMjORMU7XBVBmuneVGV8EzhN7rRpObVg9gvJUU0N61MwY0/GcSyrYhg9xN1yJS9YTgaR+dW6qde693BIJJXg==
date: Mon, 11 Jan 2021 04:57:59 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010901.js?21069772

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Mon, 11 Jan 2021 04:57:59 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 8BDC 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am970theanswer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am970theanswer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Sun, 10 Jan 2021 20:18:27 GMT
expires: Mon, 10 Jan 2022 20:18:27 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 31172
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=76EA27195FE842EEB1115DBE9DDEEDEE

43 B
183 B

267ms
88ms

Image
image/gif

2600:1f18:612b:4200:c62d:9d75:78d5:62b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:c62d:9d75:78d5:62b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:58:00 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=76EA27195FE842EEB1115DBE9DDEEDEE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE

95 B
426 B

33ms
32ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=76EA27195FE842EEB1115DBE9DDEEDEE
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=76EA27195FE842EEB1115DBE9DDEEDEE
https://um.simpli.fi/aa_px?sk=165001003663000091241

43 B
409 B

30ms
30ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=165001003663000091241

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Jan 2021 04:57:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=165001003663000091241
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 103ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=76EA27195FE842EEB1115DBE9DDEEDEE

0
0

78ms
26ms

Image
text/html

13.225.80.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-37.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=76EA27195FE842EEB1115DBE9DDEEDEE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 103ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 32ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=76EA27195FE842EEB1115DBE9DDEEDEE;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=76EA27195FE842EEB1115DBE9DDEEDEE;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2829488926842048422

0
0

26ms
25ms

Image
text/html

13.225.80.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2829488926842048422
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-37.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2829488926842048422
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0&xl8blockcheck=1

0
2 KB

50ms
49ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:58:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 11 Jan 2021 04:58:00 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=76EA27195FE842EEB1115DBE9DDEEDEE&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 32ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=76EA27195FE842EEB1115DBE9DDEEDEE

0
421 B

503ms
123ms

Image
text/plain

3.220.82.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.82.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-82-225.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 11 Jan 2021 04:58:00 GMT

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=76EA27195FE842EEB1115DBE9DDEEDEE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=76EA27195FE842EEB1115DBE9DDEEDEE

62 B
329 B

248ms
190ms

Image
image/gif

184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:58:00 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: fd08
Content-Type: image/gif

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=76EA27195FE842EEB1115DBE9DDEEDEE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

200

tpid=76EA27195FE842EEB1115DBE9DDEEDEE
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE

49 B
712 B

56ms
56ms

Image
image/gif

52.30.234.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:58:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.173
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:58:00 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=76EA27195FE842EEB1115DBE9DDEEDEE
cache-control: no-cache
x-server: 10.45.11.64
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE
https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE&dnr=1

0
433 B

40ms
40ms

Image
text/plain

216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jan 2021 04:58:00 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Jan 2021 04:58:00 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=76EA27195FE842EEB1115DBE9DDEEDEE&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=76EA27195FE842EEB1115DBE9DDEEDEE

0
66 B

78ms
31ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:58:00 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=76EA27195FE842EEB1115DBE9DDEEDEE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1610341079755&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
552 B

40ms
19ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=19r7X5m2MK_U7_UPspqp0A4&cid=CAQSKQCNIrLM6NOSru_ihpvwN1t07bkNlDiZYbMmsaIUDDfSFXX7R_Jh6-os&random=2655170219&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1893510391&cv=7&fst=1610341079755&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=19r7X5m2MK_U7_UPspqp0A4&cid=CAQSKQCNIrLM6NOSru_ihpvwN1t07bkNlDiZYbMmsaIUDDfSFXX7R_Jh6-os&random=2655170219&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE&__user_check__=1&sync_id=93e61416-53c9-11eb-b49b-1ab52fe71706

43 B
548 B

37ms
37ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE&__user_check__=1&sync_id=93e61416-53c9-11eb-b49b-1ab52fe71706
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:58:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 46
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 11 Jan 2021 04:57:59 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=76EA27195FE842EEB1115DBE9DDEEDEE&__user_check__=1&sync_id=93e61416-53c9-11eb-b49b-1ab52fe71706
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=76EA27195FE842EEB1115DBE9DDEEDEE
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D76EA27195FE842EEB1115DBE9DDEEDEE

43 B
1 KB

46ms
41ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D76EA27195FE842EEB1115DBE9DDEEDEE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jan 2021 04:58:00 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: 1cb7816e-db60-4370-829e-39694af39cd8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Jan 2021 04:57:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.5:80
AN-X-Request-Uuid: 04dd2f30-6e6e-4625-a575-d7a4d7a317bc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D76EA27195FE842EEB1115DBE9DDEEDEE
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=76EA27195FE842EEB1115DBE9DDEEDEE&expires=365

42 B
774 B

112ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=76EA27195FE842EEB1115DBE9DDEEDEE&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=76EA27195FE842EEB1115DBE9DDEEDEE&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 10 Jan 2021 04:57:59 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE

43 B
180 B

43ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:58:00 GMT
via: 1.1 google
server: OXGW/16.200.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=76EA27195FE842EEB1115DBE9DDEEDEE
date: Mon, 11 Jan 2021 04:57:59 GMT
via: 1.1 google
server: OXGW/16.200.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEDRueYBcYRCkqkNtHSSs97U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=76EA27195FE842EEB1115DBE9DDEEDEE
https://um.simpli.fi/g_match?id=

0
320 B

29ms
29ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 04:57:59 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 10 Jan 2021 04:57:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:57:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _7972.png
99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com/ Frame 044B 50 KB
51 KB 197ms
47ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com/_7972.png
Requested by: Host: am970theanswer.com
URL: https://am970theanswer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 26437bd7545457a94a6be2ba29e2079c688b4aa140468867ae47f4d235279f78

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 04:58:00 GMT
Last-Modified: Thu, 21 Jun 2018 20:47:25 GMT
X-Trans-Id: txc46dfd983c854065be7a0-005c9d44e2ord1
ETag: 2f0478aba536dddb686a3e365566f7bb
Content-Type: image/png
X-Timestamp: 1529614044.27224
Cache-Control: public, max-age=25932308
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51469
Expires: Sun, 07 Nov 2021 08:23:08 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
166 B 19ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010901&jk=2186038644462499&bg=!q6ilqIjNAAUbEDgJG1gZBsBqgUsBpgIAAADZUgAAABZoAQcKAecofJXjmuF6VgzyabMMHpABQCRiTDCrJ0mlYfpB0f7lVp-2kV1eazzI8cI9KUhm6ErUklx9iYeWFKh3GdVM0VcpF-Q_dewHc52xhLdbc_M1KFbp1zQn77YxIvn1ygnUS5gaeR21b-2lKG2bY69rtoA3seu3cktWXchIMyzh8pQJES1c3V0kqOp_HlzuBP5MTLy7OWZKBDRsyNy1jrcnHgynN_mk2GT5T0ZQVNEWuGFoSYlfjqOTWcpazCFFo0P1OYMQXZjhM7qgi2yET4uKji3GX42vxsnIY0eVX-2oPIAfLUijTJs6A1gRStbFsnK7dYe7-eRQh9z6SodWAA8WbQR1nm_QZesMZEqJUjx_LK9Jf23mA42weNOPYwArgrq_RmlwwBMWcPdvCGpU6hyBsv7ebpdgwN2m96MkTTcbzheUMDNQbzjboBldKtE2Wp_KcTqO_iJ1ku5fCWnNAJRGiGt4nYgt3DdPdNTDZSeCW19xfyNcGFvaHdoZArAP5q3d-eDuZLmkdkmA3CKgxjaVV9V-4g8oO1B8dE84sEkmhax6a4uFQJBu8AOlw8QRBrQH42Vv6iDxZHwYfJawTzq0NzRWPPgMwy4PQb1NvQwGhc1o5JM3p9pePWQbX0Xc_iZCtB-7MMvv0rvGmQG7a-4DV_Z2i4NaelChdCvdpdZqAjoRDrA6yEbkJZbwHbdNczD3T2Md7fXUzIX3He4yoYXfXXoAhxE0suaqSywtHnvp40fFQ-xwypPtOyO6O5kQQswEtxTpoNidkYeh1vtslmDL0MB_EGUAUrvfysfoTKyBN01cBCLdM1S-shYzlCzorATti-l3SAml1xDpg6Pl76MqwyC9uMuudjG-NiAFO8nGUT9YCtERpgmzUwZWdHIZh5NVPA5fUEZhUBEjcSr8Y8ltewRJg-PZ3NWgllpFyd6annv_qm-rPIRVxkrZ5eCOHcGIS3doMDqMmJZ6-z1g7qtKrp_Qo76F4q-ZgKhNFc6vV4QWFj70yQKAyF3iNuEflEO0G661k27DdEIFqZVueQwb2eoZZ0-56_vyIYLC3-qdN2n7XFmQgr8ml0Uk_2x53ybG44nLO9QW55DI8t_fietbmEVtmHSoCkpSRfhU0NeeIFo9s4t9BjPS1xBT2DPcGicYszAmPmmDqxdXqkn9fqTWo_qma_e_OA73EgN4AsgqMb9Ejhtcb5YusdIMFzHV0ZtlUx_FvOqQf874Zx2Q2sC7_SWlZy-gjxo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 04:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 PreChatMessageHandler.ashx Show response
salemlivechat.com//Handlers/ 432 B
1 KB 577ms
564ms XHR
application/json 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com//Handlers/PreChatMessageHandler.ashx
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 580d63c126ec9bc543a738f80dfc4da6e3dd13f477f68ca3c6c513359ac7201c

Request headers

Accept: */*
Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Jan 2021 04:58:03 GMT
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
content-length: 432
cf-request-id: 079167ff6100002c0d37247000000001
x-ua-compatible: IE=edge
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZFBybl2QpQdYF%2BjLbbdYMg3Rask7cSXabK5GUcx6XPOFekKIu7VWrzlCtthTNZuwvGEaqGy%2FEG5k3zBTRaW15lsXdFkq1ZR8YHBcAt3Q%2FivGsyVMdZqO2ybgq6aNtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,no-transform
cf-ray: 60fc0f789edf2c0d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain

POST
H2 200 / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ 2 B
382 B 187ms
186ms XHR
application/json 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1610341083438
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://am970theanswer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://am970theanswer.com
date: Mon, 11 Jan 2021 04:58:03 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: proxy.webwidgets.accuweather.com
URL: https://proxy.webwidgets.accuweather.com/api/proxy/list/locations/v1/search.json?pcode=wdg3_wnym_rdo&key=Wyp05tVr0E&widget=med_sticker@1&first=true

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-19 15:20:27	Name: CMST Value: X-va1V-72tYA
.casalemedia.com/	1970-01-20 00:04:37	Name: CMID Value: X-va1cIAyT6pXkGGBX2QkwAA
.justpremium.com/	1969-12-31 23:59:59	Name: 110038_400485 Value: 0_0_0
.justpremium.com/	1969-12-31 23:59:59	Name: 110038_400484 Value: 0_0_0
.casalemedia.com/	1970-01-20 00:04:37	Name: CMRUM3 Value: 275ffbdad50b40&0d5ffbdad6276005bf2005008b679ff6235d67&495ffbdad505a00&335ffbdad627604256535b-9163-4de1-8200-24cd56bfc650&2d5ffbdad62760CAESEKvmxy0f7D4WolZRdIlLoxU&f15ffbdad505a00&e65ffbdad527600&1f5ffbdad505a00
.justpremium.com/	1969-12-31 23:59:59	Name: 86261_318306 Value: 0_0_0
.casalemedia.com/	1970-01-19 17:28:37	Name: CMPS Value: 3202
.justpremium.com/	1970-01-19 15:20:27	Name: jpxuuid Value: r-e5d60761-fc14-4654-a788-2d78dfad7c4c-44156-513430933
.justpremium.com/	1969-12-31 23:59:59	Name: jpxsession Value: r-2c63ede3-b40d-417e-b44c-fd691abe4712-44156-513412753
am970theanswer.com/	1969-12-31 23:59:59	Name: aptivada_widget_656_0_907580_autoshow Value: 1
.justpremium.com/	1970-01-19 16:02:13	Name: jpxumaster Value: r-38dbaf14-2568-4473-8369-5db54b1e5a24-44156-513372760
am970theanswer.com/	1970-01-19 15:19:04	Name: livechat_agent_alias_id Value: 7972
am970theanswer.com/	1969-12-31 23:59:59	Name: apexchat_dompopup_chatwindow Value: _rendered
.am970theanswer.com/	1970-01-19 17:28:37	Name: _fbp Value: fb.1.1610341078163.976896760
.am970theanswer.com/	1970-01-20 00:40:37	Name: __gads Value: ID=cfbe00f225324eb3-2299660588b9008c:T=1610341077:S=ALNI_MZHfywbPOzahVN4LHhD5LE2aB5CKA
.am970theanswer.com/	1970-01-19 16:02:13	Name: __cfduid Value: d2a2c3da0f4bc35737416f695a8044d451610341077
am970theanswer.com/	1970-01-19 19:41:05	Name: livechat_invitation_traffic_sources Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26campaignId%3D%26overwritetrafficsource%3Dtrue%26date%3D20210111
am970theanswer.com/	1969-12-31 23:59:59	Name: _sp_ck Value: 123fc14c-caaa-461a-9e00-05cb3d96a15d
.justpremium.com/	1970-01-19 15:19:11	Name: jpxumatched Value: ox\|ie
am970theanswer.com/	1970-01-19 15:20:27	Name: livechat_profile_id Value: 182509
am970theanswer.com/	1970-01-19 15:19:22	Name: livechat_visitor_id Value: 893408572
.am970theanswer.com/	1970-01-19 15:20:27	Name: _gid Value: GA1.2.1897586957.1610341076
am970theanswer.com/	1969-12-31 23:59:59	Name: livechat_original_referrer Value:
.am970theanswer.com/	1970-01-19 15:19:01	Name: _gat_AllStationsTracker Value: 1
am970theanswer.com/	1969-12-31 23:59:59	Name: apexchat_tab_invitation Value: _max
.am970theanswer.com/	1970-01-19 15:19:01	Name: _gat Value: 1
am970theanswer.com/	1970-01-20 00:04:37	Name: _ntv_uid Value: be471353-d780-42e6-b8f0-374b56bb7f7d
.am970theanswer.com/	1970-01-19 15:19:01	Name: _gat_NewsTalkTracker Value: 1
am970theanswer.com/	1970-01-19 15:19:01	Name: livechat_operator_id Value: undefined
am970theanswer.com/	1969-12-31 23:59:59	Name: livechat_is_page_refreshed Value: false
am970theanswer.com/	1970-01-19 15:19:01	Name: livechat_v3_invitation_shown Value: true
.casalemedia.com/	1970-01-19 17:28:37	Name: CMPRO Value: 1129
am970theanswer.com/	1969-12-31 23:59:59	Name: apexchat_dropdown_invitation Value: _max
.am970theanswer.com/	1970-01-20 08:50:13	Name: _ga Value: GA1.2.1840448419.1610341076

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:06:135.29)%cJAdManager: version v2.50.375 initialized padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:203636)
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/_ts2.js(Line 3) Message: Targetspot Cookie loaded
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:07:061.92)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:54862)
console-api	warning	URL: https://campaign.aptivada.com/widget.js(Line 1329) Message: Aptivada post message ignored. No matching action: event
console-api	error	URL: https://proxy.webwidgets.accuweather.com/js/med_sticker.js(Line 2) Message: AWW: Error: Network Error
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:12:312.95)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:54862)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: http://*.sim-cms.net http://sdk.listenlive.co 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9929208c1273a68ae7b38df093697aa6.safeframe.googlesyndication.com
99a0f44a0a61eb53a221-e9834f10898f59eef5b71f6b79ed5672.ssl.cf2.rackcdn.com
aa.agkn.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
am970theanswer.com
aptivada.com
bcp.crwdcntrl.net
campaign.aptivada.com
cdn.jsdelivr.net
cdn.justpremium.com
cdn.saleminteractivemedia.com
cdn2.aptivada.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
content.cdn.targetspot.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
media.swncdn.com
media.townhall.com
node.targetspot.com
nodeeu.targetspot.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pre.ads.justpremium.com
proxy.webwidgets.accuweather.com
pulse-sim.salemwebnetwork.com
s-jsonp.moatads.com
s.ntv.io
salemlivechat.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
tpc.googlesyndication.com
tracking.justpremium.com
um.simpli.fi
us-u.openx.net
us.ads.justpremium.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
proxy.webwidgets.accuweather.com
13.224.194.17
13.224.194.96
13.225.80.37
147.75.102.200
159.253.128.183
165.227.72.15
169.50.137.176
169.50.137.179
172.217.21.226
172.217.23.130
184.30.210.81
185.33.221.53
185.94.180.125
2.18.233.89
2.18.234.163
2.18.235.40
2001:4de0:ac19::1:b:2b
205.185.216.10
205.185.216.42
216.52.2.19
2600:1901:0:8eee::
2600:1f18:612b:4200:c62d:9d75:78d5:62b7
2606:4700:20::681a:30a
2606:4700:20::ac43:5166
2a00:1450:4001:802::2001
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:815::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:400c:c00::9b
2a02:26f0:6c00:280::3926
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
2a0b:4d07:101::1
3.125.0.64
3.220.82.225
31.12.68.105
31.12.71.114
34.120.207.148
34.98.64.218
35.156.26.195
35.227.248.159
52.207.161.225
52.28.42.15
52.30.234.204
52.89.201.114
65.9.7.2
69.173.144.165
02348dd7b8bda6f620c2f691b91887421fcc99047e0871d3c70290b3dbaaa07c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06bd8d3a89165302227065f7684632d89eea20b190e20e49ef7ca2072bb0e6a0
0920925a83912a4b2cad8fd6b5e7dc7a2f1a2d6b2051aa3a5a95810daf2aed5d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bdd18746a58467caa5c0e552f1ba38cb34a9dda20131d55d9441c899f26a448
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0de215f2741f0100c900c32e0e48dcfb9953ebc77fe8384a7b3bda43bee0e236
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
137b2c048fbf48116d55b15729ff72b10e2667ff3a96d6614dcd80f8b196db3a
13f644ae0639b623ff4f48d782f1a8971db065c786914d8ca048d09e87907b8b
1609e7137db464ab406caa137fabf256f5f7d17ac977318eb48113458795e4d7
1640446ae949260736a11acfe10c18de162aa7dece7f68facf16da535f1ac71b
1e799d48e40a02b054fab477207c7179d85c45f8dada4127470d7c113b38f1ec
229a43f73612c664600cf99cd40c6550e01fef8ac0c8ba019f87f08d83923dc5
24f8ce2b1d1571de4d203ef11ba6d172db1819a35d906f4fd8ab2b0fe90a3f74
26437bd7545457a94a6be2ba29e2079c688b4aa140468867ae47f4d235279f78
269e52922b0515a3c05a139f32262c4259085b4d0d88488cc102712449a7462e
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055
285a9c87e53e17b57fcb153c5f17d8f6ca19e3c7141efa288873e519b8f2f9c1
2a957719ab4bdaef0012c99f196b5388210d766ae4601abdd7ab6a698d4a539e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3163bdf4cffe251650215729df49011c5525325c4f2e1ca5b02371dc24e38fe4
31c23b6201161dea3af2e166fc8d2f5bcaa8a12bc92275b2ebff52469af260c8
36f7bc45b3669bd1f422cb7b8bd170b012fcd54e2f6e0dd02000ca3427a66013
37b7718daf4c52bfb6fb354ca33d9ff302aa53f275789c4a4a3174425a8b11c5
3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3bfbb9588367f99a6e5bb0a6c8d81182fea3654b774b869eb08be005325b833e
3c24621b5df0ed8401204e2d81db2bf63294561152936abc2b1bbc376c98a959
3d2a6ad0ba225c23ecd01a091980b1273616025dc0f787aa24f65e6eab8b951a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
407a11ac92c4bb6548215574c3ac2ef664fc13c6126f3875e5727634a75e4755
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
498dfcf1b0f8cbcedcfa96d273bb31d499064b0ec99aaa6a641d9c629569ae3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce1dc6bca18227a0227f04f35af041a5e851c02c12ef912b40486e2532f03c6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2dbd25321cf20a1e173c364a7e2d5f7193e8f10c7f3e074d9cde5087ec7dae
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5321fdfa005f060031a9ce7f2b6c2f4641b56dbdc9ced6e8bbf0a75b7b866303
55d37798d33bab9e01224def53b84840610a257152a50c60bb811a0d836f97cc
580d63c126ec9bc543a738f80dfc4da6e3dd13f477f68ca3c6c513359ac7201c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f1b85d872126c373a65a516d8b63ecc29844e882b36f7e7e05e9e5c404fcb7b
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
6843b486f69732b500cac5ae94d1c7570a9c37991d3324693269d26a3c541c2a
69e89dac634ee2bd84fcc4e3e29457ae0c2d9e8db08bec998c579038913ef58d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7067667801b5064646b0a9c8bad5dd7370badc29cea00360805d3aca3eeacdac
75e2d4b1b602b4e00badfd2ae44c49df83ec6ffe42efcb47fda60c6e333b6a6a
77225d54295bb3a965a87ba5579172b75b0487d6ff59dc774c47ec6f301c8f45
778a3a62300ef9f90de6b3b4cf07ec16d7a4ffef263761994081b0a66ba3e601
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2a8fef4adaa2dbd753b044cd9f0a9fe7106486e6a8332c882054fb1ea69546
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7e5485f0567752fb5533f3841d73acf90c4281425167abfaf065539f8fbaae3b
825078eca5f55e6a5bc595d66431fcb25540c52def7076141ee27b1030c2434f
8264aaef589f8b63291d4c61d1acd51f300890d375b24f15f83ec86bda0d7e6e
82f4ddfef0c05aeaeecbef480ab52c138a5ad7886381dd9b59fc9c7b5c24d56f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d457ad30d1119a5121a038fae6768c844dc6125279aec322e3a0acd5036fb3
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8d7cb9364f2685982549fcef9525ca8ef4be0aee6c42c940ccc7d4b4f1127913
8f909ec6660bfc8dfe6e8ad64f2ed7ea41bdcaf25ea1dcb6d8e28cc7845475ef
98319c9ed052f4da52858ecb50f0cc14cfc17723e201622d8b1a4b980c39e26f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2000f0f267b88ea23eec902de021f9840fdc248cfce18ae796ec68d1941d8a3
a429d36e6f06a061c4d4c6680dd1c8979abfade487b5a3356611ffc6f2a55a00
a51d2f16c588ccbb50815cd6936b66109c2974809a5c4800ee2e54d2a0d25872
a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad0b39f390b09b089dcb7984459f325332e6731c8cbdf5ca2be2900c6537038e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b25ba2d42feb7ea0dae5c545937eecc37df2d2e2ee8d401866db0944905d9ae5
b4e5c8113578cddb15261513cdf05a9d81ece60e3d7157ebb21dbbb7aacb19e7
b6fa7e4fb942f5fc5c8db186bb96eafe7a83ffde57581ba790232541f91cdaa0
b707e495b5c993c23e4b4adc7dada42f6bf09f8014b90891d63dea41ffc5661a
b756e74c6319250286f99bf0ddb5d73df3354bce2924afd73ff203fb15fbb0ef
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
be2a7ed9be28912788c9dd1fc20284221e7380efec539100b8d22a928b0f8b81
c12e65f2fbf85caa31c92ffb932da9f16ed8ccd9eeb123d575f91508d26c756d
c2deea221118e199cc8a8ffffa78dcec65f1563fdaeb3b3c6d4da483836d221d
c38ca9561c4be073745bccf75a06cc35f42cb24d2103491c30c76dc884a0897d
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c65770216e554e3134f6b622009959d01b7696463f1f1f4d3f8faf806c85e84b
c8c7b595fe507982c8d06c77d4adbbe249d944070439aee32c90944c02b16795
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11fb9f89a399776bd1a97352774bba8782a899add8fa56df65c798c655cb8bc
d2899ee5911819e5cb12ed2781f70080f05b1685ab7b022af8573d3c2c97c00a
d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba
d5c5cc800a637b65276656eeda56baccf714de758227ed6e0a558200d39349d6
d7d42ec263814bb6bb614b2a155051d9466ba01f74e5cab2dd8310fec53936f4
db413b9f5f54f2c87c446007d0af148719f0f13629b285e410df0cc3db3f7e8a
ddfeddf32de34d6de594d032805e8579d267b7f59c28b48b0952e640f1124719
df96736c02621f33c8106254245da04b074b040a1f8816879694a50fcf8164b7
e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e62f93074782f5a71a8c3a14980158f603197b0e290767da6bebda314c6dd9
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e5586e0db74f9d54c379419caab99568fa49c3ddcc17963dc19624d220366523
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef0e06cfc326e5f1558d7a17f574779da1c2e857d0fc1e0d678850b6b1fce04a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef417acb1eb7a0b598a917566e8c2ae52e71b029ec145eed3527b5d73fdf7040
f3b8613e37dcb0eb79736d945722a2ae6787a08e3e3125016c78261d1d2bbfc6
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f9492193b6d8549844c1cbd80c2608ccf41e3467654e2d24f78e021c81f0541b
fd477b02052b11f6cc338c6e73bc0c06100d793cfdd1b20b915826195070e0ee

am970theanswer.com Open in urlscan Pro 2606:4700:20::ac43:5166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

176 Requests

99 %HTTPS

39 %IPv6

45 Domains

62 Subdomains

51 IPs

8 Countries

4987 kBTransfer

8375 kBSize

34 Cookies

18 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

am970theanswer.com Open in urlscan Pro
2606:4700:20::ac43:5166 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

99 %
HTTPS

39 %
IPv6

45
Domains

62
Subdomains

51
IPs

8
Countries

4987 kB
Transfer

8375 kB
Size

34
Cookies

176 HTTP transactions
5 data transactions