urlscan.io logo urlscan.io
SecurityTrails logo

www.justjared.com Open in urlscan Pro
69.16.175.10  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.justjared.com/
Submission: On February 26 via manual from ID
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 10 countries across 122 domains to perform 659 HTTP transactions. The main IP is 69.16.175.10, located in United States and belongs to HIGHWINDS3, US. The main domain is www.justjared.com.
This is the only time www.justjared.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 69.16.175.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
3 65.9.187.74 16509 (AMAZON-02)
3 65.9.58.90 16509 (AMAZON-02)
3 178.79.208.44 22822 (LLNW)
6 43 23.218.208.246 16625 (AKAMAI-AS)
6 65.9.24.128 16509 (AMAZON-02)
12 142.250.186.162 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
12 69.16.175.42 20446 (HIGHWINDS3)
2 4 2a03:2880:f21... 32934 (FACEBOOK)
1 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.16.186.80 20940 (AKAMAI-ASN1)
2 2620:116:800d... 16509 (AMAZON-02)
2 52.59.111.161 16509 (AMAZON-02)
1 13.32.24.12 16509 (AMAZON-02)
11 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.98.97.158 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 65.9.187.95 16509 (AMAZON-02)
2 13 23.37.42.132 16625 (AKAMAI-AS)
1 2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
3 35.190.91.160 15169 (GOOGLE)
2 54.210.192.116 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
2 4 2600:9000:20d... 16509 (AMAZON-02)
2 4 184.25.115.49 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 52.210.253.186 16509 (AMAZON-02)
2 2 35.244.255.22 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.250.193.151 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.136 13414 (TWITTER)
1 2 54.78.254.47 16509 (AMAZON-02)
5 65.9.58.106 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 8 72.251.249.9 29791 (VOXEL-DOT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 65.9.187.57 16509 (AMAZON-02)
1 2a04:4e42:3::621 54113 (FASTLY)
1 35.244.220.155 15169 (GOOGLE)
2 69.173.144.143 26667 (RUBICONPR...)
4 18.195.54.139 16509 (AMAZON-02)
16 33 37.252.172.36 29990 (ASN-APPNEX)
2 2600:9000:206... 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
4 54.212.156.141 16509 (AMAZON-02)
1 10 52.95.123.167 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.131.170.213 14061 (DIGITALOC...)
1 52.17.137.119 16509 (AMAZON-02)
4 6 54.36.109.46 16276 (OVH)
12 12 185.29.135.227 30419 (MEDIAMATH...)
2 2 52.29.24.115 16509 (AMAZON-02)
1 1 13.32.24.96 16509 (AMAZON-02)
2 4 18.195.155.181 16509 (AMAZON-02)
12 63.33.123.138 16509 (AMAZON-02)
12 23.218.208.200 16625 (AKAMAI-AS)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
9 24 18.158.74.203 16509 (AMAZON-02)
2 216.52.2.48 30282 (AS-INAPCD...)
2 2 213.19.147.151 26120 (RHYTHMONE)
23 35 142.250.185.162 15169 (GOOGLE)
6 54.244.32.41 16509 (AMAZON-02)
5 5 37.252.172.38 29990 (ASN-APPNEX)
15 15 3.121.79.35 16509 (AMAZON-02)
6 9 37.157.2.238 198622 (ADFORM)
8 8 35.244.159.8 15169 (GOOGLE)
2 2 52.0.250.105 14618 (AMAZON-AES)
5 13 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 198.148.27.139 19189 (PULSEPOINT)
9 10 151.101.114.49 54113 (FASTLY)
4 52.71.207.7 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
10 35.171.5.130 14618 (AMAZON-AES)
1 35.171.145.49 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 52.28.41.98 16509 (AMAZON-02)
4 9 54.239.17.112 16509 (AMAZON-02)
3 5 159.253.128.188 36351 (SOFTLAYER)
1 6 185.64.189.115 62713 (AS-PUBMATIC)
2 178.250.2.151 44788 (ASN-CRITE...)
4 4 213.155.156.164 1299 (TELIANET ...)
12 185.64.189.110 62713 (AS-PUBMATIC)
11 11 52.214.70.9 16509 (AMAZON-02)
1 1 185.86.138.142 201081 (SMARTADSE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 16 185.64.190.80 62713 (AS-PUBMATIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
11 13 18.156.0.31 16509 (AMAZON-02)
9 185.64.189.114 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (TURN)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 16 69.173.144.139 26667 (RUBICONPR...)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 34.120.207.148 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.58.26 16509 (AMAZON-02)
2 2 23.37.42.216 16625 (AKAMAI-AS)
1 1 31.172.81.158 44066 (DE-FIRSTC...)
1 1 31.172.81.160 44066 (DE-FIRSTC...)
1 174.137.133.49 27257 (WEBAIR-IN...)
9 26 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.185.166 15169 (GOOGLE)
4 2600:9000:20d... 16509 (AMAZON-02)
4 3.123.110.9 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
4 18.159.25.74 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 23.79.152.128 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 8 18.197.47.23 16509 (AMAZON-02)
2 34.243.1.111 16509 (AMAZON-02)
1 34.120.25.144 15169 (GOOGLE)
4 104.17.119.107 13335 (CLOUDFLAR...)
4 23.218.208.187 16625 (AKAMAI-AS)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 51.178.20.139 16276 (OVH)
1 1 54.84.63.25 14618 (AMAZON-AES)
4 6 88.221.62.154 16625 (AKAMAI-AS)
2 2 63.33.75.105 16509 (AMAZON-02)
1 3.218.101.84 14618 (AMAZON-AES)
1 52.4.51.239 14618 (AMAZON-AES)
14 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 213.254.244.11 36062 (DOUBLE-VE...)
2 75.2.13.80 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20d... 16509 (AMAZON-02)
10 52.9.153.242 16509 (AMAZON-02)
2 2 88.214.206.247 46636 (NATCOWEB)
1 23.37.38.181 16625 (AKAMAI-AS)
1 18.196.104.43 16509 (AMAZON-02)
1 34.235.227.143 14618 (AMAZON-AES)
2 213.19.147.210 26120 (RHYTHMONE)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 3 51.210.112.63 16276 (OVH)
2 2 146.0.227.110 20773 (GODADDY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 142.250.185.130 15169 (GOOGLE)
1 1 54.78.251.22 16509 (AMAZON-02)
1 1 34.194.148.31 14618 (AMAZON-AES)
1 2 54.85.167.1 14618 (AMAZON-AES)
659 139
19    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
www.justjared.com
cdn01.cdn.justjared.com
cdn03.cdn.justjared.com
cdn03.cdn.justjaredjr.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    65.9.187.74 (United States)

ASN16509 (AMAZON-02, US)
cdn.privacy-mgmt.com
3    65.9.58.90 (United States)

ASN16509 (AMAZON-02, US)
ccpa.sp-prod.net
onetag-geo-grouping.s-onetag.com
3    178.79.208.44 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-208-44.ams.llnw.net
tradecraft.s.llnwi.net
43    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
12    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
6    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
mediatradecraft-com.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
12    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
cdn04.cdn.justjared.com
cdn02.cdn.justjared.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjaredjr.com
4    2a03:2880:f21c:81e5:face:b00c:0:4420 (United States)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.16.186.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
2    52.59.111.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
message.sp-prod.net
1    13.32.24.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-12.fra56.r.cloudfront.net
js.gumgum.com
11    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.98.97.158 (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.exitbee.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    65.9.187.95 (United States)

ASN16509 (AMAZON-02, US)
get.s-onetag.com
signal-beacon.s-onetag.com
13    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
t.skimresources.com
3    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
p.skimresources.com
2    54.210.192.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ccpa-service.sp-prod.net
8    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2600:9000:20d7:f800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    184.25.115.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    52.210.253.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    35.244.255.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
x.skimresources.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    34.250.193.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
5    65.9.58.106 (United States)

ASN16509 (AMAZON-02, US)
onetag-geo.s-onetag.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
8    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
settings-v2.service.exitbee.com
geo.rlcdn.com
2    65.9.187.57 (United States)

ASN16509 (AMAZON-02, US)
widget.sellwild.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ats.rlcdn.com
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    18.195.54.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
tlx.3lift.com
33    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2600:9000:206f:7600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
3    2600:9000:206f:9200:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
1    2600:9000:206f:8800:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.avantisvideo.com
4    54.212.156.141 (Boardman, United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
10    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.131.170.213 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.bidstreamserver.com
1    52.17.137.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
ie-lb.gumgum.com
6    54.36.109.46 (France)

ASN16276 (OVH, FR)
id5-sync.com
12    185.29.135.227 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.29.24.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    13.32.24.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-96.fra56.r.cloudfront.net
s.ad.smaato.net
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
12    63.33.123.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
12    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
24    18.158.74.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
35    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
6    54.244.32.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
events.avantisvideo.com
5    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
15    3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
9    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
2    52.0.250.105 (United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
13    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
10    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    52.71.207.7 (United States)

ASN14618 (AMAZON-AES, US)
1x1.a-mo.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
24    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a02:26f0:7100:1b2::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
1    2a02:26f0:64::214:846e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
10    35.171.5.130 (United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    35.171.145.49 (United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ch
5    52.28.41.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-a.rubiconproject.com
9    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
6    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    213.155.156.164 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
11    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
16    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
13    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
9    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
10    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
16    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700::6812:517 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
1    65.9.58.26 (United States)

ASN16509 (AMAZON-02, US)
dfp-gateway.s-onetag.com
2    23.37.42.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-216.deploy.static.akamaitechnologies.com
tracking.m6r.eu
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
26    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net
4    2600:9000:20d7:1600:1f:df94:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
hb.undertone.com
4    3.123.110.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    18.159.25.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
2    2a02:fa8:8806:12::1460 (United States)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    34.243.1.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
public-prod-dspcookiematching.dmxleo.com
4    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: proxy0393.eu3.dynfactory.com
gu.dyntrk.com
1    54.84.63.25 (United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
6    88.221.62.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-62-154.deploy.static.akamaitechnologies.com
px.owneriq.net
2    63.33.75.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
1    3.218.101.84 (United States)

ASN14618 (AMAZON-AES, US)
match.deepintent.com
1    52.4.51.239 (New York, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
14    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a02:26f0:7100:1aa::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    213.254.244.11 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
tps20248.doubleverify.com
2    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2600:9000:20d7:6a00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
10    52.9.153.242 (United States)

ASN16509 (AMAZON-02, US)
usr.undertone.com
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    34.235.227.143 (United States)

ASN14618 (AMAZON-AES, US)
hb.yellowblue.io
2    213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ade.googlesyndication.com
1    54.78.251.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
d.adroll.com
1    34.194.148.31 (United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
2    54.85.167.1 (United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
Apex Domain
Subdomains		 Transfer
59 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
194 KB
57 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
214 KB
42 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
96 KB
41 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
prebid-a.rubiconproject.com Failed
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
secure-assets.rubiconproject.com
176 KB
38 googlesyndication.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
329 KB
35 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com Failed
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
43 KB
28 3lift.com
tlx.3lift.com
eb2.3lift.com
11 KB
28 justjared.com
www.justjared.com
cdn01.cdn.justjared.com
cdn03.cdn.justjared.com
cdn04.cdn.justjared.com
cdn02.cdn.justjared.com
973 KB
27 yahoo.com
c2shb.ssp.yahoo.com Failed
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
18 KB
26 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
25 KB
25 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
44 KB
17 gumgum.com
js.gumgum.com
g2.gumgum.com
ie-lb.gumgum.com
rtb.gumgum.com
43 KB
16 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
9 KB
16 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
83 KB
15 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
220 KB
15 bidswitch.net
x.bidswitch.net
5 KB
14 2mdn.net
s0.2mdn.net
237 KB
13 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
onetag-geo-grouping.s-onetag.com
dfp-gateway.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
26 KB
13 twitter.com
platform.twitter.com
syndication.twitter.com
224 KB
12 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
4 KB
12 mathtag.com
sync.mathtag.com
7 KB
11 bidr.io
match.prod.bidr.io
6 KB
10 everesttech.net
sync-tm.everesttech.net
2 KB
10 lijit.com
ap.lijit.com
ce.lijit.com
8 KB
10 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
x.skimresources.com
27 KB
10 google.com
www.google.com
adservice.google.com
18 KB
9 adform.net
c1.adform.net
3 KB
9 youtube.com
www.youtube.com
676 KB
9 indexww.com
js-sec.indexww.com
21 KB
8 openx.net
us-u.openx.net
2 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
85 KB
7 googletagservices.com
www.googletagservices.com
176 KB
7 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
628 KB
6 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
tps20248.doubleverify.com
95 KB
6 owneriq.net
px.owneriq.net
2 KB
6 id5-sync.com
id5-sync.com
8 KB
6 quantserve.com
edge.quantserve.com
pixel.quantserve.com
20 KB
5 simpli.fi
um.simpli.fi
3 KB
5 ampproject.org
cdn.ampproject.org
99 KB
5 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
web.hb.ad.cpe.dotomi.com
1005 B
5 emxdgt.com
hb.emxdgt.com Failed
cs.emxdgt.com
1023 B
5 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
4 KB
5 sp-prod.net
ccpa.sp-prod.net
message.sp-prod.net
ccpa-service.sp-prod.net
20 KB
4 brealtime.com
biddr.brealtime.com
5 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 zemanta.com
b1sync.zemanta.com
1 KB
4 1rx.io
sync.1rx.io
tag.1rx.io Failed
1 KB
4 a-mo.net
prebid.a-mo.net Failed
1x1.a-mo.net
354 B
4 crwdcntrl.net
sync.crwdcntrl.net
2 KB
4 quantcount.com
rules.quantcount.com
2 KB
4 instagram.com
www.instagram.com
6 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 dyntrk.com
gu.dyntrk.com
645 B
3 bing.com
c.bing.com
936 B
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
9 KB
3 rlcdn.com
api.rlcdn.com Failed
ats.rlcdn.com
geo.rlcdn.com
id.rlcdn.com
60 KB
3 justjaredjr.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjaredjr.com
127 KB
3 llnwi.net
tradecraft.s.llnwi.net
77 KB
3 privacy-mgmt.com
cdn.privacy-mgmt.com
68 KB
2 eqads.com
um2.eqads.com
563 B
2 admixer.net
inv-nets.admixer.net
1 KB
2 admedo.com
pool.admedo.com
783 B
2 admanmedia.com
cs.admanmedia.com
826 B
2 scoota.co
r.scoota.co
1 KB
2 krxd.net
beacon.krxd.net
675 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 turn.com
ad.turn.com
943 B
2 criteo.com
dis.criteo.com
652 B
2 google.ch
adservice.google.ch
2 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 360yield.com
ice.360yield.com
1014 B
2 bidstreamserver.com
ads.bidstreamserver.com
2 sellwild.com
widget.sellwild.com
cache.sellwild.com Failed
7 KB
2 exelator.com
loadeu.exelator.com
4 KB
2 facebook.net
connect.facebook.net
62 KB
2 exitbee.com
cdn.exitbee.com
settings-v2.service.exitbee.com
17 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
380 B
1 adroll.com
d.adroll.com
112 B
1 adentifi.com
rtb.adentifi.com
88 B
1 deepintent.com
match.deepintent.com
124 B
1 extend.tv
sync.extend.tv
546 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
272 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 bluekai.com
tags.bluekai.com
820 B
1 yellowblue.io
hb.yellowblue.io Failed
447 B
1 adkernel.com
dsp.adkernel.com
233 B
1 bumlam.com
sync.bumlam.com
680 B
1 sniperlog.ru
sync3.sniperlog.ru
369 B
1 exponential.com
tags.expo9.exponential.com
14 KB
1 playground.xyz
ads.playground.xyz
487 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smartadserver.com
rtb-csync.smartadserver.com
780 B
1 avplayer.com
player.avplayer.com
54 KB
1 smaato.net
s.ad.smaato.net
565 B
1 jsdelivr.net
cdn.jsdelivr.net
900 B
1 ytimg.com
i.ytimg.com
7 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 google.de
www.google.de
107 B
1 btloader.com
btloader.com
5 KB
1 videoplayerhub.com
mediatradecraft-com.videoplayerhub.com
713 B
1 googletagmanager.com
www.googletagmanager.com
39 KB
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 media.net Failed
contextual.media.net Failed
0 bounceexchange.com Failed
tag.bounceexchange.com Failed
0 cloudfront.net Failed
d2na2p72vtqyok.cloudfront.net Failed
0 zergnet.com Failed
www.zergnet.com Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
0 liadm.com Failed
idx.liadm.com Failed
659 122
Domain Requested by
35 cm.g.doubleclick.net 23 redirects ap.lijit.com
rtb.gumgum.com
aax-eu.amazon-adsystem.com
www.justjared.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
eb2.3lift.com
33 ib.adnxs.com 16 redirects ads.rubiconproject.com
player.aniview.com
eb2.3lift.com
cdn.undertone.com
acdn.adnxs.com
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
www.justjared.com
cdn.ampproject.org
ad.doubleclick.net
tpc.googlesyndication.com
24 eb2.3lift.com 9 redirects ads.rubiconproject.com
eb2.3lift.com
22 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
20 a.tribalfusion.com 6 redirects tags.expo9.exponential.com
www.justjared.com
a.tribalfusion.com
static.cloudflareinsights.com
16 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
15 x.bidswitch.net 15 redirects
14 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
13 ups.analytics.yahoo.com 11 redirects www.justjared.com
13 pr-bh.ybp.yahoo.com 5 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
image6.pubmatic.com
12 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
12 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
ads.rubiconproject.com
player.aniview.com
12 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
12 sync.mathtag.com 12 redirects
11 match.prod.bidr.io 11 redirects
11 platform.twitter.com www.justjared.com
platform.twitter.com
10 usr.undertone.com cdn.undertone.com
10 pagead2.googlesyndication.com www.justjared.com
www.googletagservices.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
srcdoc
10 track1.aniview.com www.justjared.com
player.aniview.com
10 sync-tm.everesttech.net 9 redirects ssum-sec.casalemedia.com
10 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
ads.rubiconproject.com
player.aniview.com
cdn.undertone.com
10 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ap.lijit.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 securepubads.g.doubleclick.net www.justjared.com
securepubads.g.doubleclick.net
9 pixel.rubiconproject.com 5 redirects aax-eu.amazon-adsystem.com
a.tribalfusion.com
9 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
eb2.3lift.com
9 c1.adform.net 6 redirects image6.pubmatic.com
9 ssum-sec.casalemedia.com 2 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
9 www.youtube.com www.justjared.com
www.youtube.com
9 js-sec.indexww.com www.justjared.com
ads.rubiconproject.com
ssum-sec.casalemedia.com
player.aniview.com
8 pixel.advertising.com 8 redirects
8 us-u.openx.net 8 redirects
8 ap.lijit.com 2 redirects www.justjared.com
ads.rubiconproject.com
aax-eu.amazon-adsystem.com
8 www.justjared.com www.justjared.com
7 token.rubiconproject.com 4 redirects aax-eu.amazon-adsystem.com
cdn.undertone.com
eus.rubiconproject.com
7 image4.pubmatic.com ads.pubmatic.com
7 www.googletagservices.com securepubads.g.doubleclick.net
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
a.tribalfusion.com
www.googletagservices.com
s0.2mdn.net
6 px.owneriq.net 4 redirects ssum-sec.casalemedia.com
6 s.tribalfusion.com 3 redirects a.tribalfusion.com
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
6 events.avantisvideo.com cdn.avantisvideo.com
6 id5-sync.com 4 redirects www.justjared.com
ads.rubiconproject.com
6 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
6 www.google.com 3 redirects www.justjared.com
www.youtube.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
6 c.amazon-adsystem.com www.justjared.com
c.amazon-adsystem.com
5 um.simpli.fi 3 redirects ads.pubmatic.com
image6.pubmatic.com
5 prebid-a.rubiconproject.com ads.rubiconproject.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 secure.adnxs.com 5 redirects
5 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
www.justjared.com
5 cdn02.cdn.justjared.com www.justjared.com
5 cdn04.cdn.justjared.com www.justjared.com
5 cdn03.cdn.justjared.com www.justjared.com
5 cdn01.cdn.justjared.com www.justjared.com
4 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
4 acdn.adnxs.com ads.rubiconproject.com
player.aniview.com
4 biddr.brealtime.com ads.rubiconproject.com
player.aniview.com
4 prebid-server.rubiconproject.com player.aniview.com
4 ads.adaptv.advertising.com player.aniview.com
4 hb.undertone.com player.aniview.com
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 1x1.a-mo.net www.justjared.com
4 b1sync.zemanta.com 4 redirects
4 cs.emxdgt.com 2 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 tlx.3lift.com ads.rubiconproject.com
4 pixel.quantserve.com 3 redirects www.justjared.com
4 sync.crwdcntrl.net 4 redirects
4 sb.scorecardresearch.com 2 redirects www.justjared.com
4 rules.quantcount.com 2 redirects www.justjared.com
4 www.instagram.com 2 redirects www.justjared.com
www.instagram.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 cdn.doubleverify.com s0.2mdn.net
www.justjared.com
cdn.doubleverify.com
3 gu.dyntrk.com ssum-sec.casalemedia.com
3 c.bing.com eb2.3lift.com
3 player.aniview.com player.avplayer.com
player.aniview.com
3 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.avantisvideo.com cdn.avantisvideo.com
www.justjared.com
3 g2.gumgum.com js.gumgum.com
3 p.skimresources.com www.justjared.com
3 tradecraft.s.llnwi.net www.justjared.com
tradecraft.s.llnwi.net
3 cdn.privacy-mgmt.com www.justjared.com
cdn.privacy-mgmt.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 inv-nets.admixer.net 2 redirects
2 pool.admedo.com 2 redirects
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 cs.admanmedia.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cdn.undertone.com player.aniview.com
2 tps20248.doubleverify.com cdn.doubleverify.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 dsum.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 r.scoota.co 2 redirects
2 beacon.krxd.net a.tribalfusion.com
ad.doubleclick.net
2 web.hb.ad.cpe.dotomi.com player.aniview.com
2 tag.1rx.io player.aniview.com
2 tracking.m6r.eu 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 ad.turn.com 2 redirects
2 aud.pubmatic.com ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
2 adservice.google.ch securepubads.g.doubleclick.net
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 sync.1rx.io 2 redirects
2 ce.lijit.com ap.lijit.com
2 ice.360yield.com 2 redirects player.aniview.com
2 ads.bidstreamserver.com widget.sellwild.com
2 fonts.googleapis.com widget.sellwild.com
s0.2mdn.net
2 cdn.avantisvideo.com tradecraft.s.llnwi.net
cdn.avantisvideo.com
2 hbopenbid.pubmatic.com ads.rubiconproject.com
player.aniview.com
2 fastlane.rubiconproject.com ads.rubiconproject.com
2 widget.sellwild.com 1 redirects www.justjared.com
2 onetag-geo-grouping.s-onetag.com signal-beacon.s-onetag.com
2 loadeu.exelator.com 1 redirects www.justjared.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 x.skimresources.com 2 redirects
2 ccpa-service.sp-prod.net ccpa.sp-prod.net
2 t.skimresources.com www.justjared.com
s.skimresources.com
2 r.skimresources.com 1 redirects www.justjared.com
2 get.s-onetag.com 1 redirects www.justjared.com
2 connect.facebook.net www.justjared.com
connect.facebook.net
2 message.sp-prod.net ccpa.sp-prod.net
2 edge.quantserve.com www.justjared.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.gstatic.com www.justjared.com
www.youtube.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 d.adroll.com 1 redirects
1 ade.googlesyndication.com www.justjared.com
1 spl.zeotap.com ads.pubmatic.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 tps.doubleverify.com cdn.doubleverify.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 public-prod-dspcookiematching.dmxleo.com a.tribalfusion.com
1 static.cloudflareinsights.com a.tribalfusion.com
1 tags.bluekai.com 1 redirects
1 hb.yellowblue.io player.aniview.com
1 ad.doubleclick.net www.googletagservices.com
1 dsp.adkernel.com 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
1 sync.bumlam.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 dclk-match.dotomi.com 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
1 dfp-gateway.s-onetag.com get.s-onetag.com
1 tags.expo9.exponential.com securepubads.g.doubleclick.net
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 go1.aniview.com player.aniview.com
1 player.avplayer.com cdn.avantisvideo.com
1 play.aniview.com cdn.avantisvideo.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 ie-lb.gumgum.com www.justjared.com
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 geo.rlcdn.com ats.rlcdn.com
1 htlb.casalemedia.com ads.rubiconproject.com
player.aniview.com
1 hb.emxdgt.com ads.rubiconproject.com
player.aniview.com
1 ats.rlcdn.com tradecraft.s.llnwi.net
1 cdn.jsdelivr.net ads.rubiconproject.com
1 settings-v2.service.exitbee.com cdn.exitbee.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 static.doubleclick.net www.youtube.com
1 www.google.de www.justjared.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ads.rubiconproject.com tradecraft.s.llnwi.net
1 cdn.exitbee.com tradecraft.s.llnwi.net
1 ajax.googleapis.com www.google.com
1 js.gumgum.com www.justjared.com
1 b.scorecardresearch.com www.justjared.com
1 s.skimresources.com www.justjared.com
1 cdn03.cdn.justjaredjr.com www.justjared.com
1 cdn02.cdn.justjaredjr.com www.justjared.com
1 cdn01.cdn.justjaredjr.com www.justjared.com
1 btloader.com www.justjared.com
1 mediatradecraft-com.videoplayerhub.com 1 redirects
1 ccpa.sp-prod.net www.justjared.com
1 www.googletagmanager.com www.justjared.com
0 ads.stickyadstv.com Failed a.tribalfusion.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 creativecdn.com Failed rtb.gumgum.com
0 p.rfihub.com Failed rtb.gumgum.com
ssum-sec.casalemedia.com
0 tg.socdm.com Failed rtb.gumgum.com
0 sync.technoratimedia.com Failed rtb.gumgum.com
0 sync.ipredictive.com Failed rtb.gumgum.com
0 sync.outbrain.com Failed rtb.gumgum.com
0 ums.acuityplatform.com Failed ap.lijit.com
0 contextual.media.net Failed ap.lijit.com
0 cache.sellwild.com Failed widget.sellwild.com
0 tag.bounceexchange.com Failed tradecraft.s.llnwi.net
0 d2na2p72vtqyok.cloudfront.net Failed tradecraft.s.llnwi.net
0 www.zergnet.com Failed tradecraft.s.llnwi.net
0 c2shb.ssp.yahoo.com Failed ads.rubiconproject.com
0 prebid.a-mo.net Failed ads.rubiconproject.com
0 api.rlcdn.com Failed js-sec.indexww.com
0 match.adsrvr.org Failed js-sec.indexww.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
ads.rubiconproject.com
eb2.3lift.com
www.justjared.com
cdn.undertone.com
image6.pubmatic.com
0 idx.liadm.com Failed js-sec.indexww.com
659 213
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.privacy-mgmt.com
R3		 2021-02-03 -
2021-05-04		 3 months crt.sh
*.sp-prod.net
R3		 2021-01-10 -
2021-04-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-06 -
2021-10-06		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-01-13 -
2021-04-12		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.gumgum.com
Amazon		 2020-11-14 -
2021-12-13		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
cdn.exitbee.com
GTS CA 1D2		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
settings-v2.service.exitbee.com
GTS CA 1D2		 2021-01-26 -
2021-04-26		 3 months crt.sh
*.sellwild.com
Amazon		 2020-05-21 -
2021-06-21		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
ats.rlcdn.com
GTS CA 1D2		 2021-01-12 -
2021-04-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.avantisvideo.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
geo.rlcdn.com
GTS CA 1D2		 2021-02-23 -
2021-05-24		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
admin.bidstreamserver.com
R3		 2021-02-24 -
2021-05-25		 3 months crt.sh
*.id5-sync.com
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.a-mo.net
Amazon		 2020-08-24 -
2021-09-24		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
outstreamedia.com
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-02-11 -
2021-04-20		 2 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-09 -
2021-03-09		 a month crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-02-16 -
2021-05-17		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
gu.dyntrk.com
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.ramp-ut.io
Amazon		 2020-11-07 -
2021-12-06		 a year crt.sh
*.yellowblue.io
Amazon		 2020-06-21 -
2021-07-21		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh

This page contains 103 frames:

Primary Page: http://www.justjared.com/
Frame ID: ED87421500486B2273A4C9C77646364C
Requests: 233 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5WYzd9R-NgQ
Frame ID: 2673694AD90640DF88EE5943FF6E99CA
Requests: 17 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.36208504231568317
Frame ID: 9CE7B8403FFCD382C7D683AA84FCE569
Requests: 3 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 3489D2D67EFFA16063013AC728E9027B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fwww.justjared.com
Frame ID: 6B17D4A16B6BE9624DB87B0CE0CF1C31
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 7F4FAB7080566AFA889042938F869231
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 121C2A8CE26902F43EDAA65F40FCF4A5
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 20120078CF31DDBA247F2A91864B81E3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: E4725CACB7F797B6D65F259EA24AAB2C
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: BEC35D4C8DC746EF349BC725ACC2C128
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 46E077DF929FDED05E29D5FEBC76EF30
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: DFAF587AE7FC134BF6A1B6F9674230A9
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: DAB6B6C19001931CDC4EE710A6654FCE
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: E539D283085C4B042F86F543D260A6E4
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Frame ID: 659119F40D068A8A27E2291081FB8B24
Requests: 1 HTTP requests in this frame

Frame: http://edge.quantserve.com/quant.js
Frame ID: 98B9DEE057E77138D59BF81B58F6FEF7
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: A34937DE6EB84EEB3D7B9DE84939A5DB
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 28D47644B8C84443D90E18FC97997E9D
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Frame ID: 9F2D4D381EA22956ECE752262D2EDC29
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: CBCF00F0C332193A37991B14DA813E7C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: CEA0E4A72E7BBEC94D2BCB646086177D
Requests: 12 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Frame ID: 40569F3ACA8A82F364A7F81179F3DBAC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: 1484737BA16A0AD9E911C57C2BC06EB0
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14265147511909007455
Frame ID: A7A897455F2EFCDCA12C722858503D16
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
Frame ID: DD24CE963538E25509733D0A77579521
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
Frame ID: C82788F0D8C92B9328601BB9B544C1A0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 52BEF4F8982F12479BC82DD4FD470DCB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BBA1C4466CE11DCF34C998A35AF1E02F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3E2B0FC7D8CADA11BB060E6A67578FA8
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
Frame ID: B5C8D408DA40238B2A789DD57F2E5C72
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 39B6EEBF407AD22FB96C34BB39DCAFEA
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=42796&in=1
Frame ID: 83B2EFA2F06FC67E87B77B023AB968CF
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: FEA4694702307F0A75D5EBEE99F886EA
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Frame ID: C716C4DEFE6C3212E5354E08BB3AC655
Requests: 3 HTTP requests in this frame

Frame: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: C7FA0C830550456C2A7B05DFE5853A81
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 9FD599ADEAD3511F916C8FF425E9F6A9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3BC5AEE72CF2CB51EB0ADA65C770169C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CB637F3BD338164F39108669068139AA
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2DDFB06108C701B749D7B641AC76C9D7
Requests: 12 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3888465F072FC6FBB2FFC2CEA9AB2C83
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1840408437750438419
Frame ID: 86F7297DE84241688E778441DFF0BBDE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIH207AciUAABIgh09E5Q
Frame ID: 60529657C1A45325333E6013900200E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933593150238226581
Frame ID: 663A53F3D446487DDF3695EC500F6FAD
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3A4F97C7-27EC-4363-A749-0B5C34DC9598&ex=pubmatic.com
Frame ID: 8BCFCC174A4F75BC84F6E95715DC2D7E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE3bSIDjj-TcYl7UFK5bB_yZZeiGHpd2hfy1WOlWFODnM-cr_cTsoUGk_8p18m22R75LMEiR6jXPt6nVUM3iOepXziZHm41oOfjnrH8LiFEGAs0Q5YzEb7F5DX5_tEhav9JXpjPzIP-6-BuQDP3Dcr61Tk8WXSO6cwYe-2xo-LhLsUMQXRC6cWegvxbS1NF1QXrdFU6BoD27almCKZSeumL6xRPo16yBCxalowVIXKjXWqPgTscPRtriiC7NUohhHsDsZumzMvZkAhA22Qttyl95p8036eN8bVLglrCrTEqZ6hp6HjYCJDhYbcBO2_MiOfql-pEr5Jts-7AlGiO8BifxzOrTRYzi183QLrHd5Tr5nVnNjMmnIcAdavKTs-d9-omETseltJrsZ96uaojQ&sig=Cg0ArKJSzHYtw9KybakBEAE&urlfix=1&adurl=
Frame ID: 0339F107DDA4A09CD2CE1F41A52E376B
Requests: 8 HTTP requests in this frame

Frame: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: EDF64D1A073AA8ED86D36A1B89EAD5D3
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D39D7781AE8A52A2C2D96C0F9B21CD1
Requests: 9 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aimT09Wd3VWrb15rIqUa7mTTM8SEYIRVfCPbIxRHvdUVMP4UusndiOYqTM4WvZaQVrF26BZbotIyTtYfXrnc1UBi0qZarRFYFUFZbSTdrWnFQsQFrq1Evt5Ejf2q3RmaMD1rZb6WtbXmPbDnGMwotfH3EUh2HiN56JEnUMZaXGnV1c3V0VvxpTb42rFQWUZbDVPfYREnQPVrNPHbw0HZbpWAMx4sBU0UZbDTBInR9QSrwvgmr&mediaDataID=6546596&mediaName=frame.html
Frame ID: 4BEC834165AF91CA847E27FF406329D8
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
Frame ID: 2B8D01E90188488645892B8B752D064C
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=akmT09WUYXTtQ2mrJuRbBt1Evq5qbc5aYRmEZbKYrZb8WHbWmPnZamGvwpHUH5qQ83Hmt3PnZanbrEXc7XYs34XG7NnEBV3rUTVbfZcUP3TQqb2PsZbtStFy0dnoWAYp2GB40UUKVAqw4ABgP67K2dZbn0WYKmWAo5An15Vr8TcQ7Ucb8RAFuWdY3TUM53UarWqbqTT3lPavGRc7ZbQFZaoSdvaUVb52F6xmVPqTHqIs3Y2OF&mediaDataID=4056396&mediaName=frame.html
Frame ID: E10CB7F14C592AA39C4785383EA37526
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=almT09Wrb15bEoWTYxWqBcSTQZcRcbZcRFAvRWQkWVMT2FuqmtioYqmp3dYBSsfZd4AJZcmtPsTHBhXF7iYFBhXaioRrnFUrQ1VWYWobjxQbrpXTFs3TBi4ErXmqBIYFU8WHbQomnBnVjuoHrJ3qZbl3teq4mbGnUUGXcnRYc30XG7nnEvT5UY2WbnHVAv2QEr2ScYMPHjs0HJtWPQu3VY30UZbDVmiw47f92S7nq3Np4U&mediaDataID=2713736&mediaName=frame.html
Frame ID: A4CE1FFF5904CBD51F7E489E8769CC55
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aAmT09TFfFUAv4PTvRPVYqSt7s1WftVP3p2cnWXUUIVmqr4AUbQ6bK3WnnXd3Dnt2x3mJS5cMgTGBlWsbgPP3MUtMUUUjX3FiuUaQvWaJ8PEBZdQVjJQFqsRd3iWcbT2FuooWiOXaan2dvZdQsrC4mQZbpWEyTt7fXFncYUBlXaiMRrJHWU3SWWJ0nU3mPFFp1EQy4ajd5TQ3naJDXUZb7WHMXoAfBntFnNqrosEtLJV&mediaDataID=6680176&mediaName=frame.html
Frame ID: 0BDC4E6889CF28401B12B0B6AE280F50
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpPUZbpXTJr3Tjf4qn1nEFIYbbhUHbSoAnZcnVvtpHnJ2Enl5HiM5mvZdpbjZcXVv0YGZbT0V7vpT7Q3FMTVb7GW6jTRTYQPVZbmPdUOYtfqVAQv2cMUXbZbIVmqp26UePmnI2WQO0dBZcndEu4P3Y5V3eTGQbWcbkPP3oUtFWWr7P2F2sVEMqWa38STUFRcfBQFIsStUdVsMW2F6xodqOXFZauPTvqqhTjFs&mediaDataID=5436426&mediaName=frame.html
Frame ID: 686DF2BBDF2752483A5892ED0C921F94
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aCmT095bEpUqroWqBaQTUZaQVbZbRbAnStYiWGU34FumodimXamN3dMZdPGJC2AUEoWXrVHY7XrvkYrQ70qirPbQCUFv1VWY5mUYxRFJNXqFn4EUk2anPnTfGYUffUtMSoAnIpsvwoWbL3EQ73Hmm5A7ZamFvEXcYXYG340G7MpT743FFVTFjZcV67YPEY3Qs3mStBr0HBxWPUy3Gr4YrULVmiw2PZbePQYBPaQEsZaUKD2&mediaDataID=6347136&mediaName=frame.html
Frame ID: 8A09473A05FFA6386EFC8090A8B84198
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REM1QGvsPtjyYtZbwWPju2cvUXFMBTmqn2PUdPmbH3WUO1WMZcpWAn5PBP3cb6TsYjWGr6RA3wWd3RUbFX3FZamWqnvTErlPaBIRGQIRrEoSHn7VcY54r6modis0Emp2tfZbQGfZa4AJJodAsUdZbhXFYiYrBh0ainPbQZbUFBYTtUWnUQsRbfoXqnn3TBa5TYQnaZbHXF78TdbPoAfBpG7wosZbCQtQ0tFLZdZd3&mediaDataID=6807466&mediaName=frame.html
Frame ID: 8F5BEF4EDF2F84A4CFAC98233722F921
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aEmT09orJmRUjt1TUm5E7j2ajXnqBCXFjfUWZb0mAnKpGvroWnE2EU72tZam3mbFnbbZb0V7PYsUV0cnpnE7V5U3SVUJGW6n2PEMQSsnMPHUu0dvoT6Yx2GM0XrnDTAin2PU7RPbK2HBM0W3AnW2y56YS4GngTGvlWGbgRP3NWd33UbM05bAuVTjwVaYjPErIQVFCQFAwStQ9VcQT5bupodqO0qep2VBE3rfttlJZcEC&mediaDataID=8039566&mediaName=frame.html
Frame ID: D003DA15DD24A925A666BBABD6B0EAF4
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Frame ID: 2BDF129FE9269D35DFE1B8B404A9DA14
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7015C70AB679E2B4D59FFF2F0CE638DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D266C621EDE29A31CE795AFD28B4EB9A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1D9F3501E963A7706913489B34D83649
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 00C7FDF8BBED1F4BA5B0D143F610543B
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FB10CBEAFFE60F29E21613ADB0B0B76C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7912FE709C80ECBF155F1021DDAA00F7
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8A1398BDCC3E8036741B188B9B48A661
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 5EE2FA6A7AF6A37571359AAD2BE5345A
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7C05A47DBC81159AB61C2721EB9E5128
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: D6BE5F31400CB7F56DE1A07A9B621CD6
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AD8108C63BCB7EF13A151E730FAF6DFA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4FDE3A5D4B87E65AB1C4ED12FA9E5ED9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7C67CD361E1BCB2D10D3A5E5BB0BDFAF
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 0311AA972581C9FDE31882932142B88B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 91E0E46A70B8F22C5A4E308C73443F7B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D440B5883104417AE021397EEF62203D
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7940111A07458E6604F2534B2D4E2D8A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 875F3718BF5828D7D5E3A2474CE251D0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5F448573185B5A0233B905154CDDD06C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ACB40D2C67DC24E18153CB277CED32BB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Frame ID: 3BEB898694F081412FF823C54B9A59AA
Requests: 16 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements991.js
Frame ID: 4FDFC62E2CB8EA682CB2DD1E8905EC68
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 1DEB9270179DCC2C35AD8C5AB987632A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 41D01734DF6AAF5F8D96B03754BF7508
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8433416658489623879
Frame ID: 1F3BAB8EAB14F77CFC0E7B40E2B4B564
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Frame ID: A2184D1FA087B657190EF9174DE1D375
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 705CB14D0B0A1C71D11047E3FB6FE020
Requests: 3 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: D784593F426CFA9A06E265BB08E2982D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 18697BE6E1A8AC6D0650AF59125EB06D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 25611F094A31D30669A18B9DB227A1BF
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 17F88061F9A0800DCD1D721728627AC2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BD23757784836751A96507EFD1851FA3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 670B792DAEBAB48D1A7F9BBE2F9D2F86
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 581C217CDB229DD56119F116F4AACD72
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: ACEBAB1E8273C31E310CA841268E8938
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A31057531EF4DA6969F1A7B0B86987A4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 6ED79076553880AAB60FAC9F4D006AED
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: FDAADECE1786F3B5A1870EDEDF240861
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Frame ID: DF9BE192690CC65D47BECEA857AA53F8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Frame ID: 25A3DB57C7CAB4CE9E5009BEB90E27BC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Frame ID: E6AC3ADBF522215719DE98FDC49CF724
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0E0DA4E6ECF114618C82F70748AB2973
Requests: 3 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: B7F29A2CFACEBDE8F21D3A3357E205F1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3A2808C41CDF1EA7730F656FF7B8E33B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3BB81C9C2CA16D7A1B42E7F983BADB34
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: FCD7055458D77AA862B2974CA5296522
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

659
Requests

79 %
HTTPS

33 %
IPv6

122
Domains

213
Subdomains

139
IPs

10
Countries

5375 kB
Transfer

13385 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 13
  • http://mediatradecraft-com.videoplayerhub.com/galleryloader.js HTTP 301
  • https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Request Chain 20
  • http://www.instagram.com/embed.js HTTP 307
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 50
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 56
  • http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js HTTP 301
  • https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Request Chain 58
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01EZFEY9YAYY7Z073WSP4M5BVT&persistence=1&checksum=c30180d9c8e7879bac1dacd94c45700c367dc56118ce6bb1dd9993026924144f
Request Chain 74
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js HTTP 301
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Request Chain 76
  • https://sb.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=&cs_ak_ss=1
Request Chain 78
  • https://www.instagram.com/p/CLuicxUpjaW/embed/captioned/?cr=1&v=13&wp=326&rd=http%3A%2F%2Fwww.justjared.com&rp=%2F HTTP 302
  • https://www.instagram.com/accounts/login/
Request Chain 82
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816 HTTP 302
  • https://p.skimresources.com/?provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816&skim_mapping=true
Request Chain 85
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 99
  • https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent= HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
Request Chain 110
  • http://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=justjared.com;je=0;sr=1600x1200x24;dst=1;et=1614352951697;tzo=-60;ogl=site_name.Just%20Jared%2Ctitle.Just%20Jared%3A%20Celebrity%20Gossip%20and%20Entertainment%20News%2Curl.http%3A%2F%2Fwww%252Ejustjared%252Ecom%2Ctype.website%2Cimage.http%3A%2F%2Fcdn01%252Ecdn%252Ejustjared%252Ecom%2Fwp-content%2Fuploads%2Fsidebar%2Fjustjared-home1%252Ejpg HTTP 301
  • https://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=justjared.com;je=0;sr=1600x1200x24;dst=1;et=1614352951697;tzo=-60;ogl=site_name.Just%20Jared%2Ctitle.Just%20Jared%3A%20Celebrity%20Gossip%20and%20Entertainment%20News%2Curl.http%3A%2F%2Fwww%252Ejustjared%252Ecom%2Ctype.website%2Cimage.http%3A%2F%2Fcdn01%252Ecdn%252Ejustjared%252Ecom%2Fwp-content%2Fuploads%2Fsidebar%2Fjustjared-home1%252Ejpg
Request Chain 119
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 123
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 126
  • http://widget.sellwild.com/justjared/justjared-justjared-desktop.js HTTP 301
  • https://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Request Chain 158
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Request Chain 161
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns__t=1614352953276 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns__t=1614352953276&cs_ak_ss=1
Request Chain 169
  • http://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js HTTP 301
  • https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Request Chain 170
  • https://id5-sync.com/s/441/9.gif?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F441%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3606964892088964558&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/7/3.gif?puid=992f6039-123d-4000-bf14-db31a1b75ddd&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=f159aa8d-b47a-43a5-b709-71534cdba0c9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 172
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=cb452245f6cedcf85d38
Request Chain 173
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fex%253Dbrealtime.com%2526id%253D%2524EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=869083837681879840&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Request Chain 180
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14265147511909007455
Request Chain 184
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=4TJhmOYwYZj6YGfEtTR_xLUyN5b6ZmGY4zA_Kpi7
Request Chain 185
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 186
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2&google_tc=
Request Chain 191
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3606964892088964558
Request Chain 192
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8333865058310645402&ssp=gumgum2 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8333865058310645402&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
Request Chain 194
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=c98ea2a9-b594-44a2-93c3-d3b9bf10ab08
Request Chain 195
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-e30af07d-b4f9-44d7-6c2b-5a6dc873fa67$ip$185.156.175.107
Request Chain 196
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-HtmKXiN1lxBhxdOUC5I93Z7TekvsBWznvJgu
Request Chain 199
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 200
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 201
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=tT1EHTCHkWzQ&ev=1&pid=558355
Request Chain 203
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
Request Chain 204
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
Request Chain 208
  • https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Frtb.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
Request Chain 255
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 262
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 266
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSOg07e116RGehPSyt9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDkSOg07e116RGehPSyt9QAABLAAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBcLXqi9ntlEJoFzTbli5KA&google_cver=1
Request Chain 269
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47DC3FD289284E6A949B55EFFA729B2B
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YDkSPAAAAJVxalZV
Request Chain 276
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1840408437750438419
Request Chain 277
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRUxFN0FjaVVBQUJFeVBWdWVPQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEyaE7AciUAABAcgOPlog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9099003716992326377 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEyaE7AciUAABAcgOPlog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D9099003716992326377%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=9099003716992326377&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEyaE7AciUAABAcgOPlog&pid=558502&do=add HTTP 303
  • https://match.prod.bidr.io/cookie-sync?userid=9099003716992326377&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEyaE7AciUAABAcgOPlog&pid=558502&do=add&_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIH207AciUAABIgh09E5Q
Request Chain 278
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933593150238226581
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ok-XxyfsQ2OnSQtcNNyVmA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 282
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 283
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&addseg=31
Request Chain 284
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5403836308184895547
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC6826wgNMBEDcEffemO6kE&google_cver=1
Request Chain 287
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7c626039-123d-4b00-8397-53feeb4111dc&gdpr=0&gdpr_consent=
Request Chain 288
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3606964892088964558&gdpr=0&gdpr_consent=
Request Chain 289
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z3hUlfN1l2L_mGWZvkcNEz0kHPZegfg-&gdpr=0&gdpr_consent=
Request Chain 291
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ph2UgXTmS-VoqeYqZ0BXBrmcr2s&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6e84e00-efb9-4880-a8fb-a7fbfc724e47&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 292
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0
Request Chain 293
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7531704135582063802&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 294
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YDkSPAAAAI5xa1ZV HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDkSPAAAAI5xa1ZV&gdpr=0&gdpr_consent=&_test=YDkSPAAAAI5xa1ZV
Request Chain 295
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348&gdpr=0&gdpr_consent=
Request Chain 297
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:61c4655d-e491-4f85-9c93-37603d91d908&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 298
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3606964892088964558
Request Chain 324
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLMG2H7Q-1C-35F9&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 325
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwODYzZTZmMWFlOTdhYWEzODcxOWY5MTRlYWU5NTUzNDQwMDllZQ&gdpr=0
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WJIVNEPNgbw1Ato8NDaKOsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=748211491029083211
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECUztMiIG6GK9ODhe0K17A8&google_cver=1
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDkSPAAAAKQw4VLS&gdpr=0
Request Chain 330
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLMG2H7Q-1C-35F9&sigv=1&esig=2~19354d99a3e487680a794c8b8ed67695c4b590f2&gdpr=0
Request Chain 332
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&gdpr=0
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEZuoiLUCoNnX-HBF6NookI&google_cver=1&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7VP5XUOPzLzmwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7VP5XUOPzLzmwQ
Request Chain 360
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM3pQi0z5ieAOyat1q3eCaU&google_cver=1&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM3pQi0z5ieAOyat1q3eCaU&google_cver=1&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp&google_tc=
Request Chain 361
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESENEez-0OYfIaMoZe68hw2pQ&google_cver=1&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM HTTP 301
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESENEez-0OYfIaMoZe68hw2pQ&google_cver=1&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM&google_tc=
Request Chain 362
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJaz8fJWZvaTKwfsVA9x2us&google_cver=1&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9zp-XTbebY8GFzmnyl5-Fze1mhS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9zp-XTbebY8GFzmnyl5-Fze1mhS
Request Chain 406
  • https://tags.bluekai.com/site/4229?id=18072662211632556840&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=V5VC%2F99999en9MkQ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b3&u=V5VC%2F99999en9MkQ
Request Chain 408
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662211632556840&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662211632556840&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662211632488981&expires=180
Request Chain 410
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662211632556840%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662211632556840&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Request Chain 411
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662211632556840 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKjaMN_8g-7Xins2PTP_zS8&google_cver=1&google_ula=2786954,0
Request Chain 412
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272
Request Chain 413
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true&apid=UP77ee1f0a-7846-11eb-92c8-02014e65fe46 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=UP77ee1f0a-7846-11eb-92c8-02014e65fe46
Request Chain 414
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662211632556840&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662211632556840&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662211632493764
Request Chain 415
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662211632556840&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662211632556840&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662211632487873
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Request Chain 439
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Request Chain 441
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Request Chain 442
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 443
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Request Chain 444
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Request Chain 449
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Request Chain 451
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Request Chain 452
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 453
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Request Chain 454
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Request Chain 459
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Request Chain 461
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Request Chain 462
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 463
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Request Chain 464
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 468
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YDkSOg07e116RGehPSyt9QAABLAAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Request Chain 471
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7531704135582063802
Request Chain 472
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDkSPAAAAKQw4VLS
Request Chain 474
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=65598b5c-138f-4283-b7c4-1ff008446606
Request Chain 475
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6676393601747827861&uid=Q6676393601747827861&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 477
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Request Chain 479
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Request Chain 480
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJu007AciUAABBWdKs-jw&expiration=1615562561
Request Chain 481
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
Request Chain 482
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSOg07e116RGehPSyt9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
Request Chain 483
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6ebfaf0a-4da1-4ecf-a748-7d421741bdb7&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&C=1
Request Chain 486
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Request Chain 488
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGELE7AciUAABEyPVueOA&expiration=1615562561
Request Chain 489
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Request Chain 490
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
Request Chain 492
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6676393602141516511&uid=Q6676393602141516511&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 531
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGUfRaZ0vUquuyXGUuovu0&google_cver=1
Request Chain 533
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1019760091930897362
Request Chain 535
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8433416658489623879
Request Chain 537
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e2-g6Y8rTmulxoUHuuCPnQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e2-g6Y8rTmulxoUHuuCPnQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 539
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 540
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&addseg=31
Request Chain 541
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0I2RkEwRTktOEYyQi00RTZCLUE1QzYtODUwN0JBRTA4RjlE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0I2RkEwRTktOEYyQi00RTZCLUE1QzYtODUwN0JBRTA4RjlE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 557
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Request Chain 558
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YWNhM2NmMi03ODQ2LTExZWItODE2My0wNjg2ZGUxY2MwY2E%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA3YWNhM2NmMi03ODQ2LTExZWItODE2My0wNjg2ZGUxY2MwY2E%3D&google_tc= HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true
Request Chain 559
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 561
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
Request Chain 562
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Request Chain 564
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TDP-W-I32M
Request Chain 565
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Request Chain 567
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
Request Chain 568
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Request Chain 570
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TEJ-K-HE5I
Request Chain 571
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Request Chain 572
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 605
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:260b6039-1249-4500-902b-57dbb4b8fb78&gdpr=0&gdpr_consent=
Request Chain 606
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4782643470795332688&gdpr=0&gdpr_consent=
Request Chain 607
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Request Chain 608
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc0f6039-1249-4900-b21a-d044e90b70dd
Request Chain 609
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Request Chain 611
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7742c3cb-a9c3-4887-a17d-91ee067d1a9c HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7742c3cb-a9c3-4887-a17d-91ee067d1a9c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3115095e-6922-4aff-b47e-a2753ce8e53a&user_group=1&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=3115095e-6922-4aff-b47e-a2753ce8e53a&user_group=1&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 612
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3ba0fa49e2cc6556f9c5cffd3f36816
Request Chain 614
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f63d6039-1249-4400-be44-db263e06d677
Request Chain 616
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:487e6039-1249-4400-8c80-b9aca147af58&gdpr=0&gdpr_consent=
Request Chain 617
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6800342852032022963&gdpr=0&gdpr_consent=
Request Chain 618
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Request Chain 620
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D7742c3cb-a9c3-4887-a17d-91ee067d1a9c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=31ab78feb02742258074cdb4c827fc14&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 621
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=525f031c17dd5e0d
Request Chain 623
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f3326039-1249-4000-80ef-9bd106730425
Request Chain 625
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5b366039-124a-4b00-8706-cf371950639d&gdpr=0&gdpr_consent=
Request Chain 626
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5175968465026429813&gdpr=0&gdpr_consent=
Request Chain 627
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Request Chain 629
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D7742c3cb-a9c3-4887-a17d-91ee067d1a9c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e3a1dcfab8224b5e9296e26ea33393c8&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 639
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Request Chain 640
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Request Chain 652
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 656
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAIosEaTcZKvDFpC4rgfJXk&google_cver=1
Request Chain 657
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&dcc=t
Request Chain 658
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSVv-WuIoafbBFok2kcAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOrdtHqhDx8LjfdGVBa4Mig&google_cver=1
Request Chain 661
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 662
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7e5f636d-81d4-407f-8d5e-14d6c19bb9c2&expiration=1645888982
Request Chain 664
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

659 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.justjared.com/ 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a11778dc276659c0e7a85715199200d76296ec6690e187d1d52dabbc5ac48525

Request headers

Host
www.justjared.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Connection
Keep-Alive
Cache-Control
no-cache
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Last-Modified
Fri, 26 Feb 2021 15:18:30 +0000
Server
nginx
Vary
Cookie
Expires
Fri, 26 Feb 2021 15:22:29 GMT
NC
HIT
Access-Control-Allow-Origin
*
X-HW
1614352950.dop009.fr8.t,1614352950.cds007.fr8.sc,1614352950.cds007.fr8.p
style.css
www.justjared.com/wp-content/themes/default/ 		36 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dcfd1cc451aa670a4498ca8dfc6aa06ae18807ff7ae962365bdc2fd8e0c8cea0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
W/"60346da3-907f"
Transfer-Encoding
chunked
X-HW
1614352950.dop226.fr8.t,1614352950.cds233.fr8.sc,1614352950.cds233.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Expires
Fri, 05 Mar 2021 15:22:30 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8511835fab4343679793f8cbd83a2e7e84e6e29862c924fab1ea60a5eb67cbf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39486
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Feb 2021 15:22:30 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/ 		149 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:50:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 21:27:26 GMT
server
AmazonS3
age
1931
etag
W/"a4f076c6663c59bdd617e07c8c108846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
LwtRKf2RTy-uzNxL_OhbMPUF3mKwKt0d08Ots3lKUQhKzBHKduMFEw==
ccpa.js
ccpa.sp-prod.net/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.sp-prod.net/ccpa.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7747964377b30d4dbf0abee6a976260c1a20914768b67ce0a2296af7a1740939

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:56:29 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 03:43:24 GMT
server
AmazonS3
age
1562
etag
W/"da07bbe2c7b15544b864897aec0ac364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
KyGQh5lshaBz7h3_gvsShEtdoNuVydm10twTqJfVK_i36J4YJmEsuQ==
jjlib.js
tradecraft.s.llnwi.net/v1/pub/01/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/jjlib.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
178.79.208.44 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-208-44.ams.llnw.net
Software
CloudStorage /
Resource Hash
cb4159ccb2bb649ec9b75a62d06814c6a4a0e62773d1b5d69e3aee6ced1d6ee5

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Wed, 06 Jan 2021 14:11:37 GMT
Server
CloudStorage
Age
90468
Content-Type
application/javascript
X-Agile-Checksum
cb4159ccb2bb649ec9b75a62d06814c6a4a0e62773d1b5d69e3aee6ced1d6ee5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2559
X-LLID
aa2bc1a06987fe33d92e2450349443d6
191040-27970744739601.js
js-sec.indexww.com/ht/p/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js-sec.indexww.com/ht/p/191040-27970744739601.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
417f9902b9d1f7f3c5a3e2db63ec0ed0a80d2220127038dc41b9ab006a0cdf34

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2021 14:50:36 GMT
Server
Apache
ETag
"901735-97de-5bc3e640e6ad1"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1834
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13122
Expires
Fri, 26 Feb 2021 15:53:05 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:18:40 GMT
Content-Encoding
gzip
Age
230
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Timing-Allow-Origin
*
Server
Server
ETag
d7c8ebbead57940cf77ae4183f7ff01a
x-amz-version-id
pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
Via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
OBu2HEskOsOr3YoASrijw9t9nB5-XLg1GmizUVIl0xqMPNaNgB_VIQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
8b43e98242d9a89a8f22344e8fe3bc4feb7dc3fa2251f064a4514652cb7f9b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"795 / 637 of 1000 / last-modified: 1614341778"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19397
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:31 GMT
pagenavi-css.css
www.justjared.com/wp-content/plugins/pagenavi/ 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/plugins/pagenavi/pagenavi-css.css
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
W/"60346da3-55d"
Transfer-Encoding
chunked
X-HW
1614352950.dop225.fr8.t,1614352950.cds221.fr8.sc,1614352950.cds221.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Expires
Fri, 05 Mar 2021 15:22:30 GMT
loader.js
www.gstatic.com/charts/
Redirect Chain
  • http://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19830
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 23 Jul 2020 17:43:26 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:16:18 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
372
Content-Type
text/html; charset=UTF-8
Location
https://www.gstatic.com/charts/loader.js
Cache-Control
public, max-age=1800
Content-Length
237
X-XSS-Protection
0
Expires
Fri, 26 Feb 2021 15:46:18 GMT
jquery.mobile.custom.swipe.min.js
www.justjared.com/wp-content/themes/default/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/js/jquery.mobile.custom.swipe.min.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
3dd3eddc67a3bcd0b6d9785767b3096b2fbeb7f12347dccd755e3cd6be0a712b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-22e2"
Transfer-Encoding
chunked
X-HW
1614352950.dop246.fr8.t,1614352950.cds247.fr8.sc,1614352950.cds247.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 05 Mar 2021 15:22:30 GMT
jj-mobile.js
www.justjared.com/wp-content/themes/default/js/ 		424 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/js/jj-mobile.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
d533d520a7bc97bbb3f7eb3fdbbe4a9a0e42495c5fd6cd3c0adaec0f07f4dc4c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-1a8"
Transfer-Encoding
chunked
X-HW
1614352950.dop239.fr8.t,1614352950.cds103.fr8.sc,1614352950.cds103.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 05 Mar 2021 15:22:30 GMT
jjh.js
tradecraft.s.llnwi.net/v1/pub/01/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
178.79.208.44 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-208-44.ams.llnw.net
Software
CloudStorage /
Resource Hash
dadf88e285287bca6316616c72fec035267982ac5da6e6c6980aa655236c5368

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:30 GMT
Last-Modified
Thu, 25 Feb 2021 14:12:52 GMT
Server
CloudStorage
Age
485
Content-Type
application/javascript
X-Agile-Checksum
dadf88e285287bca6316616c72fec035267982ac5da6e6c6980aa655236c5368
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36534
X-LLID
a719c2554efc3ebeac8c32589b801d77
tag
btloader.com/
Redirect Chain
  • http://mediatradecraft-com.videoplayerhub.com/galleryloader.js
  • https://btloader.com/tag?h=mediatradecraft-com&upapi=true
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9731f788ddc8668529c69c750d2037c44291f0b9c4a692058e155eeee0af73bc

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2918
content-encoding
br
cf-request-id
0880883f4d00003140979fa000000001
server
cloudflare
etag
W/"944ebae52fece09e90e0526aa81d7901"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ke8EbT%2FRTsBtSTBL5zdSr4k96K4%2FLRoG32zLvfn%2BbLAnYlO47fEgGS1KGNlNmqHeXzf8Hcuuid6xOBgnWmM%2Bc5WH1LSJ4WLEW7aW8r%2BofXcos9S4IZoptE4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
627aa9787ce63140-FRA

Redirect headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gTAoZAQe8XHm7rOSurpAD2c%2Bia9SUTh2hLdNl3M0%2FFPpzTitxfUlCoTaGyjp1VpeO4ssl5WZMnuXDWVa2V%2FW54iloI3Fun3C%2FdWFG5hKlrreHsvgF9cazTlJOSiu3QApKIJEb20kvxPiT8ZQNWLCJe%2FuLw%3D%3D"}],"max_age":604800}
Location
https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
627aa9783d8d4eb6-FRA
cf-request-id
0880883f2100004eb623a9a000000001
Expires
Fri, 26 Feb 2021 16:22:31 GMT
jjlogo7.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/jjlogo7.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
aee7edbcb570cae2ec689ea12a8195acddbdef7396e20f6389bba9f0608b39d3

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-b3f"
X-HW
1614352951.dop233.fr8.t,1614352951.cds201.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2879
acm-2021.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/acm-2021.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
7b2a2df3fedebf0b3d7cb502596465fa2a38db2b234a959d6a852424bdfd1c81

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:48:44 GMT
ETag
"1614350924"
X-HW
1614352951.dop233.fr8.t,1614352951.cds234.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602980
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
90560
bella-thorne-uncomfortable.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/bella-thorne-uncomfortable.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
58924302f630e6b759804e9be5f1b46d89d49056ba9db1fab3ba1ca342d49fc0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:25:07 GMT
ETag
"1614349507"
X-HW
1614352951.dop233.fr8.t,1614352951.cds147.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601642
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
83191
prince-harry-things-we-learned.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/prince-harry-things-we-learned.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
132948a42f4151d616205d7bdd957d974918347993005343b893603499373925

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 10:23:00 GMT
ETag
"1614334980"
X-HW
1614352951.dop165.fr8.t,1614352951.cds151.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=587395
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12538
kristen-stewart-talks-playing-princess-diana.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2020/11/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2020/11/kristen-stewart-talks-playing-princess-diana.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
390e638319f4504aa655cbb011eaaaa9506bc970a3aea658de5258b9cc5f14b7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Thu, 26 Nov 2020 02:57:32 GMT
ETag
"1606359452"
X-HW
1614352951.dop165.fr8.t,1614352951.cds230.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=558200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
67113
amelia-hamlin-blackfishing.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/amelia-hamlin-blackfishing.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
62ca072d5423ff3660772e70455a132fdfcac1ba60cca6a8a3ce1a211e4995d0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:37:03 GMT
ETag
"1614350223"
X-HW
1614352951.dop237.fr8.t,1614352951.cds007.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604425
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
91623
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • http://www.instagram.com/embed.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 01:52:40 GMT
x-fb-trip-id
1679558926
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4824

Redirect headers

location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
date
Fri, 26 Feb 2021 15:22:31 GMT
x-fb-trip-id
1679558926
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
content-type
text/html; charset=utf-8
jaguar-10-fun-facts.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/jaguar-10-fun-facts.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
065df2a5815c55092199b5adfd11949b5382948399354d2e04db6a1585058ed8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Thu, 25 Feb 2021 21:29:09 GMT
ETag
"1614288549"
X-HW
1614352951.dop232.fr8.t,1614352951.cds229.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603692
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
46313
tiger-woods-newsies.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/tiger-woods-newsies.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4f5e794fb3be73016ffd2e5048db5021b7e1a942fa38cb4749454459a3e24208

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 15:00:17 GMT
ETag
"1614351617"
X-HW
1614352951.dop215.fr8.t,1614352951.cds167.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603692
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68893
holly-madison-single-module.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/02/holly-madison-single-module.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
47d653431da637e4c6cc5dec3cf13922395b522f2919b3c05c0844642621d462

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 07:51:07 GMT
ETag
"1614325867"
X-HW
1614352951.dop232.fr8.t,1614352951.cds107.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=577813
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
37106
tmz.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/featured/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/featured/tmz.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-a0b"
X-HW
1614352951.dop215.fr8.t,1614352951.cds213.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2571
bella-thorne-uncomfortable.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/bella-thorne-uncomfortable.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
58924302f630e6b759804e9be5f1b46d89d49056ba9db1fab3ba1ca342d49fc0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:25:07 GMT
ETag
"1614349507"
X-HW
1614352951.dop231.fr8.t,1614352951.cds147.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601642
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
83191
acm-2021.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/02/acm-2021.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
7b2a2df3fedebf0b3d7cb502596465fa2a38db2b234a959d6a852424bdfd1c81

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:48:44 GMT
ETag
"1614350924"
X-HW
1614352951.dop231.fr8.t,1614352951.cds234.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602980
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
90560
kim-k-outing-links.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/02/kim-k-outing-links.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
c0fc60176979d94327d20bdd1d25e3913e2eafbf56477abe2c1815d760cc6c56

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 07:44:23 GMT
ETag
"1614325463"
X-HW
1614352951.dop233.fr8.t,1614352951.cds120.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=577333
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40861
real-housewives-mashup.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/02/real-housewives-mashup.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
1219ecd52d0a6e65fc181ef5e02fd389830433fc76ee65ba847f5927dc5fde23

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 14:04:44 GMT
ETag
"1614348284"
X-HW
1614352951.dop215.fr8.t,1614352951.cds203.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=600309
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
125839
kate-winslet-bodyshaming.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/02/kate-winslet-bodyshaming.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
47a50d5505b5bdca64c52715ba0dabfa66221a8452f1e73166bfba6506f54706

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 13:51:48 GMT
ETag
"1614347508"
X-HW
1614352951.dop233.fr8.t,1614352951.cds133.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=599866
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
92239
jjjr_logo_featured.gif
cdn04.cdn.justjared.com/wp-content/uploads/sidebar/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/sidebar/jjjr_logo_featured.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:03 GMT
ETag
"1555602183"
X-HW
1614352951.dop235.fr8.t,1614352951.cds201.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=32347
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5311
kendall-jenner-pairs-her-face-mask-with-her-outfit-while-out-in-beverly-hills.jpg
cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/kendall-jenner-pairs-her-face-mask-with-her-outfit-while-out-in-beverly-hills.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9e36289a34d680cadcaa5002fdaa158adc6caa7e283c4ff55de1e246783a4301

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 07:25:52 GMT
ETag
"1614324352"
X-HW
1614352951.dop236.fr8.t,1614352951.cds222.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
85960
chase-stokes-madison-bailey-american-eagle2.jpg
cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/chase-stokes-madison-bailey-american-eagle2.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d48c1d073b6316712c0f4cfd412eba61c6ac0fbf6dea3dd3d0d91724b2f5fdca

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 07:31:36 GMT
ETag
"1614324696"
X-HW
1614352951.dop231.fr8.t,1614352951.cds267.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21365
nick-jonas-cool-fashion-in-nyc.jpg
cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/02/nick-jonas-cool-fashion-in-nyc.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
011456c0b36f88816d9c6e3b0a6aa26e1e4b656b0529684285dad4efd0eb071b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Fri, 26 Feb 2021 02:40:05 GMT
ETag
"1614307205"
X-HW
1614352951.dop214.fr8.t,1614352951.cds166.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21321
tmz_footer.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/tmz_footer.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-a39"
X-HW
1614352951.dop232.fr8.t,1614352951.cds261.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2617
toofab_footer2.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/toofab_footer2.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-a24"
X-HW
1614352951.dop165.fr8.t,1614352951.cds222.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2596
jj-circle-logo-new.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/jj-circle-logo-new.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ce228fe909a2d596d995ef8c95991d201dcb87527814d7037b1d07355fa2c257

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-7ff"
X-HW
1614352951.dop232.fr8.t,1614352951.cds281.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2047
jr-circle-logo.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/jr-circle-logo.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-5f6"
X-HW
1614352951.dop215.fr8.t,1614352951.cds290.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1526
93029X1547060.skimlinks.js
s.skimresources.com/js/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/93029X1547060.skimlinks.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ece26aa0ea25f2fed042ddf07c349cc7fe643e1e3817e5e07f74c64ebe54da62

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 10:57:53 GMT
server
AmazonS3
x-amz-request-id
027641DECF42F554
etag
"1414d53799d88296696d36e771e88287"
x-hw
1614352951.cds154.fr8.hn,1614352951.cds229.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
24915
x-amz-id-2
z+EKwa6O3cMjOUYtMxnv1lKEUnc2BD+khmyFivtXQbTvjE31aj475kS5pkzDKYPiebMs2DfEEfo=
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=1ac778c6-7bd4-40b9-9490-e9758950c588&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%221ac778c6-7bd4-40b9-9490-e9758950c588%22%2C%22propertyHref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
65.9.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Fri, 26 Feb 2021 15:22:31 GMT
x-powered-by
Express
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
s8M5fWeoZ0iDdulPmsGzBm9EQaHst0hyCVQ0-FKQaj13O2xlupAQPw==
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4795
date
Fri, 26 Feb 2021 14:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 26 Feb 2021 16:02:36 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 27 Feb 2021 15:22:31 GMT
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Content-Encoding
gzip
Etag
"/D8P7qgiWm3WmfjhiS2eTg=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 05 Mar 2021 15:22:31 GMT
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 		509 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=1ac778c6-7bd4-40b9-9490-e9758950c588&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%221ac778c6-7bd4-40b9-9490-e9758950c588%22%2C%22propertyHref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
1ba575a038ca10d5b3833dfe67bf444599b6499aa9f0173f215b273da38c7b88

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
zqcAyPvBIzmt6IyaNW-0ozOnLYeuW_89VIaZtiSjOyNB-3Fn98KsWA==
via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
get_site_data
message.sp-prod.net/mms/ 		19 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/get_site_data?requestUUID=929e7836-0ba0-4dc4-b2ba-638b2fa0f558&account_id=1247&href=http%3A%2F%2Fwww.justjared.com%2F
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.111.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.2.v20170220) /
Resource Hash
52a89e4682baffa75e5cb334e545df1b65d5e133b9c2ba4901688311928ac1e6

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
x-sp-mms-node
mms-axk.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=2592000
access-control-allow-credentials
true
services.js
js.gumgum.com/ 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e7f611710f3d372428c4be42bc42c8aca0374a156433fda22774daf5b61baee

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
urZHBLfWo.TYNIEdXwFuB5LKgGjw5OP8
content-encoding
gzip
x-amz-meta-timing-allow-origin
*
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"8f5f52cf6de0d8d4ad7ec943f576ee9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
date
Fri, 26 Feb 2021 15:22:31 GMT
last-modified
Thu, 04 Feb 2021 19:47:20 GMT
x-amz-meta-access-control-allow-origin
*
x-amz-cf-id
ZeUxf-cu8DN30Gsy64mfvejFYYFpkUeESAov_Q5PsRlI-t2z4buCzA==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1142
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28744
x-tw-cdn
VZ
Last-Modified
Mon, 08 Feb 2021 21:21:01 GMT
Server
ECS (amb/6BC7)
Etag
"11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: www.google.com
URL: http://www.google.com/jsapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16694
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 10:44:17 GMT
hfn.js
tradecraft.s.llnwi.net/v1/pub/01/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/hfn.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
HTTP/1.1
Server
178.79.208.44 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-208-44.ams.llnw.net
Software
CloudStorage /
Resource Hash
fedb6350665e6b03ab1c40b650fe58b09e0c163f9b4325df64abb901e6300e26

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 12 Jan 2021 00:24:20 GMT
Server
CloudStorage
Age
90462
Content-Type
application/javascript
X-Agile-Checksum
fedb6350665e6b03ab1c40b650fe58b09e0c163f9b4325df64abb901e6300e26
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39117
X-LLID
fc9a7d10053c6e8e2f8ed83a2bab7d7b
xtb.min.js
cdn.exitbee.com/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exitbee.com/xtb.min.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.97.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
70a3f595d1da1d6eab77586086b9d81676dffde56ff5d800b39b07b15c9d8523

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:54 GMT
age
1298
x-guploader-uploadid
ABg5-UzUhaA7j-0WgqTSXvESyDvV_WP6NuEdVzOyhWDzrhH7Lie-3WzDNF-XzSe3rvk0GSQaekeXO9d9yhQAEbZLPqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
16820
last-modified
Tue, 23 Feb 2021 16:48:33 GMT
server
UploadServer
etag
"f57ad960e725e8a00e1fb06ba8e2524f"
x-goog-hash
crc32c=cJjZuw==, md5=9XrZYOcl6KAOH7BrqOJSTw==
x-goog-generation
1614098913756333
cache-control
public, max-age=3600
x-goog-stored-content-length
16820
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 26 Feb 2021 16:00:54 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31a40e375189e915946179d63a10471989b8a370ba4ba7e4e74fdfbd0f93ee3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4PxhR1ShiJBMetSadU6Giw==
cross-origin-resource-policy
cross-origin
expires
Fri, 26 Feb 2021 15:28:43 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1777
x-fb-rlafr
0
x-fb-debug
2UZLCQbajaQUh9r2PA6qcOzb/I8R/ho9gECFpM5+YdmDSCJw62Ij+ub/SOLdgVqKTlPCvqEzJ3Ryks+UL2Uu4A==
x-fb-trip-id
686109401
x-fb-content-md5
af207e0c4da3897c734afcb737697c42
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 26 Feb 2021 15:22:31 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"b9c3ff66300b85ef2bc423f044f88e78"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v3.2&appId=145071315902360
Non-Authoritative-Reason
HSTS
50p_black.png
www.justjared.com/wp-content/themes/default/images/ 		132 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/50p_black.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
c7cfcde04f4d67f9a622885d416a95614e789602cc0f9007a4ce38e836f1078f

Request headers

Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-84"
X-HW
1614352951.dop226.fr8.t,1614352951.cds106.fr8.sc,1614352951.cds106.fr8.p
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
132
Expires
Fri, 05 Mar 2021 15:22:31 GMT
5WYzd9R-NgQ
www.youtube.com/embed/ Frame 2673 		51 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/5WYzd9R-NgQ
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1559bce124c1ade84a67a9e951fa7d9b5f5130626768b5cd0b5883443f7d8916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/5WYzd9R-NgQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 26 Feb 2021 15:22:31 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=W0gKarRE8K8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=k7ddOWPj2H4; Domain=.youtube.com; Expires=Wed, 25-Aug-2021 15:22:31 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+071; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
icon_morehere.gif
www.justjared.com/wp-content/themes/default/images/ 		504 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/icon_morehere.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
70772a7a36ab39e1f8cc319770a5eea261d23326e087c878d390eca09963d83b

Request headers

Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-1f8"
X-HW
1614352951.dop225.fr8.t,1614352951.cds238.fr8.sc,1614352951.cds238.fr8.p
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
504
Expires
Fri, 05 Mar 2021 15:22:31 GMT
blackbar.gif
www.justjared.com/wp-content/themes/default/images/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/blackbar.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dc5a281743479dcc6f352b67e5219524b6153d1a73da652498a687e7aa16c81a

Request headers

Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=01142021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Last-Modified
Tue, 23 Feb 2021 02:51:15 GMT
Server
nginx
ETag
"60346da3-38d"
X-HW
1614352951.dop239.fr8.t,1614352951.cds013.fr8.sc,1614352951.cds013.fr8.p
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
909
Expires
Fri, 05 Mar 2021 15:22:31 GMT
message_url
message.sp-prod.net/mms/v2/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/v2/message_url?requestUUID=929e7836-0ba0-4dc4-b2ba-638b2fa0f558&account_id=1247&abp=false&href=http%3A%2F%2Fwww.justjared.com%2F&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A7443%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D&t[type]=CCPA
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.111.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.2.v20170220) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:31 GMT
x-sp-mms-node
mms-ap4.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
content-length
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tag.min.js
get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/
Redirect Chain
  • http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
  • https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96abee9e80df94b28491f6ef5bcb21dd203342d88c64a6a264418e67e7980d86

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
2g5Oy_kO.L_ZiSffwaQgJQ1kni5QigzR
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 20:03:41 GMT
server
AmazonS3
age
50052
etag
W/"7137c22c968e140a97b4af7a5798c947"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2285d262a6b5edcf46f904cd07877cdd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 26 Feb 2021 01:28:34 GMT
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
B5Je2GkUMo43TP7jPPsehsOvVAK03QriyCoBwc40i9SVyt23XcCM_A==

Redirect headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Via
1.1 9680e9cb5cbc773ebfed1b7a558f7db6.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
DdHEc222S59Nvt8J6NjGK06hpqhfLjRqORMCt0R4dHV0X5EK0SOBlA==
21666_JustJared.js
ads.rubiconproject.com/prebid/ 		367 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.rubiconproject.com/prebid/21666_JustJared.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjlib.js
Protocol
HTTP/1.1
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a19666be2a07fee5947949512d875ec62e73c070b8b32c78a01da2c70140bbec

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Feb 2021 17:46:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2478
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109615
Expires
Fri, 26 Feb 2021 16:03:50 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01EZFEY9YAYY7Z073WSP4M5BVT&persistence=1&checksum=c30180d9c8e7879bac1dacd94c45700c367dc56118ce6bb1dd9993026924144f
200 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01EZFEY9YAYY7Z073WSP4M5BVT&persistence=1&checksum=c30180d9c8e7879bac1dacd94c45700c367dc56118ce6bb1dd9993026924144f
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty/1.11.2.5 /
Resource Hash
299c8257c1430e190ea6443ec7ef765f987b9d15e084cbc1b0850214904f9da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://www.justjared.com
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Fri, 26 Feb 2021 15:22:31 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
http://www.justjared.com
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01EZFEY9YAYY7Z073WSP4M5BVT&persistence=1&checksum=c30180d9c8e7879bac1dacd94c45700c367dc56118ce6bb1dd9993026924144f
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame 9CE7 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.36208504231568317
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=1&rn=1.534104580138573
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:32 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=2&rn=1.534104580138573
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:32 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
any
idx.liadm.com/idex/ie/ 		0
0
rid
match.adsrvr.org/track/ 		0
0
identity
api.rlcdn.com/api/ 		0
0
display-dns
ccpa-service.sp-prod.net/ccpa/consent/7443/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/7443/display-dns?requestUUID=929e7836-0ba0-4dc4-b2ba-638b2fa0f558
Protocol
H2
Server
54.210.192.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-type
text/html; charset=utf-8
content-length
4
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache
allow
POST
display-dns
ccpa-service.sp-prod.net/ccpa/consent/7443/ 		569 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/7443/display-dns?requestUUID=929e7836-0ba0-4dc4-b2ba-638b2fa0f558
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.192.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
479434155f8a2bd6c800f4d4c34e966c772e0843660bc04bdfd3607ca05efa50

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
569
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:31 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
Content-Encoding
gzip
ETag
W/"a4d296427fc806b21335359e398c025c"
Age
74899
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 29 Jan 2021 06:42:57 GMT
Server
AmazonS3
Date
Thu, 25 Feb 2021 18:34:14 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 eea4db3ca37c99035a6e9a24033c4ceb.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
ZAG50-C1
X-Amz-Cf-Id
SGp_K4Y-VeI3feKSHPmkxvHTMeN5ji6--B1YsXs_JiNa0K-5VV48YQ==
www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame 2673 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81393
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52149
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:45:58 GMT
www-embed-player.js
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame 2673 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81248
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58416
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:23 GMT
base.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 2673 		2 MB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81248
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
513497
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame 2673 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81248
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:23 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2673 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
39413
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
rules-p-2bXhGE9g7fCno.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
3 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:50:33 GMT
via
1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:48:44 GMT
server
AmazonS3
age
81118
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
klofbKIXOiP0vqxVVkjMfBlI4y8DgocDbD-TWfn6sMuxhTJWBK85OA==

Redirect headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
6GmFlmu3Dc6z45SEbvt1mTyqO2q7atO7_vFZqpvqEUci6VsPJMW8bw==
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1721012158&t=pageview&_s=1&dl=http%3A%2F%2Fwww.justjared.com%2F&ul=en-us&de=UTF-8&dt=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=572202393&gjid=1812367184&cid=1069105447.1614352951&tid=UA-86316-1&_gid=108424207.1614352951&_r=1&gtm=2ou2h0&z=1230988858
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2F...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=&cs_ak_ss=1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1614352951347&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		196 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aacb19e22e7dc7b93acce1ee15c3870f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a1c3e7366e4c19e0917c884fb90fe48f3809dbac2bb4946dfa87cc2a11032f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://www.justjared.com
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
koRJioyQ0aeLMKTurB7R7Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60504
x-fb-rlafr
0
x-fb-debug
0MhzTgSTjPE/WLXysF8VZ5MAoGJffKSQyGRZt6nEK7wb+Pe4sxjpDTLxr/qn7UU26KgH4WBw8YeX76U5SOJ6DQ==
x-fb-trip-id
686109401
x-fb-content-md5
0a5ed3ecbc8f9bb2ad7d014f8beb2066
x-frame-options
DENY
date
Fri, 26 Feb 2021 15:22:31 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ff0659a5f2e845793a6f9c9e256a7b69"
timing-allow-origin
*
expires
Sat, 26 Feb 2022 14:04:06 GMT
/
www.instagram.com/accounts/login/ Frame 3489
Redirect Chain
  • https://www.instagram.com/p/CLuicxUpjaW/embed/captioned/?cr=1&v=13&wp=326&rd=http%3A%2F%2Fwww.justjared.com&rp=%2F
  • https://www.instagram.com/accounts/login/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/
Requested by
Host: www.instagram.com
URL: http://www.instagram.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/accounts/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Fri, 26 Feb 2021 15:22:31 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options
SAMEORIGIN
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-content-type-options
nosniff
x-xss-protection
0
x-aed
38
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
20793
x-fb-trip-id
1679558926
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

content-type
text/html; charset=utf-8
location
https://www.instagram.com/accounts/login/
vary
Accept-Language, Cookie
content-language
en
date
Fri, 26 Feb 2021 15:22:31 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-aed
38
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
0
x-fb-trip-id
1679558926
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html
platform.twitter.com/widgets/ Frame 6B17 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fwww.justjared.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB6) /
Resource Hash
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448177
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:31 GMT
Etag
"d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:37 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB6)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105677
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-86316-1&cid=1069105447.1614352951&jid=572202393&gjid=1812367184&_gid=108424207.1614352951&_u=IEBAAUAAAAAAAC~&z=291618239
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Feb 2021 15:22:31 GMT
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/ 		22 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93029X1547060.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:31 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://www.justjared.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
/
p.skimresources.com/ Frame 9CE7
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816
  • https://p.skimresources.com/?provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816&skim_mapping=true
43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/?provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816&skim_mapping=true
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:32 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif

Redirect headers

date
Fri, 26 Feb 2021 15:22:32 GMT
via
1.1 google
server
nginx/1.16.1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?provider_id=f3ba0fa49e2cc6556f9c5cffd3f36816&skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-86316-1&cid=1069105447.1614352951&jid=572202393&_u=IEBAAUAAAAAAAC~&z=569529017
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-86316-1&cid=1069105447.1614352951&jid=572202393&_u=IEBAAUAAAAAAAC~&z=569529017
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2673
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f59e936754eb3994d67aa90eb1f5e21dc269426a7619676da58b062a622e994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 26 Feb 2021 15:22:31 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2673 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:11:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
634
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:26:57 GMT
headerstats
as-sec.casalemedia.com/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=427822&u=http%3A%2F%2Fwww.justjared.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/191040-27970744739601.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:38 GMT
Server
Apache
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 26 Feb 2021 15:22:38 GMT
services
g2.gumgum.com/zones/jstjared/ 		644 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/jstjared/services?dp=http%3A%2F%2Fwww.justjared.com%2F&pu=http%3A%2F%2Fwww.justjared.com%2F&ogu=http%3A%2F%2Fwww.justjared.com&rf=&r=3.80.5&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.80.5%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=09787cd64190e175564b8ff598b5b3250267cb61&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1614352951578&to=-60&vpii=false&vph=1200&vpw=1600&gdprApplies=0
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d2372770ee5d4f17c460195df01599c4e75bcaa0d9694ce9dd4c0f394053d501

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:33 GMT
content-encoding
gzip
server
nginx
etag
W/"0ad46966692b70fba987ed1679c6f7c2e"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
remote.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 2673 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81092
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32547
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:50:59 GMT
xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js
www.google.com/js/th/ Frame 2673 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 08:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
371327
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14208
x-xss-protection
0
expires
Tue, 22 Feb 2022 08:13:44 GMT
embed.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 2673 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
81246
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9681
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:25 GMT
truncated
/ Frame 2673 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhwYh2LiD_my-hPnPBrf-e10nb8DS4HdpDXYQeoEw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2673 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhwYh2LiD_my-hPnPBrf-e10nb8DS4HdpDXYQeoEw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f2c4a7ba35bf1d196aafd3bad862a5c0e4503d5acfffe8ae7299edd3477b0812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 11:36:19 GMT
x-content-type-options
nosniff
age
13572
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3432
x-xss-protection
0
server
fife
etag
"v186"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 20 Feb 2021 09:52:13 GMT
sddefault.webp
i.ytimg.com/vi_webp/5WYzd9R-NgQ/ Frame 2673 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/5WYzd9R-NgQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d001084d1673a05b85a1d7930aa5f0dee2a9688459bfd5015ed2fc2542230dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:04:11 GMT
x-content-type-options
nosniff
server
sffe
age
1100
etag
"1612474441"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6870
x-xss-protection
0
expires
Fri, 26 Feb 2021 17:04:11 GMT
settings
syndication.twitter.com/ Frame 6B17 		183 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ebdbf1f0d8e353edbb68e8d609ec0002b2a455b4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fwww.justjared.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fwww.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time
118
date
Fri, 26 Feb 2021 15:22:32 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 15:22:32 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
e5b0be9ede5cdc6283397ef5e70017e7
strict-transport-security
max-age=631138519
content-length
152
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2673 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:31 GMT
button.cf7aaea83eb75b84ae4508f0ceb5dc4c.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.cf7aaea83eb75b84ae4508f0ceb5dc4c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
055dd0f1e0eae12d4587b12f516a1d7a0f858d80498823cbade9f97b5962d727

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Feb 2021 21:19:23 GMT
Server
ECS (amb/6BC7)
Age
1448176
Etag
"d85b930ed0bb252882372aca97f80615+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
generate_204
www.youtube.com/ Frame 2673 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?9zmUSA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5WYzd9R-NgQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
loadeu.exelator.com/load/ Frame 9CE7
Redirect Chain
  • https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent=
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 26 Feb 2021 15:22:32 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
onetag-geo.s-onetag.com/ 		24 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:43:23 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
age
27549
x-amzn-requestid
21b6e1c2-d9c7-4042-ab86-da3c87d452a5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
bV74RG40iYcFmnQ=
content-length
24
x-amz-cf-id
SYFymi8VwnDw0GFkf_JaRBfXj3Lqpf9_ZaD_cZmvPysXd_9CQNecDA==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc79bf3c37e3c316b70c4bc2f1b29406385a0f5b1c59c0e30325cf49272bbd0f

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ZOs7Q5znBPDGZPYhJ_ssR95LJjkLT4T0
content-encoding
gzip
etag
W/"4d3eb8e4d8f392b335f7be92c4cb765d"
last-modified
Tue, 16 Feb 2021 16:02:24 GMT
server
AmazonS3
age
84006
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2285d262a6b5edcf46f904cd07877cdd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 25 Feb 2021 16:02:26 GMT
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
wAITZeQ7NOaeQj01txZFp7D99jSn4GbC57STFgzagnMtyZERPcWgnQ==
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame 7F4F 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448176
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:31 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame 121C 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448176
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:31 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame 2012 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448177
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame E472 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBE) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448175
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BBE)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame BEC3 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB3) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448177
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame 46E0 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448178
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B74)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
platform.twitter.com/widgets/ Frame DFAF 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448177
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12286
truncated
/ Frame 7F4F 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=justjared.co...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm...
  • https://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;c...
35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=justjared.com;je=0;sr=1600x1200x24;dst=1;et=1614352951697;tzo=-60;ogl=site_name.Just%20Jared%2Ctitle.Just%20Jared%3A%20Celebrity%20Gossip%20and%20Entertainment%20News%2Curl.http%3A%2F%2Fwww%252Ejustjared%252Ecom%2Ctype.website%2Cimage.http%3A%2F%2Fcdn01%252Ecdn%252Ejustjared%252Ecom%2Fwp-content%2Fuploads%2Fsidebar%2Fjustjared-home1%252Ejpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=861938909;rf=0;uht=2;a=p-2bXhGE9g7fCno;url=http%3A%2F%2Fwww.justjared.com%2F;fpan=1;fpa=P0-1255551211-1614352951697;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=justjared.com;je=0;sr=1600x1200x24;dst=1;et=1614352951697;tzo=-60;ogl=site_name.Just%20Jared%2Ctitle.Just%20Jared%3A%20Celebrity%20Gossip%20and%20Entertainment%20News%2Curl.http%3A%2F%2Fwww%252Ejustjared%252Ecom%2Ctype.website%2Cimage.http%3A%2F%2Fcdn01%252Ecdn%252Ejustjared%252Ecom%2Fwp-content%2Fuploads%2Fsidebar%2Fjustjared-home1%252Ejpg
Date
Fri, 26 Feb 2021 15:22:32 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Sat, 27 Feb 2021 15:22:32 GMT
/
onetag-geo.s-onetag.com/ 		24 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:43:23 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
age
27549
x-amzn-requestid
21b6e1c2-d9c7-4042-ab86-da3c87d452a5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
bV74RG40iYcFmnQ=
content-length
24
x-amz-cf-id
6GZFPnLi7WIYLpySJf6QLxpHvGN1j3R_pdDAbC3IuBZrmqdNnmAhDQ==
truncated
/ Frame 121C 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2012 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E472 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BEC3 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 46E0 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DFAF 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
839 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 02:00:59 GMT
content-encoding
gzip
server
restify
age
48093
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
http://www.justjared.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
oIcVFHDTdFN4rX4z6ByfLsPO9c1-zQU-kF2bcuUqmfTJMmCx1xKoGw==
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
jot.html
platform.twitter.com/ Frame DAB6
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://www.justjared.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1448177
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 26 Feb 2021 15:22:32 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 08 Feb 2021 21:20:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B74)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Fri, 26 Feb 2021 15:22:32 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Fri, 26 Feb 2021 15:22:32 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
status
302 Found
strict-transport-security
max-age=631138519
x-connection-hash
e5b0be9ede5cdc6283397ef5e70017e7
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
121
x-transaction
0044f24d007b0b79
x-tsa-request-body-time
1
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
/
onetag-geo.s-onetag.com/ 		24 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:43:23 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
age
27549
x-amzn-requestid
21b6e1c2-d9c7-4042-ab86-da3c87d452a5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
bV74RG40iYcFmnQ=
content-length
24
x-amz-cf-id
tV-d3Qw5napTMqyJ5uDT6lGOAgeKLMhsogI7WDiNOyi1fsAgwCSZnA==
/
onetag-geo.s-onetag.com/ 		24 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:43:23 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
age
27549
x-amzn-requestid
21b6e1c2-d9c7-4042-ab86-da3c87d452a5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
bV74RG40iYcFmnQ=
content-length
24
x-amz-cf-id
YaRid2ctwSvaUGNslXGh1UZwEfKJXKMu6li7trIKXsz25J8P3ss3ag==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
830 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 02:00:59 GMT
content-encoding
gzip
server
restify
age
48093
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
http://www.justjared.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
SwBKk538Sd8Tz7XUbh-R3npLgoIiv040BcQxjJQly7kK9qQcGY2WYg==
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
2d8b9819fe24c644c0065c265c89b00674f3d5bb37e3c2cf004e1256486a47c8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Server
nginx
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
exitbee.js
settings-v2.service.exitbee.com/c/7731/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://settings-v2.service.exitbee.com/c/7731/exitbee.js
Requested by
Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
x-cloud-trace-context
a9c29b71b922cc535f214507af3a0819
server
Google Frontend
x-powered-by
Express
date
Fri, 26 Feb 2021 15:22:32 GMT
content-length
0
content-type
text/html
/
onetag-geo.s-onetag.com/ 		24 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:43:23 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
age
27549
x-amzn-requestid
21b6e1c2-d9c7-4042-ab86-da3c87d452a5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
bV74RG40iYcFmnQ=
content-length
24
x-amz-cf-id
-nX_RGpum7XqFcBgCVXwQK6bBj7huw9Ac-zmjabWJjVaMK23oq3bKQ==
justjared-justjared-desktop.js
widget.sellwild.com/justjared/
Redirect Chain
  • http://widget.sellwild.com/justjared/justjared-justjared-desktop.js
  • https://widget.sellwild.com/justjared/justjared-justjared-desktop.js
34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f1ae0e00a286134b3d6247d58b8a9b260dc56cafaed3026c6cd444b69dfd8c3

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 19:57:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 19:51:30 GMT
server
AmazonS3
age
242691
etag
W/"9c965ab43470901c28fd606bdabeab52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
cache-control
max-age=1209600,public
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
SUlr0U6apAp86GqSslCs56XxGVkeSxC_dVCgZFa2yEEDDhmRMg92OA==

Redirect headers

Date
Fri, 26 Feb 2021 15:22:32 GMT
Via
1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
z7RUyRYyZFUzFRIX9rQgbvULlPpXablx308sgRQVVvgT8odDHQwP-g==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210226
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
872b7cf3b24a2e31e46e67d43529278a328f4781beeeef306259dc8c6548a968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
15708
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
744
etag
W/"53b-CzYjvYm+Ah5fUATVsnn2yL7BKn4"
x-served-by
cache-fra19164-FRA
date
Fri, 26 Feb 2021 15:22:32 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ats.js
ats.rlcdn.com/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 23:03:23 GMT
content-encoding
gzip
age
2045949
x-guploader-uploadid
ABg5-UxfjOpzFTTiqJMngUx0NHiiw-1gSsalGg9rGrWaxu0JKsAcOf2u5sLkddmynpXclXK7Ddu6DGlLWTSZmJJ-FEk
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60625
last-modified
Fri, 22 Jan 2021 08:44:43 GMT
server
UploadServer
etag
"cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash
crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation
1611305083757651
cache-control
no-transform
x-goog-stored-content-length
60625
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 23:03:23 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		161 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=XBdzRALGhjBPF&cb=0&ws=1600x1200&v=7.59.00&t=1400&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_728x90%22%7D%5D&cfgv=0&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a4c366a4d5145deb2d49c78fae5d45376d9d97e66438b1ff961a76050019d6df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:33 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
155
via
1.1 a0b6e5bd6cf5596d4f38f0df8fa929e1.cloudfront.net (CloudFront)
x-amz-cf-id
nQXalresnnnHg0VgUxewtwdnCDnkkfK8PDyD48m07AQAqSQPS2LVRA==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		383 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475146&size_id=2&alt_size_ids=221&gdpr=0&us_privacy=1---&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a27089b-eb08-4d43-9b9f-33da1c13e509%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tg_i.pbadslot=21854935662%2FJustJared_Home%2FJustJared_Home_Top_728x90&tg_i.dfp_ad_unit_code=21854935662%2FJustJared_Home%2FJustJared_Home_Top_728x90&tk_flint=dmpbjs_v4.24.0&x_source.tid=01a35511-ed3b-424e-9681-a46ee7db2149&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.26587185302841476
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9acc014c14c6690b25f7381186e214806d739f0a98ccfa2abf6a2c7358cfc58b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
383
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.24.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1400&gdpr=false&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
hb.emxdgt.com/ 		0
0
c
prebid.a-mo.net/a/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid
eb537e0f-20dc-4bac-8644-ce3f1fa99f4d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.24.0
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
77a8ed1f7c261b9b342ccd75b90bfa6989820680e502c0df08c6a15397365712

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		161 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=XBdzRALGhjBPF&cb=1&ws=1600x1200&v=7.59.00&t=1400&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300x250_InnerRail%22%7D%5D&cfgv=0&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2f0ce5018684afc0d1c3115406f894103ea5f8a8ae65a6f08d1e3ad27b1e19dd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:33 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
155
via
1.1 a0b6e5bd6cf5596d4f38f0df8fa929e1.cloudfront.net (CloudFront)
x-amz-cf-id
0Cn0o4FaYFvSW5CB1IVAkXJ1HQDsudXg1Zy5MWQtzps8zTT1e3gCWg==
bidRequest
c2shb.ssp.yahoo.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
/
hb.emxdgt.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid
3117381e-a288-41fe-aee4-a19542419948
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		418 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475126&size_id=15&alt_size_ids=221&gdpr=0&us_privacy=1---&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a27089b-eb08-4d43-9b9f-33da1c13e509%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tg_i.pbadslot=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300x250_InnerRail&tg_i.dfp_ad_unit_code=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300x250_InnerRail&tk_flint=dmpbjs_v4.24.0&x_source.tid=b5eb7e98-1bfa-4d37-98a0-0679dd31e9f7&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.028693399015857324
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
910f628cebdc47b83f61c52828ff0b3ca5284f545cd8f29cd399e2b8b2e17153

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
418
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.24.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1400&gdpr=false&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		0
0
c
prebid.a-mo.net/a/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.24.0
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
3d7f60ed7f067c16f0a35776f29dbca939a0e80e07e3b76e67331e290b133775

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
zerg.js
www.zergnet.com/ 		0
0
video-loader.js
cdn.avantisvideo.com/avm/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JC1MZXnTlq5q1hwwM7uac4dOsQCTW8Fq
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 10:42:18 GMT
server
AmazonS3
age
11868
etag
W/"68c180f02ff8411308f6cfc922d94aa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
date
Fri, 26 Feb 2021 12:04:45 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
VuJP8fKaNnYDfp0Egrx9oI7GRKxpv8E8MBokK1drGhojpcUXs9wBWw==
JustJared_Floating.js
d2na2p72vtqyok.cloudfront.net/aniview-script/ 		0
0
i.js
tag.bounceexchange.com/3479/ 		0
0
abc.txt
static.avantisvideo.com/data/ 		28 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f33b8ccfae2f19901dd12a13d472b15d8e2a1017da2781328b19cb72d95d5944

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Feb 2021 15:33:58 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:33:15 GMT
server
AmazonS3
age
85715
etag
W/"d00cab8976f59cc75a3d75b956395a8f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nf_Z2fvQzxr-rsOYy1L8eeWp-E7t-GD2Y-g03hUVTRL8w9-vfkRyNQ==
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
/
geo.rlcdn.com/ 		115 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.rlcdn.com/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
89f5dd0a1e61f989db43c160ddd3a80d9570213a0a537fa387eaf2f52aa4d329

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:32 GMT
content-encoding
gzip
etag
W/"73-x65aoVh0QDdRlM8pSlxskAdP5cY"
server
Google Frontend
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
fd55a85e48086029fb9e56d0bb101f91
cache-control
private
content-length
128
u_d.html
cdn1.avantisvideo.com/connect/ Frame E539 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

:method
GET
:authority
cdn1.avantisvideo.com
:scheme
https
:path
/connect/u_d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-type
text/html
date
Fri, 26 Feb 2021 04:56:43 GMT
last-modified
Wed, 21 Oct 2020 12:02:12 GMT
etag
W/"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
iSV2p4z4EZAdFlfietEgrKyUExxV_JjNxOX2zR5tCP2U5EV4-mPU2A==
age
37550
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:33 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame E539 		107 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7471cc6d274c0ebc05c468ec82daa98dc1325fde221b3932a0c81de749b4cc60
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/connect/u_d.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
107
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 26 Feb 2021 15:22:33 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 6591
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
283 B
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0246e337263c43ad09c32f6fd56fc29bb38cbcf740168fe57a5664dfd605ffcd

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Server
Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
224
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 15:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 15:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Set-Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 15:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
new
g2.gumgum.com/assets/ 		235 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%221aa7d963-c4a0-4345-98ea-2d445a7f4f01%22%2C%22r%22%3A%223.80.5%22%2C%22t%22%3A%22jstjared%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22http%3A%2F%2Fcdn02.cdn.justjared.com%2Fwp-content%2Fuploads%2Fheadlines%2F2021%2F02%2Famelia-hamlin-blackfishing.jpg%22%2C%22w%22%3A300%2C%22h%22%3A300%2C%22x%22%3A364%2C%22y%22%3A524%2C%22lt%22%3A%22none%22%2C%22af%22%3Atrue%2C%22prefetch%22%3Atrue%2C%22ia%22%3A%22Amelia%20Hamlin%20Turns%20Off%20Instagram%20Comments%20After%20Being%20Accused%20of%20%27Blackfishing%27%20in%20Latest%20Post%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22http%3A%2F%2Fwww.justjared.com%22%7D&bf=09787cd64190e175564b8ff598b5b3250267cb61&lt=1614352953280&to=-60&gdprApplies=0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.80.5%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&uspConsent=1---
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9eaec0cc1aeac905e1720a4647d9dee336440fd5ef2422022b56848ac69db8d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:33 GMT
content-encoding
gzip
server
nginx
etag
W/"02ae0508013a5c94db55f009272b6072a"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
new
g2.gumgum.com/assets/ 		235 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%221aa7d963-c4a0-4345-98ea-2d445a7f4f01%22%2C%22r%22%3A%223.80.5%22%2C%22t%22%3A%22jstjared%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A2%2C%22u%22%3A%22http%3A%2F%2Fcdn03.cdn.justjared.com%2Fwp-content%2Fuploads%2Fheadlines%2F2021%2F02%2Fjaguar-10-fun-facts.jpg%22%2C%22w%22%3A300%2C%22h%22%3A300%2C%22x%22%3A364%2C%22y%22%3A2136%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Atrue%2C%22ia%22%3A%22Get%20to%20Know%20%27Curled%20In%27%20Singer%20Jaguar%20Jonze%20With%20These%2010%20Fun%20Facts!%20(Exclusive)%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22http%3A%2F%2Fwww.justjared.com%22%7D&bf=09787cd64190e175564b8ff598b5b3250267cb61&lt=1614352953282&to=-60&gdprApplies=0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.80.5%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&uspConsent=1---
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4dc67dcad29c70f048a9851744de250126b80b47005147e657b0b98cf113b6f0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:33 GMT
content-encoding
gzip
server
nginx
etag
W/"024c39a800f59eebbe060b255ef7ea2ef"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns_...
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns__t=1614352953276&cs_ak_ss=1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns__t=1614352953276&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Requested by
Host: widget.sellwild.com
URL: http://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30b1b1108031c9dc907a9bb7dd67e90b26a4ec18aa670fdc7a59e5ab581deb75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 15:17:07 GMT
server
ESF
date
Fri, 26 Feb 2021 15:22:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Feb 2021 15:22:33 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=407&friendly=friendly_69405144&pid=1&fr=60&frlm=1&rmpid=true&random=69405144&encode=1&origin=http%3A%2F%2Fwww.justjared.com
Requested by
Host: widget.sellwild.com
URL: http://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.131.170.213 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=407&friendly=friendly_19890118&pid=1&fr=60&frlm=1&rmpid=true&random=19890118&encode=1&origin=http%3A%2F%2Fwww.justjared.com
Requested by
Host: widget.sellwild.com
URL: http://widget.sellwild.com/justjared/justjared-justjared-desktop.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.131.170.213 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
listings-img-data-sm-justjared
cache.sellwild.com/ 		0
0
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.justjared.com
Referer
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
70867
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:41:26 GMT
quant.js
edge.quantserve.com/ Frame 98B9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Encoding
gzip
Etag
"/D8P7qgiWm3WmfjhiS2eTg=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 05 Mar 2021 15:22:33 GMT
logging
ie-lb.gumgum.com/assets/imp/ 		35 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ie-lb.gumgum.com/assets/imp/logging?reqId=a63cd6eb-78ad-49af-9534-e4a2d05b48b1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.80.5%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
rules-p-00TsOkvHvnsZU.js
rules.quantcount.com/ Frame 98B9
Redirect Chain
  • http://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
  • https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
3 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 12:41:41 GMT
via
1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:30:30 GMT
server
AmazonS3
age
9655
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
YLfeP3VOqrSQq_HLSjXkrgi6AnruDDgPqGEJnVb_e7dBxNXTjTlN9w==

Redirect headers

Date
Fri, 26 Feb 2021 15:22:33 GMT
Via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
d3FD0EFIp2zn1g2bE_hLYhpP4kXTCe1Nkfz6W4mSoLvPS-5BumTcjg==
4.gif
id5-sync.com/cq/441/124/6/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F441%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3606964892088964558&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/7/3.gif?puid=992f6039-123d-4000-bf14-db31a1b75ddd&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOHwzURtxwi7hplW35yEUzQAZmG-Iwro54g-T78g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fp...
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=f159aa8d-b47a-43a5-b709-71534cdba0c9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/441/124/6/4.gif?puid=f159aa8d-b47a-43a5-b709-71534cdba0c9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:45 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/441/124/6/4.gif?puid=f159aa8d-b47a-43a5-b709-71534cdba0c9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
date
Fri, 26 Feb 2021 15:22:46 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame A349 		2 KB
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ede74e5dd46a8e12415354ec42df96b37a9ac5f4fc1ffe8a9d62a539cdbb84ff

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
605
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A349
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=cb452245f6cedcf85d38
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=cb452245f6cedcf85d38
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:34 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 26 Feb 2021 15:22:34 GMT
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=cb452245f6cedcf85d38
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZE7HzDVFOgIaIODhDPs88RVxjBY_P62WRzuHu7p_uVc_6H_e-JJdbQ==
umcheck
cs.emxdgt.com/ Frame A349
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fex%253Dbrealtime.com%2...
  • https://cs.emxdgt.com/umcheck?apnxid=869083837681879840&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/umcheck?apnxid=869083837681879840&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:23:02 GMT
content-length
43
x-nosync
na;
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid
4968afd9-2e74-4448-a6d9-df6a4a6753e8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cs.emxdgt.com/umcheck?apnxid=869083837681879840&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 28D4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d6fdce41e277d14632e2490e73ec948da30c1b529630739a22b7b06d6e1b4b70

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:33 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"07c6872a94a84d497de589f7c31a99770"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9F2D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
632fc0267a1b04d338b0b378ff5806233ed53d5f9c2a8a77d78077a01f7f07ab

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDkSOg07e116RGehPSyt9QAA; CMPS=3202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1729
Expires
Fri, 26 Feb 2021 15:22:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:34 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSOg07e116RGehPSyt9QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:34 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:34 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:34 GMT CMRUM3=586039123a05a0&5a6039123a05a0&bf6039123a05a0&2d6039123a05a0&f16039123a05a00&e66039123a27600&396039123a05a00&276039123a0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:34 GMT CMST=YDkSOmA5EjoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 27 Feb 2021 15:22:34 GMT

Redirect headers

Server
Apache
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 26 Feb 2021 15:22:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:34 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSOg07e116RGehPSyt9QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:34 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:34 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBCF 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=85427
Expires
Sat, 27 Feb 2021 15:06:21 GMT
Date
Fri, 26 Feb 2021 15:22:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CEA0 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Feb 2021 15:22:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 4056 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Fri, 26 Feb 2021 15:22:33 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
Cookie set amazon
ap.lijit.com/beacon/ Frame 1484 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
1a3538a907a1ff388121c020508a0923dde3f74cbfa9decf14c2e229a02558f8

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=340d829b0019d3ce262a38f6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 26 Feb 2021 15:22:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjIzU7IyNDM0NTUzMjU11lEyReObGKPyLS0tTVFFDA2MUNTUAgDeCxEm;Path=/;Domain=.lijit.com;Expires=Sat, 26-Feb-2022 15:22:33 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=340d829b0019d3ce262a38f6;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 26-Feb-2022 15:22:33 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap3ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A7A8
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14265147511909007455
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14265147511909007455
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Server
Date
Fri, 26 Feb 2021 15:22:35 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Fri, 26 Feb 2021 15:22:35 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14265147511909007455
set-cookie
tluid=14265147511909007455; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:35 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1484 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=340d829b0019d3ce262a38f6&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 1484 		0
0
tum
ums.acuityplatform.com/ Frame 1484 		0
0
merge
ce.lijit.com/ Frame 1484
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=4TJhmOYwYZj6YGfEtTR_xLUyN5b6ZmGY4zA_Kpi7
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=4TJhmOYwYZj6YGfEtTR_xLUyN5b6ZmGY4zA_Kpi7
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=4TJhmOYwYZj6YGfEtTR_xLUyN5b6ZmGY4zA_Kpi7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 1484
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:43 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:35 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1484
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2&google_tc=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MzQwZDgyOWIwMDE5ZDNjZTI2MmEzOGY2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98822c2ee45aa95f7c98f9ab5bf7eb3fb37dffb0332d7caf0fc7afe5805f506

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
92.w0NWO5QWL66xPwRzoCeHePbfL3lNJ
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 10:22:24 GMT
server
AmazonS3
age
11789
etag
W/"bcd489500971fc4c1d7c8613079b0104"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
date
Fri, 26 Feb 2021 12:06:08 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
PJqNtVcZcEIS-jg7YXCCJzU78b9mxpfSOUbCZo4OhTczB0Ztrb_wfQ==
desktop
avm.avantisvideo.com/api/v1/tag/74c97696-c8a7-4883-8cb6-3fb6bd956ead/7/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/74c97696-c8a7-4883-8cb6-3fb6bd956ead/7/desktop
Protocol
H2
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:33 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:35 GMT
content-length
2
content-type
text/plain
desktop
avm.avantisvideo.com/api/v1/tag/74c97696-c8a7-4883-8cb6-3fb6bd956ead/7/ 		1021 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/74c97696-c8a7-4883-8cb6-3fb6bd956ead/7/desktop
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ae75f5e3fc9deee998daf1fc5f814d2475e5c7cb569123ba81a916ebb5bcd734
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
1021
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 26 Feb 2021 15:22:34 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3606964892088964558
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3606964892088964558
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.252:80
AN-X-Request-Uuid
2051c967-8fcb-4adf-a60d-a6903dec4ed6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3606964892088964558
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8333865058310645402&ssp=gumgum2
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8333865058310645402&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
date
Fri, 26 Feb 2021 15:22:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redirectObuid
sync.outbrain.com/ Frame 28D4 		0
0
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=c98ea2a9-b594-44a2-93c3-d3b9bf10ab08
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=c98ea2a9-b594-44a2-93c3-d3b9bf10ab08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 26 Feb 2021 15:22:38 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=c98ea2a9-b594-44a2-93c3-d3b9bf10ab08
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-e30af07d-b4f9-44d7-6c2b-5a6dc873fa67$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-e30af07d-b4f9-44d7-6c2b-5a6dc873fa67$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-e30af07d-b4f9-44d7-6c2b-5a6dc873fa67$ip$185.156.175.107
Date
Fri, 26 Feb 2021 15:22:35 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-HtmKXiN1lxBhxdOUC5I93Z7TekvsBWznvJgu
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-HtmKXiN1lxBhxdOUC5I93Z7TekvsBWznvJgu
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 26 Feb 2021 15:22:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-HtmKXiN1lxBhxdOUC5I93Z7TekvsBWznvJgu
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
sync.ipredictive.com/d/sync/cookie/ Frame 28D4 		0
0
services
sync.technoratimedia.com/ Frame 28D4 		0
0
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:36 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame 28D4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=tT1EHTCHkWzQ&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=tT1EHTCHkWzQ&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=tT1EHTCHkWzQ&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-75d6d6d469-ckn5l
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 28D4 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:34 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame DD24
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Response headers

date
Fri, 26 Feb 2021 15:22:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 26 Feb 2021 15:23:09 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Cache-Control
no-cache
set-cookie
uuid=f2096039-123d-4400-8a3d-7b0960856429; domain=.mathtag.com; path=/; expires=Sat, 26-Mar-2022 15:22:37 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=f2096039-123d-4400-8a3d-7b0960856429&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 3518 2f03077 master cdg-pixel-x24
Expires
Fri, 26 Feb 2021 15:23:08 GMT
usersync
rtb.gumgum.com/ Frame C827
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
  • https://rtb.gumgum.com/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_754abdc4-704b-4f2f-a60b-33821ddb5cf3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Response headers

date
Fri, 26 Feb 2021 15:22:36 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YDkSPAAAAKQw4VLS&gdpr=0&gdpr_consent=&_test=YDkSPAAAAKQw4VLS
accept-ranges
bytes
date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 varnish
x-served-by
cache-hhn4032-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1614352956.171042,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 52BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
170 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Response headers

content-type
image/png
date
Fri, 26 Feb 2021 15:22:49 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NTRhYmRjNC03MDRiLTRmMmYtYTYwYi0zMzgyMWRkYjVjZjM=&gdpr=0&gdpr_consent=&google_tc=
date
Fri, 26 Feb 2021 15:22:49 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
364
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 26-Feb-2021 15:37:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBA1 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=85427
Expires
Sat, 27 Feb 2021 15:06:21 GMT
Date
Fri, 26 Feb 2021 15:22:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3E2B 		0
0
umcheck
cs.emxdgt.com/ Frame B5C8
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Frtb.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
43 B
120 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Response headers

content-type
image/gif
date
Fri, 26 Feb 2021 15:23:02 GMT
x-nosync
na;
content-length
43

Redirect headers

Server
nginx/1.17.9
Date
Fri, 26 Feb 2021 15:23:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://cs.emxdgt.com/umcheck?apnxid=5331014813196429635&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
AN-X-Request-Uuid
bcd3d927-5e5c-41b2-b8ee-ca75ec3fb0e1
Set-Cookie
uuid2=5331014813196429635; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 27-May-2021 15:23:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
idsync
tg.socdm.com/aux/ Frame 39B6 		0
0
cm
p.rfihub.com/ Frame 83B2 		0
0
cm-notify
creativecdn.com/ Frame FEA4 		0
0
g_pbto
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1614352954154&eid=39afaa13f880b48
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.207.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=742854129477322&correlator=2143193795452828&output=ldjh&impl=fifs&eid=31060169%2C31060207%2C31060299%2C21068111&vrg=2021022501&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=0&sfv=1-0-37&ecs=20210226&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_Top_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C728x90&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2%26reloaded%3Dload1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1614352710&dt=1614352954166&dlt=1614352950748&idt=808&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=298&adks=667232967&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=920x90&msz=1x1&ga_vid=1069105447.1614352951&ga_sid=1614352954&ga_hid=1721012158&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
21fd9a65967969a48659f04d0650f858d68cc0b9b134ca1b9615cb917d5e9217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24561
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b2::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
x-guploader-uploadid
ABg5-UzUkWRww0k5Ai-hLO-bDwJAUb2bBvXwUvB0k0383nEP_9A-gxErzN1Ql4IW8fDBAjbKTdAH5D-BjY6LepBdlrs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 26 Feb 2021 15:52:34 GMT
g_pbto
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1614352954187&eid=40360fc62ea89b6
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.207.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=742854129477322&correlator=2323158035680737&output=ldjh&impl=fifs&eid=31060169%2C31060207%2C31060299%2C21068111&vrg=2021022501&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=0&sfv=1-0-37&ecs=20210226&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_Top_Right_300x250_InnerRail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C300x250&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2%26reloaded%3Dload1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1614352710&dt=1614352954191&dlt=1614352950748&idt=808&frm=20&biw=1600&bih=1200&oid=3&adxs=940&adys=418&adks=1647638295&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1069105447.1614352951&ga_sid=1614352954&ga_hid=1721012158&fws=4&ohw=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e026c316f74a03d99842195b8374d29132fbe6527fa6053cb7f1cac2cfac8575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10395
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
avcplayer.js
player.avplayer.com/script/2/2.57/ 		220 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.57/avcplayer.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:846e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5325781b1a73ef6f6d0b3e0b9eea6503d647a60400f4951e0eaf566de60fa21f

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzxI-mXi01Dk2Mkpxi5hTbS-9co8cmXpcqn-aRVOMc_MIy1-cF-LeIGK42UqqGMGvVTk-O5ZUAAQ-hWDBnI_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
54288
last-modified
Sun, 24 Jan 2021 10:15:39 GMT
server
UploadServer
etag
"ff6052612d4aeed57f9ee69bf4259e70"
vary
Accept-Encoding
x-goog-hash
crc32c=uIbd6Q==, md5=/2BSYS1K7tV/nuab9CWecA==
content-language
en
x-goog-generation
1611483339139872
cache-control
public, max-age=300
x-goog-stored-content-length
54288
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 26 Feb 2021 15:27:34 GMT
ins.txt
static.avantisvideo.com/data/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/ins.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bf97dfa9db6666f9abf3b9e4e1373a258033d4a486765109e44a7c7d5333ee7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Feb 2021 22:50:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 10:27:14 GMT
server
AmazonS3
age
59563
etag
W/"90c9e94d468b5982ed031db4c89ae8bc"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
R6PcPdnLLjBJqXzXZqnjmA3jJGMbmP3XkeuVH7_TRGQOFGaKEI9Kew==
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame C716 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.57/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b2::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 26 Feb 2021 15:27:34 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.justjared.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=http&pid=5f90393909f55424c642cfdf&cid=5fb2553fad995e2e283f4e82&e=inventory&vi=0&cb=1614352954441
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		29 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=http%3A%2F%2Fwww.justjared.com%2F&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_PUBLISHERID=5f90393909f55424c642cfdf&AV_CHANNELID=5fb2553fad995e2e283f4e82&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.justjared.com&AV_DADPOS=3&v=6.1.1.243&avtoken=954440&AV_WIDTH=600&AV_HEIGHT=338&AV_CCPA=1---&cb=1614352954453
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
898c1f70cde5cac8c3d350e6a237c25aac2c17bae5437c563daa4ee540f8223f

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 15 Feb 2021 01:35:58 GMT
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:35 GMT
content-length
2
content-type
text/plain
av.png
static.avantisvideo.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.avantisvideo.com/images/av.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 22:14:50 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jan 2021 10:20:27 GMT
server
AmazonS3
age
61664
etag
"b8ce0fbf2e3e2f4f74cffe16c3b65adf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
1986
x-amz-cf-id
y5rdS6zPIorKcgp3iHwnbgyqIM6T5s0bN_mq7pyKmdbJ5FR2YwMTAQ==
container.html
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C7FA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 26 Feb 2021 15:22:34 GMT
expires
Sat, 26 Feb 2022 15:22:34 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614169937710944"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28419
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:34 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/ Frame C7FA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:11:01 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C7FA 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12669
x-xss-protection
0
server
cafe
etag
5012884434530507151
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:14:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame C7FA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 13:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5909
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 13:44:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame C7FA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:20:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C7FA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:21:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C7FA 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614169956137819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C7FA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:19:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 9FD5 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62144
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9FD5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62144
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9FD5 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62144
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9FD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62144
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9FD5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62144
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
truncated
/ Frame 9FD5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6670734d1e1df14dd613f28f77ae98378ab3162a4075260135f32e42a6cae4b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
17947558094938120394
tpc.googlesyndication.com/simgad/ Frame 9FD5 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17947558094938120394
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cacb82725f816b8da18e824d0f423089b6c0f73d4b086b921ac79848de3d47fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 09:22:22 GMT
x-content-type-options
nosniff
age
108012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36008
x-xss-protection
0
last-modified
Mon, 29 Feb 2016 13:13:33 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 09:22:22 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FD5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
25177
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 27 Feb 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FD5 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
57463
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 26 Feb 2021 23:24:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9FD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeksMOhI5YJqyDpmHjuwPuriLOP7O0Y5b2Ynxrr8G2tkeEAEg8YPXemD1lc6B4ASgAe7xjN0DyAEDqQKpUgv244WyPuACAKgDAcgDCKoE0gFP0B438YVICt9TOfhvPG9lUji4sV73oc051GF7KPUg8eu2_Tn_kYyHbSI0RMTBjLghQIkju-JRt98ggEL7RgaX49X3O69DK_qbBeVz9iBk_CNl2fhYeMAL5j6ikxanfHOm-nhZ5V-wiWJ3Dll9qN5ECfk6BjfW_0GvHLXsqXcaM7yM5wYraCQQZfOagcgF9lpWcSEbApHy1vRbiWlc6NqL2VFFy7aoAb1aXFR5tCZUIEWbv9_izI_7uy6xWmqoatc6IvzZHZvSvdX3WdnTzoou7tbABKKu8spO4AQBkgUECAQYAZIFBAgFGASgBgOAB_qN8yKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQkb8G0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi0yNTYxMTg4Njg4MTYzMTI3gAoDyAsB2BMCshcaChgIABIUcHViLTE0OTM3OTk2Mzg2NTYwMTc&sigh=APiBpDqfx5U&tpd=AGWhJmuFiR2dFBooSy9SSoGSVtQNu4iVXLtFX4aCbA-MD5Zfiw
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/4816592997635334925/ Frame C7FA 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4816592997635334925/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qkFjLLn-uhQERc72C1pNMwgw3FOPA
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7df96cf66af9897fc65d5c1395dd6465f7ab1e5c1b9a77b8df3309f4e6c0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 21:58:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 21:23:42 GMT
server
sffe
age
62635
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68995
x-xss-protection
0
expires
Fri, 25 Feb 2022 21:58:39 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame C7FA 		1 KB
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167457
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 16:51:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C7FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXgPoOhI5YI3TDYmGjuwPxOCP4AnLnJjPYYP44OXwDPLd0uCyARABIPGD13pg9ZXOgeAEoAHa3oiGA8gBBqkC6QmLM9BTtD7gAgCoAwHIA5sEqgTbAU_Q8e6KQ6LvjETDfa7vEMH7sCwUSY_LZhKKQN4YwAtZDUR-2nxm3Ob6CR2nmC4mx0VxoFnd6xNNZS-Nm2gNz8fL9Ih6Vvii1QWmHt9Am8DZ80XADwb4Py1qOmvHGoMCt6pze4koLIriwScrFl4vtjj2-1DRGv8S3bQO00CpRo6nyYzMbfH5f9YDFvLE6NaFbztUe7JM-QU6ooagKAeModVc9eoGG0wvKTeuvoXmAKo0PlqpV5NxoeR9Syu9lpphs-ROtjAnlzG9nk01ziUzZFQ_sYvJmlteJDzTP8AE1ea3n6QD4AQBkgUECAQYAZIFBAgFGASgBjeAB46h93moB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQkI0G0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi0yNTYxMTg4Njg4MTYzMTI3gAoDyAsB2BMNiBQCshcaChgIABIUcHViLTE0OTM3OTk2Mzg2NTYwMTc&sigh=LsB9hF91O64&template_id=492&tpd=AGWhJmtDsc-ZnvKYJLqBsuZTEP8cd3Sl89rHRAme7w6I81Abeg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3BC5 		143 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 26 Feb 2021 14:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2470
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C7FA 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0256e8897858ab04cd4379da54aa918107cdc9dddfc66089fa775492cc0de1e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ 		0
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9FD5
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Fri, 26 Feb 2021 15:22:34 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
17947558094938120394
tpc.googlesyndication.com/simgad/ Frame 9FD5 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17947558094938120394
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cacb82725f816b8da18e824d0f423089b6c0f73d4b086b921ac79848de3d47fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 09:22:22 GMT
x-content-type-options
nosniff
age
108012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36008
x-xss-protection
0
last-modified
Mon, 29 Feb 2016 13:13:33 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 09:22:22 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FD5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
25177
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 27 Feb 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FD5 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
57463
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 26 Feb 2021 23:24:51 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
52.28.41.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:58 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ 		0
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
52.28.41.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:58 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3BC5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJt97FlX7LWko_2FGfAZmIPb0lqjb1_ghut8Qutt6rujbhi7L-_oPEsPFK9U8; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 26 Feb 2021 15:22:34 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 26-Feb-2021 16:22:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 26 Feb 2021 15:22:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 26 Feb 2021 15:22:34 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
showad.js
ads.pubmatic.com/AdServer/js/ Frame CB63 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119121
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2DDF 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119120
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 9F2D 		0
0
crum
dsum-sec.casalemedia.com/ Frame 9F2D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSOg07e116RGehPSyt9QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9F2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDkSOg07e116RGehPSyt9QAABLAAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBcLXqi9ntlEJoFzTbli5KA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBcLXqi9ntlEJoFzTbli5KA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBcLXqi9ntlEJoFzTbli5KA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9F2D 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9F2D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47DC3FD289284E6A949B55EFFA729B2B
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47DC3FD289284E6A949B55EFFA729B2B
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:39 GMT

Redirect headers

date
Fri, 26 Feb 2021 15:22:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47DC3FD289284E6A949B55EFFA729B2B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 25 Feb 2021 15:22:38 GMT
cm
p.rfihub.com/ Frame 9F2D 		0
0
index
dmp.brand-display.com/cm/api/ Frame 9F2D 		0
0
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 9F2D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YDkSPAAAAJVxalZV
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YDkSPAAAAJVxalZV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
2997
x-served-by
cache-hhn4032-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1614352956.130047,VS0,VE0
content-length
85
x-cache-hits
24045

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1614352956.009018,VS0,VE94
x-served-by
cache-hhn4032-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YDkSPAAAAJVxalZV
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9F2D 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:35 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CB63 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79621035&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bbc2d7dfbbe8e415f08c919cc224b4b77ddbf957d7f294e3f476105eb1bd268d

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:34 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame 3888 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79621035&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 26 Feb 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1000
x-powered-by
ASP.NET
date
Fri, 26 Feb 2021 15:22:34 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 86F7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1840408437750438419
42 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1840408437750438419
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79621035&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Fri, 26 Feb 2021 15:22:35 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-1840408437750438419; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:35 GMT; path=/ PugT=1614352955; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 27-May-2021 15:22:35 GMT; path=/
X-lat
Pug22006:0:376
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1840408437750438419
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 6052
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRUxFN0FjaVVBQUJFeVBWdWVPQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEyaE7AciUAABAcgOPlog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9099003716992326377
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEyaE7AciUAABAcgOPlog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D9099003716992326377%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=9099003716992326377&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEyaE7AciUAABAcgOPlog&pid=558502&d...
  • https://match.prod.bidr.io/cookie-sync?userid=9099003716992326377&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEyaE7AciUAABAcgOPlog&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIH207AciUAABIgh09E5Q
42 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIH207AciUAABIgh09E5Q
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79621035&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Fri, 26 Feb 2021 15:22:53 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_699=22727-AAIH207AciUAABIgh09E5Q; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:53 GMT; path=/ PugT=1614352973; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 27-May-2021 15:22:53 GMT; path=/
X-lat
Pug22024:0:623
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:22:53 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIH207AciUAABIgh09E5Q
Server
nginx
set-cookie
bito=AAIH207AciUAABIgh09E5Q; Domain=bidr.io; expires=Mon, 28 Mar 2022 10:22:53 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Mon, 28 Mar 2022 10:22:53 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 663A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933593150238226581
42 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933593150238226581
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=79621035&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15; KRTBCOOKIE_336=5844-1840408437750438419; PUBMDCID=3; KRTBCOOKIE_153=19420-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0&KRTB&22979-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0; KRTBCOOKIE_22=14911-7531704135582063802; KRTBCOOKIE_466=16530-e6e84e00-efb9-4880-a8fb-a7fbfc724e47; KRTBCOOKIE_218=22978-YDkSPAAAAI5xa1ZV&KRTB&23194-YDkSPAAAAI5xa1ZV&KRTB&23209-YDkSPAAAAI5xa1ZV&KRTB&23244-YDkSPAAAAI5xa1ZV; PugT=1614352956; KRTBCOOKIE_188=3189-902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Fri, 26 Feb 2021 15:22:34 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6933593150238226581; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:34 GMT; path=/ PugT=1614352954; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 15:22:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 27-May-2021 15:22:34 GMT; path=/
X-lat
Pug23030:0:300
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Fri, 26 Feb 2021 15:22:36 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6933593150238226581; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933593150238226581
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8BCF 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3A4F97C7-27EC-4363-A749-0B5C34DC9598&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Az32Xq-P-E6hoG88axh5goI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server
Server
Date
Fri, 26 Feb 2021 15:22:35 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CB63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ok-XxyfsQ2OnSQtcNNyVmA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
0
0
mw
mwzeom.zeotap.com/ Frame CB63 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3A4F97C7-27EC-4363-A749-0B5C34DC9598
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
627aa992195416ee-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0880884f4d000016eea8062000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame CB63
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
frontend-id
0
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3A4F97C7-27EC-4363-A749-0B5C34DC9598&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:46 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Fri, 26 Feb 2021 15:22:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5403836308184895547
42 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5403836308184895547
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:45 GMT
X-lat
lhrpug015:0:474
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:45 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5403836308184895547
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC6826wgNMBEDcEffemO6kE&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC6826wgNMBEDcEffemO6kE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:49 GMT
X-lat
Pug22010:0:384
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC6826wgNMBEDcEffemO6kE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CB63 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7c626039-123d-4b00-8397-53feeb4111dc&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7c626039-123d-4b00-8397-53feeb4111dc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:37 GMT
X-lat
lhrpug006:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 26 Feb 2021 15:23:09 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7c626039-123d-4b00-8397-53feeb4111dc&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:08 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3606964892088964558&gdpr=0&gdpr_consent=
42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3606964892088964558&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 14:49:44 GMT
X-lat
Pug22077:0:263
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.140:80
AN-X-Request-Uuid
a4de6ad5-1df6-4de2-93c5-062f267564fb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3606964892088964558&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z3hUlfN1l2L_mGWZvkcNEz0kHPZegfg-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z3hUlfN1l2L_mGWZvkcNEz0kHPZegfg-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 23:22:38 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z3hUlfN1l2L_mGWZvkcNEz0kHPZegfg-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
3A4F97C7-27EC-4363-A749-0B5C34DC9598
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CB63 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3A4F97C7-27EC-4363-A749-0B5C34DC9598?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ph2UgXTmS-VoqeYqZ0BXBrmcr2s&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6e84e00-efb9-4880-a8fb-a7fbfc724e47&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6e84e00-efb9-4880-a8fb-a7fbfc724e47&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:35 GMT
X-lat
lhrpug019:0:383
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6e84e00-efb9-4880-a8fb-a7fbfc724e47&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 26 Feb 2021 15:22:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0
42 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:35 GMT
X-lat
Pug22064:0:329
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7531704135582063802&gdpr=0&gdpr_consent=&us_privacy=
1 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7531704135582063802&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:33 GMT
X-lat
Pug23045:0:269
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7531704135582063802&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDkSPAAAAI5xa1ZV&gdpr=0&gdpr_consent=&_test=YDkSPAAAAI5xa1ZV
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDkSPAAAAI5xa1ZV&gdpr=0&gdpr_consent=&_test=YDkSPAAAAI5xa1ZV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:36 GMT
X-lat
lhrpug016:0:495
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614352956.130199,VS0,VE0
x-served-by
cache-hhn4032-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDkSPAAAAI5xa1ZV&gdpr=0&gdpr_consent=&_test=YDkSPAAAAI5xa1ZV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348&gdpr=0&gdpr_consent=
42 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:36 GMT
X-lat
Pug22023:0:570
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame CB63 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3A4F97C7-27EC-4363-A749-0B5C34DC9598&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:61c4655d-e491-4f85-9c93-37603d91d908&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:61c4655d-e491-4f85-9c93-37603d91d908&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:35 GMT
X-lat
Pug23038:0:291
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:61c4655d-e491-4f85-9c93-37603d91d908&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 26 Feb 2021 15:22:36 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame CB63
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3606964892088964558
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3606964892088964558
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-lat
Pug23034:0:204
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.47:80
AN-X-Request-Uuid
21235324-2594-4b95-ab01-7081c805ab98
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3606964892088964558
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubmatic
um.simpli.fi/ Frame CB63 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 25 Feb 2021 15:22:38 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		118 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=XBdzRALGhjBPF&cb=2&ws=1600x1200&v=7.59.00&t=1400&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_Left_300xFlex_OuterRail%22%7D%5D&cfgv=0&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3b0f06428809f5a2af1153f294ec53f9b73bf713af5fe78657b696cfa2e12b54

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
127
via
1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
x-amz-cf-id
BA3ca7MglFdxXasvTq2bOQsNZVUk3Z9W4x6Owo80YfTkRdmmiYBatQ==
bid
ap.lijit.com/rtb/ 		24 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.24.0
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
84dff52c2df24ad9ff6500374457f7dfa3ffb4e59f428c75bede63c64a1daa14

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bidRequest
c2shb.ssp.yahoo.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.24.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1400&gdpr=false&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
hb.emxdgt.com/ 		0
0
cygnus
htlb.casalemedia.com/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
c
prebid.a-mo.net/a/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		118 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=XBdzRALGhjBPF&cb=3&ws=1600x1200&v=7.59.00&t=1400&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300xFlex_OuterRail%22%7D%5D&cfgv=0&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7a6c12b3bfb2efc039fb0bd3a28032b47f5fd5d48030e24c0d62caf6c8ebd191

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
126
via
1.1 32e17fe5a1e4cb77ad8ac75ddb0c4584.cloudfront.net (CloudFront)
x-amz-cf-id
WdyIgD9JnAct7AYFm1PYguZQI5VmGx2K55CnHruEG4gYWFJdPWyo2Q==
bid
ap.lijit.com/rtb/ 		24 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.24.0
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc983de16549eb7f65c7b0f050d223c8ab914d9b663cdbbe54dc3ad9b0e21d0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cygnus
htlb.casalemedia.com/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
c
prebid.a-mo.net/a/ 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		0
0
/
hb.emxdgt.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.24.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1400&gdpr=false&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
usync.js
eus.rubiconproject.com/ Frame CEA0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48393
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sat, 27 Feb 2021 04:49:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FD5 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf2qhlGfHwQFjBOWgFN5uUoATBJkQxlKD3oZkBBBAXxrPSF2L0PcuFr4JcK6wkLQif42dXTTXoNTXHP26LiTPv4B2306Qx8gJZkUlKrj4fN4nSaZIVJm8qjXQlm2UjMfGS5Ku6q2XT8wCKgOvPQhE0&sai=AMfl-YSU4moA4zVJeVfFANWAdrTW8jLwaTYhsregD6bPl7_MvrFKCj18pbK6KGan57z4YHnHu_MwS0F-fYJemY9dno3XDNXaqJMAp0ZZ06kIIdTrw9LWJS5JbOdA7c2R23TK&sig=Cg0ArKJSzI14m1I9zdQmEAE&cid=CAASPeRoCp3DIk24wyFIuoM9EtvG6UMNSzq70m7intvPYUvLUthPAi3xc3hVy6nWrpkWziRGWtR-wcMsPj_AuG4&id=ampim&o=940,418&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=135&tls=1136&g=100&h=100&tt=1136&r=v&avms=ampa&adk=1647638295
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C7FA 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIQTZDA-mx1kirdtgtT6U4MT2ossAZZ4dd5avANvY7VZ6-C5iU32oncLlHZqxbJcQ_3UblYDOB0EJxU0yeGzr45-wdW9ZyxYB6wqyRX9mY8LqNmuUGE-v_srFniQ&sai=AMfl-YRgzZItM9E5XiqymNvfsG8Cn5BMjUbidnkVyplqciAdpX4XN1WrpUoN9LnHBPMpPq_e9MMffhkrKqTzEbUoJb7BpStIfA3eISFwTdF91v4cX_1jMhn9YxJfbR5rALKJ&sig=Cg0ArKJSzKLS_AjxpHYHEAE&cid=CAASPeRo0x8t1Ur0Yp3HAhXKyFSGT-ho7da7XrsYqSrR72qyMCfWMohkA233sWZt2AcK4-X8puvbm8Pk9ksdlOE&id=osdim&mcvt=1001&p=299,341,411,1259&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=667232967&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614352954566&dlt=35&rpt=192&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame CEA0 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CEA0
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLMG2H7Q-1C-35F9&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLMG2H7Q-1C-35F9&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:37 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLMG2H7Q-1C-35F9&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame CEA0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwODYzZTZmMWFlOTdhYWEzODcxOWY5MTRlYWU5NTUzNDQwMDllZQ&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwODYzZTZmMWFlOTdhYWEzODcxOWY5MTRlYWU5NTUzNDQwMDllZQ&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQwODYzZTZmMWFlOTdhYWEzODcxOWY5MTRlYWU5NTUzNDQwMDllZQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CEA0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WJIVNEPNgbw1Ato8NDaKOsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=748211491029083211
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=748211491029083211
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Fri, 26 Feb 2021 15:22:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=748211491029083211
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CEA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECUztMiIG6GK9ODhe0K17A8&google_cver=1
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECUztMiIG6GK9ODhe0K17A8&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECUztMiIG6GK9ODhe0K17A8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CEA0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDkSPAAAAKQw4VLS&gdpr=0
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDkSPAAAAKQw4VLS&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614352956.460433,VS0,VE0
x-served-by
cache-hhn4032-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDkSPAAAAKQw4VLS&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame CEA0 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:36 GMT
via
1.1 google
alt-svc
clear
content-length
0
v1
ads.yahoo.com/cms/ Frame CEA0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLMG2H7Q-1C-35F9&sigv=1&esig=2~19354d99a3e487680a794c8b8ed67695c4b590f2&gdpr=0
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLMG2H7Q-1C-35F9&sigv=1&esig=2~19354d99a3e487680a794c8b8ed67695c4b590f2&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:36 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLMG2H7Q-1C-35F9&sigv=1&esig=2~19354d99a3e487680a794c8b8ed67695c4b590f2&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame CEA0 		0
0
pixel
cm.g.doubleclick.net/ Frame CEA0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame CB63 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:41 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
g_pbto
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1614352957192&eid=83ddbda1661ac9f
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.207.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.ch/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=742854129477322&correlator=1836226054272537&output=ldjh&impl=fifs&eid=31060169%2C31060207%2C31060299%2C21068111&vrg=2021022501&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=0&sfv=1-0-37&ecs=20210226&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_Top_Left_300xFlex_OuterRail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x600%7C160x600&fluid=height&prev_scp=amznbid%3D1%26amznp%3D1%26reloaded%3Dload1&eri=1&cookie=ID%3Dceaf0bd084afd1ab-22cc3fbc9fba00c4%3AT%3D1614352954%3AS%3DALNI_MYVa8a3EfE0PAdEJrqmPVjbh6dQvg&bc=23&abxe=1&lmt=1614352710&dt=1614352957197&dlt=1614352950748&idt=808&frm=20&biw=1600&bih=1200&oid=3&adxs=150&adys=0&adks=555958401&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1069105447.1614352951&ga_sid=1614352954&ga_hid=1721012158&ga_cid=1797796109.1614352957&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0471f56e87d7e05556d7368c47db28ec5e3945d594f092e54d33b3edc79a1b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2606
x-xss-protection
0
google-lineitem-id
5347961182
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308656187
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1614352957208&eid=84ef0fcbdb0dbc2
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.207.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=742854129477322&correlator=876064323995633&output=ldjh&impl=fifs&eid=31060169%2C31060207%2C31060299%2C21068111&vrg=2021022501&ptt=17&gdpr=0&addtl_consent=1~&us_privacy=1---&sc=0&sfv=1-0-37&ecs=20210226&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_Top_Right_300xFlex_OuterRail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x600%7C160x600&fluid=height&prev_scp=amznbid%3D1%26amznp%3D1%26reloaded%3Dload1&eri=1&cookie=ID%3Dceaf0bd084afd1ab-22cc3fbc9fba00c4%3AT%3D1614352954%3AS%3DALNI_MYVa8a3EfE0PAdEJrqmPVjbh6dQvg&bc=23&abxe=1&lmt=1614352710&dt=1614352957211&dlt=1614352950748&idt=808&frm=20&biw=1600&bih=1200&oid=3&adxs=1450&adys=0&adks=393748745&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1069105447.1614352951&ga_sid=1614352954&ga_hid=1721012158&ga_cid=1797796109.1614352957&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5eeec740891d4193480318721c4827c611532276f038278cf5df42d51d484450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27643
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0339 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE3bSIDjj-TcYl7UFK5bB_yZZeiGHpd2hfy1WOlWFODnM-cr_cTsoUGk_8p18m22R75LMEiR6jXPt6nVUM3iOepXziZHm41oOfjnrH8LiFEGAs0Q5YzEb7F5DX5_tEhav9JXpjPzIP-6-BuQDP3Dcr61Tk8WXSO6cwYe-2xo-LhLsUMQXRC6cWegvxbS1NF1QXrdFU6BoD27almCKZSeumL6xRPo16yBCxalowVIXKjXWqPgTscPRtriiC7NUohhHsDsZumzMvZkAhA22Qttyl95p8036eN8bVLglrCrTEqZ6hp6HjYCJDhYbcBO2_MiOfql-pEr5Jts-7AlGiO8BifxzOrTRYzi183QLrHd5Tr5nVnNjMmnIcAdavKTs-d9-omETseltJrsZ96uaojQ&sig=Cg0ArKJSzHYtw9KybakBEAE&urlfix=1&adurl=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
tags.js
tags.expo9.exponential.com/tags/JustJared1/FlexHome/ Frame 0339 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
HTTP/1.1
Server
2606:4700::6812:517 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ab8aabd8f132000916189cc8cb0eec137f043995555225aebd1db8580e9e3e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:37 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
13982
cf-request-id
088088586d00004aa9d61c9000000001
X-Function
151
Last-Modified
Wed, 29 Jul 2020 11:50:12 GMT
Server
cloudflare
X-Reuse-Index
2
ETag
3146757800451406274
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
627aa9a0aeec4aa9-FRA
Expires
Fri, 26 Feb 2021 16:22:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0339 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614169956137819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:37 GMT
5347961182
dfp-gateway.s-onetag.com/1/21854935662/ 		116 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/21854935662/5347961182
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 05:26:05 GMT
via
1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront), 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
age
35792
x-amzn-requestid
7427f816-5e14-4b75-8f82-1da579be3b82
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-6038866d-446840094ca36efe38a087c4;Sampled=0
x-amz-cf-pop
HAM50-C3, FRA56-C1
x-amz-apigw-id
bVnxDHr7iYcF4fg=
content-length
116
x-amz-cf-id
156kdmhw0gehq3hU9M4A3SM2VZVGA6PRbAPeIgGkofRlVAG_ZDSLig==
container.html
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EDF6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 26 Feb 2021 15:22:34 GMT
expires
Sat, 26 Feb 2022 15:22:34 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame EDF6 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12669
x-xss-protection
0
server
cafe
etag
5012884434530507151
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:14:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame EDF6 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 13:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5912
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 13:44:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame EDF6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:20:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame EDF6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:21:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDF6 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614169956137819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame EDF6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:19:36 GMT
l
www.google.com/ads/measurement/ Frame EDF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrtUZNmrYW0JeJ4YFm8XgzWGkamlbpMXaU5Lu_AE52EiHr_TxktKj96NMlAdA4HGkeink0uiM1MOoan2E7-J03KgkA5w
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
40933678460698624
tpc.googlesyndication.com/simgad/ Frame EDF6 		1 KB
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 16:51:37 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5302936297794848228/ Frame EDF6 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5302936297794848228/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qkfL_ghcIDQDAwYqvIS39dGmutkMw
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db9d8c241a8b0af0c19a3af3f88772927305c25f46c477df92a42979b130cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:45:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 10:07:22 GMT
server
sffe
age
268631
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43887
x-xss-protection
0
expires
Wed, 23 Feb 2022 12:45:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EDF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ7fnPRI5YNXeD5P33wPTirCYCOKi1K9h1b-xp5UNz8S3xI0OEAEg8YPXemD1lc6B4ASgAaSsnMkDyAEGqQKpUgv244WyPuACAKgDAcgDmwSqBNoBT9D9HGdkeQlS7_UW_KEHioK9bYze5rTSeFWT2kfNxiOqq-afjk2hA3siVj9Dh2lo3nwT5E4DLkoae4T3poxME_RpAW-Y7Xj5VZZU-rfcP-b6RYkbwvHP47hu61IMXQDhr89K8D_D6IdLZH8Wh8OJXTOoNZEgHt-rBswA-JCZXG6D2Xf54Odl2QyM7m69EDKyIPnVkyvqOX7tm3IzvnVGX2bWWxWdrbNF45EwGIxWfTtBkZcPsHOAru_wJ8KpLkoyx7hVMzr6FEZ4688kSQgXbJ4hxZPb5gGGDzzABLexkqWvA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfE0-M2qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMGXB9IIBwiAYRABGB3yCBthZHgtc3Vic3luLTI1NjExODg2ODgxNjMxMjeACgPICwHYEw2IFAKyFxoKGAgAEhRwdWItMTQ5Mzc5OTYzODY1NjAxNw&sigh=zxfpENCPQUY&template_id=492&tpd=AGWhJmvjvYDAnvIsQDKU2eNFfrV6OyEkfDYURMuIoGE6ouwv7g
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D39 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 26 Feb 2021 03:14:09 GMT
expires
Sat, 27 Feb 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
43708
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EDF6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98d6081f3886bc7c5b2b463dcf4ab8c416385492532f3536bb2bf23e33677207

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 4D39 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJE4Mh5fuLsdDN65q7ptD4Q&google_cver=1&google_push=AQvitUKNmj0uY_tdKodxIJZG9MaLe4OSZ9JiyAbXbg_gcpEr3nL4Y1tLmbKhyjhMmOeONr5opHtTvEtxLK27GxK08BFIQshk8EQ1
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4D39
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEZuoiLUCoNnX-HBF6NookI&google_cver=1&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7V...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7VP5XUOPzLzmwQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7VP5XUOPzLzmwQ
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:23:09 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULujRkKb4k5Gg3ZFQ1zVbkPjmQMguQLyyX94f-AQN1POaEIDJBlhyxGyYGIVIIORz7mGi7Ir6wj4ZdwGD7VP5XUOPzLzmwQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:08 GMT
google
match.adsrvr.org/track/cmf/ Frame 4D39 		0
0
pixel
cm.g.doubleclick.net/ Frame 4D39
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM3pQi0z5ieAOyat1q3eCaU&google_cver=1&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM3pQi0z5ieAOyat1q3eCaU&google_cver=1&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eU...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eU...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp&google_tc=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=m8-6gW6-mG3zdeBGb8jG0w&google_push=AQvitULszhLOWuvKXLZUCE_2PuDAsw-AzmAUMtHFV1U459vsYtPJhOVBH6LnO2ZJ3N_fsQKCd8Z9Hg6eUvR0GV778bb-mVjHU0Sp&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
440
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D39
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESENEez-0OYfIaMoZe68hw2pQ&google_cver=1&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5...
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESENEez-0OYfIaMoZe68hw2pQ&google_cver=1&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM&google_tc=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUJ9UNccHKhZZHeD8gTE4LjRKZgOff5gBCNw6aHcDwnkJDRLWRwNC0K-RC5qAHbXuWKm6QhF_B40L97gcmHdlyc5nW3f6jM&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJaz8fJWZvaTKwfsVA9x2us&google_cver=1&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9zp-XTbebY8GFzmnyl5-Fze1mhS
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9zp-XTbebY8GFzmnyl5-Fze1mhS
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNRzJIN1EtMUMtMzVGOQ==&google_push=AQvitUI0a19qBE8QkAVWz4RxuytIEvQz6_bpHfqXqjRsSoKJxumDpEatjBq7J1AEbRIqgkDBg9zp-XTbebY8GFzmnyl5-Fze1mhS
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync
dsp.adkernel.com/ Frame 4D39 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOafxDwbdzaFL-PuvA0CUXI&google_cver=1&google_push=AQvitUJV56fnOI42ACjOcpv-v3gh0EUSfj38QVWBW27lzIZx9Z_SWUgG5DwX6VhIrJQTIDzRVNSmue3o3nR4aq4_HJXbulPH_5su
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:45 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 4D39 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj8YHL3xn1C_MPIU1EFUfuwsAsnw8Zd2uZPkK380vblY5hOQcTFp_p4XxA4_PqPPJlriaO
Requested by
Host: 009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
URL: https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
event
prebid-a.rubiconproject.com/ 		0
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
52.28.41.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:58 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
displayAd.js
a.tribalfusion.com/ Frame 0339 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17fd152e12a6a92ab10ccfea6033f88358dd183e2ea28eeef06a38f451d1075

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:37 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
331
cf-request-id
088088593700004a682c1df000000001
X-Function
153
Last-Modified
Tue, 04 Apr 2017 05:09:56 GMT
Server
cloudflare
X-Reuse-Index
109
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
627aa9a1fd644a68-FRA
Expires
Thu, 27 May 2021 15:22:37 GMT
j.ad
a.tribalfusion.com/ Frame 0339 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=justjared1&adSpace=flexhome&center=1&env=display&size=300x250,300x600,160x600&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=12880821&tKey=a1mneM4mBFmFULYs3QXG34VrbKQxkMjm&a=1&adContainerId=richmedia_2&rnd=12885400
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f461d04010854e0154a0c9de141920c07582c9530d7c226c43f8c479b4ccf7f1

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2428
cf-request-id
08808859dd00004a68d9a1f000000001
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
162
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
627aa9a2fee54a68-FRA
Expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2DDF 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15; KRTBCOOKIE_336=5844-1840408437750438419; PUBMDCID=3; KRTBCOOKIE_153=19420-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0&KRTB&22979-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0; KRTBCOOKIE_22=14911-7531704135582063802; KRTBCOOKIE_466=16530-e6e84e00-efb9-4880-a8fb-a7fbfc724e47; KRTBCOOKIE_218=22978-YDkSPAAAAI5xa1ZV&KRTB&23194-YDkSPAAAAI5xa1ZV&KRTB&23209-YDkSPAAAAI5xa1ZV&KRTB&23244-YDkSPAAAAI5xa1ZV; KRTBCOOKIE_188=3189-902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348; KRTBCOOKIE_1101=23040-6933593150238226581; KRTBCOOKIE_27=16735-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&16736-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23019-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23114-uid:7c626039-123d-4b00-8397-53feeb4111dc; PugT=1614352957; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119110
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
dcmads.js
www.googletagservices.com/dcm/ Frame 0339 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=justjared1&adSpace=flexhome&center=1&env=display&size=300x250,300x600,160x600&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=12880821&tKey=a1mneM4mBFmFULYs3QXG34VrbKQxkMjm&a=1&adContainerId=richmedia_2&rnd=12885400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Feb 2021 17:29:32 GMT
server
sffe
age
1320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2587
x-xss-protection
0
expires
Fri, 26 Feb 2021 16:00:38 GMT
impl_v68.js
www.googletagservices.com/dcm/ Frame 0339 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v68.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 17:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Feb 2021 15:22:11 GMT
server
sffe
age
339721
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15248
x-xss-protection
0
expires
Tue, 22 Feb 2022 17:00:37 GMT
Cookie set p.media
a.tribalfusion.com/ Frame 4BEC 		373 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aimT09Wd3VWrb15rIqUa7mTTM8SEYIRVfCPbIxRHvdUVMP4UusndiOYqTM4WvZaQVrF26BZbotIyTtYfXrnc1UBi0qZarRFYFUFZbSTdrWnFQsQFrq1Evt5Ejf2q3RmaMD1rZb6WtbXmPbDnGMwotfH3EUh2HiN56JEnUMZaXGnV1c3V0VvxpTb42rFQWUZbDVPfYREnQPVrNPHbw0HZbpWAMx4sBU0UZbDTBInR9QSrwvgmr&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b5de22696847ab1087f6653bcbc8795d0f36ec34f2618e768eda63e8070ccf

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7430bfd60807ca1d02410edfc143ffcd1614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aqnpe3mMZaEpDXqwsMQoclZdUH22yQ0PmoUQRrjyNRysXV3PxZaZblLu; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure; ANON_ID_old=aqnpe3mMZaEpDXqwsMQoclZdUH22yQ0PmoUQRrjyNRysXV3PxZaZblLu; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
1
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
CF-Cache-Status
DYNAMIC
cf-request-id
0880885acc00004a682c1f9000000001
Server
cloudflare
CF-RAY
627aa9a479594a68-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 2B8D 		604 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57819b6e056137efab32a2a09f75d711dc26d8c81d590ccf9986363e3f55d1b2

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d839e8cde715145bd66a085cafc2dae121614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=afnpe3mge0nousnG6w5aHI0HYVs8smm67X5Srv2A2p4GjWxZaZbmiE; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
130
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=afnpe3mge0nousnG6w5aHI0HYVs8smm67X5Srv2A2p4GjWxZaZbmiE; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885ad50000324828b9f000000001
Server
cloudflare
CF-RAY
627aa9a48ffb3248-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame E10C 		242 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=akmT09WUYXTtQ2mrJuRbBt1Evq5qbc5aYRmEZbKYrZb8WHbWmPnZamGvwpHUH5qQ83Hmt3PnZanbrEXc7XYs34XG7NnEBV3rUTVbfZcUP3TQqb2PsZbtStFy0dnoWAYp2GB40UUKVAqw4ABgP67K2dZbn0WYKmWAo5An15Vr8TcQ7Ucb8RAFuWdY3TUM53UarWqbqTT3lPavGRc7ZbQFZaoSdvaUVb52F6xmVPqTHqIs3Y2OF&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93d27a02acc863843339658cf429aa87f7390d44e2d76628e213055c7add7c7

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6b13b315e89a545dcac208d6a1118dcc1614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aRnpe3PME7vQmKvEjT3B8syGQhumVFuRbLVD3KM73TQTJdxZaZbsOP; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
74
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aRnpe3PME7vQmKvEjT3B8syGQhumVFuRbLVD3KM73TQTJdxZaZbsOP; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885ad500004dfabd02c000000001
Server
cloudflare
CF-RAY
627aa9a48c664dfa-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame A4CE 		259 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=almT09Wrb15bEoWTYxWqBcSTQZcRcbZcRFAvRWQkWVMT2FuqmtioYqmp3dYBSsfZd4AJZcmtPsTHBhXF7iYFBhXaioRrnFUrQ1VWYWobjxQbrpXTFs3TBi4ErXmqBIYFU8WHbQomnBnVjuoHrJ3qZbl3teq4mbGnUUGXcnRYc30XG7nnEvT5UY2WbnHVAv2QEr2ScYMPHjs0HJtWPQu3VY30UZbDVmiw47f92S7nq3Np4U&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d573363e898b8e114eee4bd4e20c4ba42f8714d7c85e51b5c79cdbf20f502b5

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8ea6dd602377e2b11043df42acacc1c31614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a8npe3w5EGMAaINWfWPaRMXcrysBsIQBnc2PQFUn7sSUY5xZaZbNsW; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
95
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a8npe3w5EGMAaINWfWPaRMXcrysBsIQBnc2PQFUn7sSUY5xZaZbNsW; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885ad60000c2a9292d5000000001
Server
cloudflare
CF-RAY
627aa9a48980c2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 0BDC 		230 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aAmT09TFfFUAv4PTvRPVYqSt7s1WftVP3p2cnWXUUIVmqr4AUbQ6bK3WnnXd3Dnt2x3mJS5cMgTGBlWsbgPP3MUtMUUUjX3FiuUaQvWaJ8PEBZdQVjJQFqsRd3iWcbT2FuooWiOXaan2dvZdQsrC4mQZbpWEyTt7fXFncYUBlXaiMRrJHWU3SWWJ0nU3mPFFp1EQy4ajd5TQ3naJDXUZb7WHMXoAfBntFnNqrosEtLJV&mediaDataID=6680176&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfd69e817e61d608b68b6844d62672e197c4e966b9c78699406078ad88559f9

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da8abd3085dc2b6d08884774692f165cd1614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a5npe3sjyDymTFMcEJXblZb5VM8r9NZatDfKymrA26QqUFJHxZaZbDUE; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
15
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a5npe3sjyDymTFMcEJXblZb5VM8r9NZatDfKymrA26QqUFJHxZaZbDUE; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885ad6000032583c087000000001
Server
cloudflare
CF-RAY
627aa9a48e163258-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 686D 		324 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpPUZbpXTJr3Tjf4qn1nEFIYbbhUHbSoAnZcnVvtpHnJ2Enl5HiM5mvZdpbjZcXVv0YGZbT0V7vpT7Q3FMTVb7GW6jTRTYQPVZbmPdUOYtfqVAQv2cMUXbZbIVmqp26UePmnI2WQO0dBZcndEu4P3Y5V3eTGQbWcbkPP3oUtFWWr7P2F2sVEMqWa38STUFRcfBQFIsStUdVsMW2F6xodqOXFZauPTvqqhTjFs&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f18d5c27f5d37f034367f42e203caf1aa4d59bec499e334b64a67297f487ad

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de6e2556018e5998ad097aafe9b4ce1a61614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aunpe3wl6hmbQQw9PCR7cwQavPw7N5PSylSbb8SDJ6XdFVxZaZbK5v; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
56
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aunpe3wl6hmbQQw9PCR7cwQavPw7N5PSylSbb8SDJ6XdFVxZaZbK5v; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885ad7000018e5951cc000000001
Server
cloudflare
CF-RAY
627aa9a489bf18e5-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 8A09 		213 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aCmT095bEpUqroWqBaQTUZaQVbZbRbAnStYiWGU34FumodimXamN3dMZdPGJC2AUEoWXrVHY7XrvkYrQ70qirPbQCUFv1VWY5mUYxRFJNXqFn4EUk2anPnTfGYUffUtMSoAnIpsvwoWbL3EQ73Hmm5A7ZamFvEXcYXYG340G7MpT743FFVTFjZcV67YPEY3Qs3mStBr0HBxWPUy3Gr4YrULVmiw2PZbePQYBPaQEsZaUKD2&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96587c3411bb189719cd5af61ac7a567d146970fadda1069beaeeaf6000a7e3b

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8ea6dd602377e2b11043df42acacc1c31614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=asnpe3xZduBnRApTpqhpHwKOq3cMooNyDP9SF3MMABZcTHb7xZaZbV1V; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
137
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=asnpe3xZduBnRApTpqhpHwKOq3cMooNyDP9SF3MMABZcTHb7xZaZbV1V; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885b840000c2a96e9d4000000001
Server
cloudflare
CF-RAY
627aa9a5aa68c2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 8F5B 		302 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REM1QGvsPtjyYtZbwWPju2cvUXFMBTmqn2PUdPmbH3WUO1WMZcpWAn5PBP3cb6TsYjWGr6RA3wWd3RUbFX3FZamWqnvTErlPaBIRGQIRrEoSHn7VcY54r6modis0Emp2tfZbQGfZa4AJJodAsUdZbhXFYiYrBh0ainPbQZbUFBYTtUWnUQsRbfoXqnn3TBa5TYQnaZbHXF78TdbPoAfBpG7wosZbCQtQ0tFLZdZd3&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0dffeaf5c34dd8d1b2104c7e1730ec949f33769fd525ecfc89476d955cf75c2

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da8abd3085dc2b6d08884774692f165cd1614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a8npe3w5EGMAaINWfWPaRMXcrysBsIQBnc2PQFUn7sSUY5xZaZbNsW; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
140
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a8npe3w5EGMAaINWfWPaRMXcrysBsIQBnc2PQFUn7sSUY5xZaZbNsW; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0880885b870000325880192000000001
Server
cloudflare
CF-RAY
627aa9a5af133258-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame D003 		309 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aEmT09orJmRUjt1TUm5E7j2ajXnqBCXFjfUWZb0mAnKpGvroWnE2EU72tZam3mbFnbbZb0V7PYsUV0cnpnE7V5U3SVUJGW6n2PEMQSsnMPHUu0dvoT6Yx2GM0XrnDTAin2PU7RPbK2HBM0W3AnW2y56YS4GngTGvlWGbgRP3NWd33UbM05bAuVTjwVaYjPErIQVFCQFAwStQ9VcQT5bupodqO0qep2VBE3rfttlJZcEC&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e11878b343306ec2ed6ac76a3bf94668ce48584db672919b31f46e2b1f4dbed

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de6e2556018e5998ad097aafe9b4ce1a61614352958; expires=Sun, 28-Mar-21 15:22:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aXnpe3OZb3VxUEjUGuk0HogTUnvwmGkP6YDQP7d0mUE1BjlxZaZbXPG; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT; SameSite=None; Secure; ANON_ID_old=aXnpe3OZb3VxUEjUGuk0HogTUnvwmGkP6YDQP7d0mUE1BjlxZaZbXPG; path=/; domain=.tribalfusion.com; expires=Thu, 27-May-2021 15:22:38 GMT;
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
1
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Vary
Accept-Encoding
Expires
0
CF-Cache-Status
DYNAMIC
cf-request-id
0880885b8c000018e5530ee000000001
Server
cloudflare
CF-RAY
627aa9a5aad818e5-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 0339 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cacc7ef4cd797fd55e352d225f839adcb34a62f1101777cc3aca8556f8be4702

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ptv
ib.adnxs.com/ 		85 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20752301&referrer=http%3A%2F%2Fwww.justjared.com%2F&us_privacy=1---&cbb=4352958192&imp_id=a8fc5fe5-4d7f-4cd1-9272-3f9c2376a5cc
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid
3fa45735-3f4a-4e39-8165-421d44b65e3e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20629435&referrer=http%3A%2F%2Fwww.justjared.com%2F&us_privacy=1---&cbb=4352958196&imp_id=a8fc5fe5-4d7f-4cd1-9272-3f9c2376a5cc
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.149:80
AN-X-Request-Uuid
d171459e-da87-4935-98f9-6e2740ba1365
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame C716 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b2::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:38 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 26 Feb 2021 15:27:38 GMT
avpb3a0.js
player.aniview.com/script/6.1/ Frame C716 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b2::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5f9c3fdb26074a93b25360dab2b8b8fe2d569d4094aa8a7b39601e36c3349828

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:38 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwDOFDe7Y2s25Rilhc0hJ50m_BI3cezeU3WzzoYJt6Z28WFQkkDC0IHH6m6tQyi5Y44rO1J8krb1f5UeXhj3hO6Ouyu_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
38135
last-modified
Wed, 24 Feb 2021 08:53:15 GMT
server
UploadServer
etag
"a4e9373372d0fcd742d07aed9f9e0499"
vary
Accept-Encoding
x-goog-hash
crc32c=8PuGUQ==, md5=pOk3M3LQ/NdC0Hrtn54EmQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156795552060
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
38135
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 26 Feb 2021 15:27:38 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:38 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=request&cb=1614352958197&asid=6025213edbdd163aca4d19b6%2C60106eb3a4195e08c941ef3d%2C60106ebe4f3e2a256b25146f%2C5fcfc4697565f220db1d951d%2C5fcf9657b299c044bf3b5c06%2C602d1bead43286045749c0f4%2C5fb53297720b1f11a9542072%2C5fcfbcfd4f19f419b2345a27%2C5fd0ce174e8a051b2a70e8b0%2C5fcf88dfc500ab58187341c3%2C5fb53275a7fbda3e5933736b%2C602934661d8ffa76a7724b48%2C5fcf90c24344c96af64fba86%2C5fcf877753d7836ffd7be585%2C5fcfbabddf65c83e2636a9f5%2C5fcf98395afd4148533e2c8c&ofpr=1.55%2C1.27%2C1.05%2C%2C0.85%2C%2C%2C0.65%2C0.55%2C0.55%2C0.59%2C0.49%2C0.45%2C0.45%2C0.45%2C0.39&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=request&cb=1614352958199&asid=5fcf8fd260ecb03f5416c32e%2C5fcf99c715e70b4a8f3e67a8&ofpr=0.39%2C0.29&fpo=%2C
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1...
ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/ Frame 2BDF 		33 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
f3c56f5066536935eb293bd1b01948c0638daec2654317269062f53addb10816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJt97FlX7LWko_2FGfAZmIPb0lqjb1_ghut8Qutt6rujbhi7L-_oPEsPFK9U8; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 26 Feb 2021 15:22:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
16397
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb
hb.undertone.com/ 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3710&domain=justjared.com&ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:38 GMT
via
1.1 c25bc16c1238c23c74267a81302a62f8.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://www.justjared.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
101
x-amz-cf-id
8Zp0Ae0MSWabSHO4I6A12yPle3CcEvwB5rXXxUnl4s9cDV7iMMhPnw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Fri, 26 Feb 2021 15:22:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.yellowblue.io/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.25.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b86e6d14af9be21e3ca394f0d705ac84fd335bef9dadd9454c1a7d50e28764f0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:41 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.70:80
AN-X-Request-Uuid
aa038c8b-fd65-4931-bc9c-c4ef56ee2b45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/216063/0/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.25.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd7159160e758625ddd687e795b516e28057b1802d348e6a06dfef8a59eba6c3

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:41 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
hb
ice.360yield.com/ 		0
0
cygnus
htlb.casalemedia.com/ 		0
0
mvo
tag.1rx.io/rmp/216063/0/ 		0
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Tradecraft
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
/
hb.emxdgt.com/ 		0
0
hb
hb.undertone.com/ 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3710&domain=justjared.com&ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:38 GMT
via
1.1 c25bc16c1238c23c74267a81302a62f8.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://www.justjared.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
x-amz-cf-id
0sP2tHmJ2mWAKze7_us6pxoyYbCuwKq9tbtEBfwMUiV7f1lfw_q-Eg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
260f5ae4081436fb1931556a3dd5224444def5996ed2d3ba9de326557479b704

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:38 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EDF6 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkOd6Gr2IbaJlXH5jitGVX08Xd-7YFjxARxaNDO0xJkVLol8Z_IEWBFodt8cDxiOvBwKfh_FJqb7joJJ6hZ6rkCxsu6JN22knXZ6rd9roxvztHJCV_BfhMWtI&sai=AMfl-YR4Psgc8T-2lv1hIltJNCIWqAJI5WCFws8U8dGlZ-cGfZO5P9Dprp7-MqP74SJvX-w0uKDjhkSFN5nHSnKj0ZKQcnWndgGLtPfJr6qI2Z-4Ae5CHQo0lBgs0o33&sig=Cg0ArKJSzM40kCCSV1flEAE&cid=CAASFeRo3aWc51kMJ5VzPLJVzNrqk0OW-g&id=osdim&mcvt=1000&p=1,1301,237,1599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=393748745&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614352957588&dlt=8&rpt=84&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A4CE
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662211632556840&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=V5VC%2F99999en9MkQ
  • https://s.tribalfusion.com/z/i.match?p=b3&u=V5VC%2F99999en9MkQ
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b3&u=V5VC%2F99999en9MkQ
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=almT09Wrb15bEoWTYxWqBcSTQZcRcbZcRFAvRWQkWVMT2FuqmtioYqmp3dYBSsfZd4AJZcmtPsTHBhXF7iYFBhXaioRrnFUrQ1VWYWobjxQbrpXTFs3TBi4ErXmqBIYFU8WHbQomnBnVjuoHrJ3qZbl3teq4mbGnUUGXcnRYc30XG7nnEvT5UY2WbnHVAv2QEr2ScYMPHjs0HJtWPQu3VY30UZbDVmiw47f92S7nq3Np4U&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=almT09Wrb15bEoWTYxWqBcSTQZcRcbZcRFAvRWQkWVMT2FuqmtioYqmp3dYBSsfZd4AJZcmtPsTHBhXF7iYFBhXaioRrnFUrQ1VWYWobjxQbrpXTFs3TBi4ErXmqBIYFU8WHbQomnBnVjuoHrJ3qZbl3teq4mbGnUUGXcnRYc30XG7nnEvT5UY2WbnHVAv2QEr2ScYMPHjs0HJtWPQu3VY30UZbDVmiw47f92S7nq3Np4U&mediaDataID=2713736&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aaa0daeb9c277-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0880889c8a0000c2770e8fc000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:54 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3585
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aaa0c9dd7c277-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b3&u=V5VC%2F99999en9MkQ
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0880889be30000c277d53db000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 0BDC 		0
0
tap.php
pixel.rubiconproject.com/ Frame 686D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662211632556840&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662211632556840&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662211632488981&expires=180
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662211632488981&expires=180
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpPUZbpXTJr3Tjf4qn1nEFIYbbhUHbSoAnZcnVvtpHnJ2Enl5HiM5mvZdpbjZcXVv0YGZbT0V7vpT7Q3FMTVb7GW6jTRTYQPVZbmPdUOYtfqVAQv2cMUXbZbIVmqp26UePmnI2WQO0dBZcndEu4P3Y5V3eTGQbWcbkPP3oUtFWWr7P2F2sVEMqWa38STUFRcfBQFIsStUdVsMW2F6xodqOXFZauPTvqqhTjFs&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpPUZbpXTJr3Tjf4qn1nEFIYbbhUHbSoAnZcnVvtpHnJ2Enl5HiM5mvZdpbjZcXVv0YGZbT0V7vpT7Q3FMTVb7GW6jTRTYQPVZbmPdUOYtfqVAQv2cMUXbZbIVmqp26UePmnI2WQO0dBZcndEu4P3Y5V3eTGQbWcbkPP3oUtFWWr7P2F2sVEMqWa38STUFRcfBQFIsStUdVsMW2F6xodqOXFZauPTvqqhTjFs&mediaDataID=5436426&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
398
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9aa59f3c2b8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662211632488981&expires=180
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0880885e770000c2b8850fe000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 2B8D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b426c6bd8d3fa03a9c575fda5ce95829e721e4e47ecc33185c1be4e77528c784

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
627aa9a9298b4a6e-FRA
cf-request-id
0880885db800004a6e429d2000000001
i.match
s.tribalfusion.com/z/ Frame 2B8D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622116...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662211632556840&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
  • https://s.tribalfusion.com/z/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:46 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9d5e8281776-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08808879ac0000177611bd8000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:46 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2528
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9d4cedb1776-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b11&u=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08808878ff0000177612869000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame E10C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662211632556840
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKjaMN_8g-7Xins2PTP_zS8&google_cver=1&google_ula=2786954,0
43 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKjaMN_8g-7Xins2PTP_zS8&google_cver=1&google_ula=2786954,0
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=akmT09WUYXTtQ2mrJuRbBt1Evq5qbc5aYRmEZbKYrZb8WHbWmPnZamGvwpHUH5qQ83Hmt3PnZanbrEXc7XYs34XG7NnEBV3rUTVbfZcUP3TQqb2PsZbtStFy0dnoWAYp2GB40UUKVAqw4ABgP67K2dZbn0WYKmWAo5An15Vr8TcQ7Ucb8RAFuWdY3TUM53UarWqbqTT3lPavGRc7ZbQFZaoSdvaUVb52F6xmVPqTHqIs3Y2OF&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=akmT09WUYXTtQ2mrJuRbBt1Evq5qbc5aYRmEZbKYrZb8WHbWmPnZamGvwpHUH5qQ83Hmt3PnZanbrEXc7XYs34XG7NnEBV3rUTVbfZcUP3TQqb2PsZbtStFy0dnoWAYp2GB40UUKVAqw4ABgP67K2dZbn0WYKmWAo5An15Vr8TcQ7Ucb8RAFuWdY3TUM53UarWqbqTT3lPavGRc7ZbQFZaoSdvaUVb52F6xmVPqTHqIs3Y2OF&mediaDataID=4056396&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9ed785cc277-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08808888720000c27704930000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKjaMN_8g-7Xins2PTP_zS8&google_cver=1&google_ula=2786954,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4BEC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aimT09Wd3VWrb15rIqUa7mTTM8SEYIRVfCPbIxRHvdUVMP4UusndiOYqTM4WvZaQVrF26BZbotIyTtYfXrnc1UBi0qZarRFYFUFZbSTdrWnFQsQFrq1Evt5Ejf2q3RmaMD1rZb6WtbXmPbDnGMwotfH3EUh2HiN56JEnUMZaXGnV1c3V0VvxpTb42rFQWUZbDVPfYREnQPVrNPHbw0HZbpWAMx4sBU0UZbDTBInR9QSrwvgmr&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aimT09Wd3VWrb15rIqUa7mTTM8SEYIRVfCPbIxRHvdUVMP4UusndiOYqTM4WvZaQVrF26BZbotIyTtYfXrnc1UBi0qZarRFYFUFZbSTdrWnFQsQFrq1Evt5Ejf2q3RmaMD1rZb6WtbXmPbDnGMwotfH3EUh2HiN56JEnUMZaXGnV1c3V0VvxpTb42rFQWUZbDVPfYREnQPVrNPHbw0HZbpWAMx4sBU0UZbDTBInR9QSrwvgmr&mediaDataID=6546596&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9ab0a8ac2b8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0880885ee80000c2b8b4a28000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
820
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9a9d92cc2b8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=37887764-08fe-456a-83e3-7db3859e5272
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0880885e230000c2b875a44000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 8A09
Redirect Chain
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662211632556840&_origin=1&redir=true&apid=UP77ee1f0a-7846-11eb-92c8-02014e65fe46
  • https://a.tribalfusion.com/i.match?p=b17&u=UP77ee1f0a-7846-11eb-92c8-02014e65fe46
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=UP77ee1f0a-7846-11eb-92c8-02014e65fe46
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aCmT095bEpUqroWqBaQTUZaQVbZbRbAnStYiWGU34FumodimXamN3dMZdPGJC2AUEoWXrVHY7XrvkYrQ70qirPbQCUFv1VWY5mUYxRFJNXqFn4EUk2anPnTfGYUffUtMSoAnIpsvwoWbL3EQ73Hmm5A7ZamFvEXcYXYG340G7MpT743FFVTFjZcV67YPEY3Qs3mStBr0HBxWPUy3Gr4YrULVmiw2PZbePQYBPaQEsZaUKD2&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aCmT095bEpUqroWqBaQTUZaQVbZbRbAnStYiWGU34FumodimXamN3dMZdPGJC2AUEoWXrVHY7XrvkYrQ70qirPbQCUFv1VWY5mUYxRFJNXqFn4EUk2anPnTfGYUffUtMSoAnIpsvwoWbL3EQ73Hmm5A7ZamFvEXcYXYG340G7MpT743FFVTFjZcV67YPEY3Qs3mStBr0HBxWPUy3Gr4YrULVmiw2PZbePQYBPaQEsZaUKD2&mediaDataID=6347136&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9be3be41776-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0880886ae7000017761684d000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://a.tribalfusion.com/i.match?p=b17&u=UP77ee1f0a-7846-11eb-92c8-02014e65fe46
Connection
keep-alive
Content-Length
0
usermatch.gif
beacon.krxd.net/ Frame 8F5B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662211632556840&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662211632556840&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662211632493764
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662211632493764
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REM1QGvsPtjyYtZbwWPju2cvUXFMBTmqn2PUdPmbH3WUO1WMZcpWAn5PBP3cb6TsYjWGr6RA3wWd3RUbFX3FZamWqnvTErlPaBIRGQIRrEoSHn7VcY54r6modis0Emp2tfZbQGfZa4AJJodAsUdZbhXFYiYrBh0ainPbQZbUFBYTtUWnUQsRbfoXqnn3TBa5TYQnaZbHXF78TdbPoAfBpG7wosZbCQtQ0tFLZdZd3&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.1.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REM1QGvsPtjyYtZbwWPju2cvUXFMBTmqn2PUdPmbH3WUO1WMZcpWAn5PBP3cb6TsYjWGr6RA3wWd3RUbFX3FZamWqnvTErlPaBIRGQIRrEoSHn7VcY54r6modis0Emp2tfZbQGfZa4AJJodAsUdZbhXFYiYrBh0ainPbQZbUFBYTtUWnUQsRbfoXqnn3TBa5TYQnaZbHXF78TdbPoAfBpG7wosZbCQtQ0tFLZdZd3&mediaDataID=6807466&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1614352964
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
112
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9aa59f1c2b8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662211632493764
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0880885e740000c2b87138b000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame D003
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662211632556840&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662211632556840&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662211632487873
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662211632487873
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aEmT09orJmRUjt1TUm5E7j2ajXnqBCXFjfUWZb0mAnKpGvroWnE2EU72tZam3mbFnbbZb0V7PYsUV0cnpnE7V5U3SVUJGW6n2PEMQSsnMPHUu0dvoT6Yx2GM0XrnDTAin2PU7RPbK2HBM0W3AnW2y56YS4GngTGvlWGbgRP3NWd33UbM05bAuVTjwVaYjPErIQVFCQFAwStQ9VcQT5bupodqO0qep2VBE3rfttlJZcEC&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aEmT09orJmRUjt1TUm5E7j2ajXnqBCXFjfUWZb0mAnKpGvroWnE2EU72tZam3mbFnbbZb0V7PYsUV0cnpnE7V5U3SVUJGW6n2PEMQSsnMPHUu0dvoT6Yx2GM0XrnDTAin2PU7RPbK2HBM0W3AnW2y56YS4GngTGvlWGbgRP3NWd33UbM05bAuVTjwVaYjPErIQVFCQFAwStQ9VcQT5bupodqO0qep2VBE3rfttlJZcEC&mediaDataID=8039566&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
via
1.1 google
x-envoy-decorator-operation
leo-dsp-cookie-matching.default.svc.cluster.local:80/*
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
0
server
istio-envoy

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
48
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
627aa9aa59f4c2b8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662211632487873
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0880885e750000c2b87b104000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
363.json
id5-sync.com/g/v2/ 		345 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/363.json
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c68525dfd3522e6502ba77c99b7f5b569ed0f682f09b920635b3366bc502ccb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:38 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
http://www.justjared.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
rid
match.adsrvr.org/track/ 		0
0
Cookie set check.html
biddr.brealtime.com/ Frame 7015 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d0174805d4866c88524e25a0af196ba621614352960; expires=Sun, 28-Mar-21 15:22:40 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
zLK+otkipESBbarT0a8bhlo16ZCN/UFM5DuUEENRZ7spy18q3kPJVJejXa65EihRlHU1l1/jSCA=
x-amz-request-id
22BA75567DC2B50F
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2169
Expires
Fri, 26 Feb 2021 15:23:40 GMT
Cache-Control
public, max-age=60
cf-request-id
08808863f2000023735fbc8000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
627aa9b31fc92373-ZRH
Content-Encoding
gzip
showad.js
ads.pubmatic.com/AdServer/js/ Frame D266 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15; KRTBCOOKIE_336=5844-1840408437750438419; PUBMDCID=3; KRTBCOOKIE_153=19420-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0&KRTB&22979-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0; KRTBCOOKIE_22=14911-7531704135582063802; KRTBCOOKIE_466=16530-e6e84e00-efb9-4880-a8fb-a7fbfc724e47; KRTBCOOKIE_218=22978-YDkSPAAAAI5xa1ZV&KRTB&23194-YDkSPAAAAI5xa1ZV&KRTB&23209-YDkSPAAAAI5xa1ZV&KRTB&23244-YDkSPAAAAI5xa1ZV; KRTBCOOKIE_188=3189-902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348; KRTBCOOKIE_1101=23040-6933593150238226581; KRTBCOOKIE_27=16735-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&16736-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23019-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23114-uid:7c626039-123d-4b00-8397-53feeb4111dc; PugT=1614352957; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119110
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1D9F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15; KRTBCOOKIE_336=5844-1840408437750438419; PUBMDCID=3; KRTBCOOKIE_153=19420-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0&KRTB&22979-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0; KRTBCOOKIE_22=14911-7531704135582063802; KRTBCOOKIE_466=16530-e6e84e00-efb9-4880-a8fb-a7fbfc724e47; KRTBCOOKIE_218=22978-YDkSPAAAAI5xa1ZV&KRTB&23194-YDkSPAAAAI5xa1ZV&KRTB&23209-YDkSPAAAAI5xa1ZV&KRTB&23244-YDkSPAAAAI5xa1ZV; KRTBCOOKIE_188=3189-902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348; KRTBCOOKIE_1101=23040-6933593150238226581; KRTBCOOKIE_27=16735-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&16736-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23019-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23114-uid:7c626039-123d-4b00-8397-53feeb4111dc; PugT=1614352957; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119110
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 00C7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a6c5b174e97af7e79da63ed5a713f4792f38c70343f43146538e3c7eee844c70

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=14265147511909007455
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQzZC99_0uCgoIkQIQzZC99_0uCgoI4gEQzZC99_0uCgoIkgIQzZC99_0uCgoI5gEQzZC99_0uCgoIhwIQzZC99_0uCgkIOhDNkL33_S4KCQgLEM2Qvff9LgoJCF8QzZC99_0uCgkIHxDNkL33_S4=; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14265147511909007455; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame FB10 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 26 Feb 2021 15:22:39 GMT
Content-Length
1151
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7912 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3606964892088964558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 27 Feb 2021 15:23:04 GMT
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
Cookie set check.html
biddr.brealtime.com/ Frame 8A13 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d0174805d4866c88524e25a0af196ba621614352960; expires=Sun, 28-Mar-21 15:22:40 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
zLK+otkipESBbarT0a8bhlo16ZCN/UFM5DuUEENRZ7spy18q3kPJVJejXa65EihRlHU1l1/jSCA=
x-amz-request-id
22BA75567DC2B50F
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2169
Expires
Fri, 26 Feb 2021 15:23:40 GMT
Cache-Control
public, max-age=60
cf-request-id
088088640e0000237381189000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
627aa9b3482b2373-ZRH
Content-Encoding
gzip
sync
eb2.3lift.com/ Frame 5EE2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a6c5b174e97af7e79da63ed5a713f4792f38c70343f43146538e3c7eee844c70

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=14265147511909007455
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQzJC99_0uCgoIkQIQzJC99_0uCgoI4gEQzJC99_0uCgoIkgIQzJC99_0uCgoI5gEQzJC99_0uCgoIhwIQzJC99_0uCgkIOhDMkL33_S4KCQgLEMyQvff9LgoJCF8QzJC99_0uCgkIHxDMkL33_S4=; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14265147511909007455; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7C05 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3606964892088964558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 27 Feb 2021 15:23:04 GMT
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
sync
eb2.3lift.com/ Frame D6BE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a6c5b174e97af7e79da63ed5a713f4792f38c70343f43146538e3c7eee844c70

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=14265147511909007455
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQy5C99_0uCgoIkQIQy5C99_0uCgoI4gEQy5C99_0uCgoIkgIQy5C99_0uCgoI5gEQy5C99_0uCgoIhwIQy5C99_0uCgkIOhDLkL33_S4KCQgLEMuQvff9LgoJCF8Qy5C99_0uCgkIHxDLkL33_S4=; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14265147511909007455; Max-Age=7776000; Expires=Thu, 27 May 2021 15:22:39 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame AD81 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 26 Feb 2021 15:22:39 GMT
Content-Length
1151
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 4FDE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 26 Feb 2021 15:22:39 GMT
Content-Length
1151
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C67 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=3A4F97C7-27EC-4363-A749-0B5C34DC9598; chkChromeAb67Sec=1; DPSync3=1615507200%3A201_227_226_221; SyncRTB3=1615161600%3A63%7C1615507200%3A56_54_161_71_8_204_21_55_81_13_223_166_22_7_3%7C1615593600%3A35%7C1616889600%3A203%7C1614902400%3A2_15; KRTBCOOKIE_336=5844-1840408437750438419; PUBMDCID=3; KRTBCOOKIE_153=19420-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0&KRTB&22979-75vVoOiZ1aD0ydP8u53L_Lubg670z9Wg7Zlh17-0; KRTBCOOKIE_22=14911-7531704135582063802; KRTBCOOKIE_466=16530-e6e84e00-efb9-4880-a8fb-a7fbfc724e47; KRTBCOOKIE_218=22978-YDkSPAAAAI5xa1ZV&KRTB&23194-YDkSPAAAAI5xa1ZV&KRTB&23209-YDkSPAAAAI5xa1ZV&KRTB&23244-YDkSPAAAAI5xa1ZV; KRTBCOOKIE_188=3189-902a3c5a-6e46-48d7-bb20-ebc1b68f7f9c-6039123c-4348; KRTBCOOKIE_1101=23040-6933593150238226581; KRTBCOOKIE_27=16735-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&16736-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23019-uid:7c626039-123d-4b00-8397-53feeb4111dc&KRTB&23114-uid:7c626039-123d-4b00-8397-53feeb4111dc; PugT=1614352957; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119110
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 0311 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d0174805d4866c88524e25a0af196ba621614352960; expires=Sun, 28-Mar-21 15:22:40 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
zLK+otkipESBbarT0a8bhlo16ZCN/UFM5DuUEENRZ7spy18q3kPJVJejXa65EihRlHU1l1/jSCA=
x-amz-request-id
22BA75567DC2B50F
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2169
Expires
Fri, 26 Feb 2021 15:23:40 GMT
Cache-Control
public, max-age=60
cf-request-id
0880886428000023738292d000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
627aa9b3787b2373-ZRH
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 91E0 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLMG2H7Q-1C-35F9; pux=2249%3D97792%262307%3D97792%262974%3D97792%263778%3D97792%262249-DV360-Hosted%3D97792%26idl%3D97792%26brx%3D97792%26goog%3D97792%26; audit=1|FyzZvCZ2pvmrMQ2Snnzri9TrHG82xE+7YmgcK6PdD0N6eP0zD2PV8PPqRf0rtiJE8DJ8mcQumurqFTrNE4+z9k1id1yxWjzFHm0QlslGhrY=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Feb 2021 15:22:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D440 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3606964892088964558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 27 Feb 2021 15:23:04 GMT
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.justjared.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=http
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7940 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa2a41c88d1da8b77aa083e1a638a7ab0ea052b0acdace1c24ed13697e375129

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDkSOg07e116RGehPSyt9QAA; CMPS=3202; CMPRO=1200; CMRUM3=586039123a05a0&5a6039123a05a0&bf6039123a05a0&2d6039123a05a0&f16039123a05a00&e66039123a27600&396039123a05a00&276039123a0b40; CMST=YDkSOmA5EjoA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1491
Expires
Fri, 26 Feb 2021 15:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSOg07e116RGehPSyt9QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMRUM3=496039123f05a00&ce6039123f05a00&276039123a0b40&2e6039123f05a0&586039123f05a0&1f6039123f05a00&c46039123f05a0&986039123f05a00&5a6039123a05a0&046039123f05a0&2d6039123a05a0&bf6039123a05a0&e66039123a27600&f16039123a05a00&396039123a05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMST=YDkSOmA5Ej8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 27 Feb 2021 15:22:39 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 875F 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7cc09d5bb93b30d2d81d748e3d5c1fe7b1f52526b10b4c03698b28a328a19d8c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDkSOg07e116RGehPSyt9QAA; CMPS=3202; CMPRO=1200; CMRUM3=586039123a05a0&5a6039123a05a0&bf6039123a05a0&2d6039123a05a0&f16039123a05a00&e66039123a27600&396039123a05a00&276039123a0b40; CMST=YDkSOmA5EjoA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1514
Expires
Fri, 26 Feb 2021 15:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSOg07e116RGehPSyt9QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMRUM3=036039123f05a0&f16039123a05a00&396039123a05a00&e66039123a27600&b06039123f05a00&2d6039123f05a0&826039123fa8c0&bf6039123a05a0&5a6039123f05a0&586039123a05a0&276039123a0b40&2e6039123f05a0&336039123f05a0&496039123f05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMST=YDkSOmA5Ej8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 27 Feb 2021 15:22:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame D6BE 		0
0
xuid
eb2.3lift.com/ Frame D6BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D6BE
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame D6BE 		42 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=14265147511909007455&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 7C9E98A5C7384F4BB83A6D53ECC2DAD2 Ref B: FRAEDGE1506 Ref C: 2021-02-26T15:22:39Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D6BE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D6BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.47:80
AN-X-Request-Uuid
bdb63b75-077b-4f16-8d96-667d22183f8a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame D6BE
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D6BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 26 Feb 2021 15:22:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame D6BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame D6BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 5EE2 		0
0
xuid
eb2.3lift.com/ Frame 5EE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 5EE2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 5EE2 		42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=14265147511909007455&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 127BD44AD8B245A5BB0F337281608621 Ref B: FRAEDGE1506 Ref C: 2021-02-26T15:22:39Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 5EE2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5EE2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
a18f8251-9c67-474a-aba8-5a260f9cc9e6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 5EE2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5EE2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 5EE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 5EE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 00C7 		0
0
xuid
eb2.3lift.com/ Frame 00C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
  • https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=5989&xuid=CAESEA6cOAbXDH_QV7SnebWpchw&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 26 Feb 2021 15:22:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 00C7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyNjUxNDc1MTE5MDkwMDc0NTU%3D
date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 00C7 		42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=14265147511909007455&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 81BFB4F13611450BB152723B8CDBEB92 Ref B: FRAEDGE1506 Ref C: 2021-02-26T15:22:39Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 00C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14265147511909007455?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eM81AxJ1lwOcyx4qA0iYDQ3xacCr_.stcbuBMDZZMw--&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 00C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80
AN-X-Request-Uuid
ad256183-2c03-40fe-9ddd-cbabeecf4db0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3606964892088964558&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 00C7
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14265147511909007455
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14265147511909007455&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 00C7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-74-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 00C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 00C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=14265147511909007455
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?us_privacy=1---&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5F44 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e2af88cb1f7d60bbd68f56724744705c338431c08bd75a3c581d06489e9417d4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDkSOg07e116RGehPSyt9QAA; CMPS=3202; CMPRO=1200; CMRUM3=586039123a05a0&5a6039123a05a0&bf6039123a05a0&2d6039123a05a0&f16039123a05a00&e66039123a27600&396039123a05a00&276039123a0b40; CMST=YDkSOmA5EjoA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1481
Expires
Fri, 26 Feb 2021 15:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSOg07e116RGehPSyt9QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:22:39 GMT CMRUM3=826039123fa8c0&bf6039123a05a0&2d6039123a05a0&396039123a05a00&036039123f05a0&e66039123a27600&f16039123a05a00&bc6039123f05a00&1f6039123f05a00&586039123a05a0&c46039123f05a0&5a6039123f05a0&2e6039123f05a0&276039123a0b40&496039123f05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:22:39 GMT CMST=YDkSOmA5Ej8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 27 Feb 2021 15:22:39 GMT
crum
dsum-sec.casalemedia.com/ Frame 7940
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.136:80
AN-X-Request-Uuid
d51edc0d-2899-4041-8fd2-fd1b6a42d7ab
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YDkSOg07e116RGehPSyt9QAABLAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7940 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
YDkSOg07e116RGehPSyt9QAABLAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7940
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YDkSOg07e116RGehPSyt9QAABLAAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7940
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7531704135582063802
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7531704135582063802
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7531704135582063802
pragma
no-cache
date
Fri, 26 Feb 2021 15:22:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 7940
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDkSPAAAAKQw4VLS
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDkSPAAAAKQw4VLS
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614352968.866028,VS0,VE0
x-served-by
cache-hhn4031-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDkSPAAAAKQw4VLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
us.php
gu.dyntrk.com/adx/ie/ Frame 7940 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
proxy0393.eu3.dynfactory.com
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 7940
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=65598b5c-138f-4283-b7c4-1ff008446606
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=65598b5c-138f-4283-b7c4-1ff008446606
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=65598b5c-138f-4283-b7c4-1ff008446606
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
noop
px.owneriq.net/ Frame 7940
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6676393601747827861&uid=Q6676393601747827861&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-62-154.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:43 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 26 Feb 2021 15:22:43 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7940 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YDkSOg07e116RGehPSyt9QAA%261200
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:23:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3058
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 16:14:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 875F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
d4f3f0c0-cdaf-4500-91c2-ea928752af52
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YDkSOg07e116RGehPSyt9QAABLAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 875F 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 875F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:23:13 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:12 GMT
crum
dsum-sec.casalemedia.com/ Frame 875F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJu007AciUAABBWdKs-jw&expiration=1615562561
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJu007AciUAABBWdKs-jw&expiration=1615562561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJu007AciUAABBWdKs-jw&expiration=1615562561
Date
Fri, 26 Feb 2021 15:22:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 875F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

date
Fri, 26 Feb 2021 15:22:40 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 25 Feb 2021 15:22:40 GMT
crum
dsum-sec.casalemedia.com/ Frame 875F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSOg07e116RGehPSyt9QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvSD66-v-o694_T6Zwr148&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 875F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6ebfaf0a-4da1-4ecf-a748-7d421741bdb7&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:46 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
295
Expires
Fri, 26 Feb 2021 15:22:46 GMT
113
match.deepintent.com/usersync/ Frame 875F 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.218.101.84 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
x-envoy-upstream-service-time
7
server
envoy
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 875F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YDkSOg07e116RGehPSyt9QAA%261200
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:23:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3058
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 16:14:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5F44
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
e406f5ce-bad0-47e3-a8da-8bc1a8306be8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3606964892088964558
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YDkSOg07e116RGehPSyt9QAABLAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5F44 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YDkSOg07e116RGehPSyt9QAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5F44
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGELE7AciUAABEyPVueOA&expiration=1615562561
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGELE7AciUAABEyPVueOA&expiration=1615562561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGELE7AciUAABEyPVueOA&expiration=1615562561
Date
Fri, 26 Feb 2021 15:22:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 5F44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

Date
Fri, 26 Feb 2021 15:23:13 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a546039-123d-4b00-9872-efa436d08a5d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:12 GMT
crum
dsum-sec.casalemedia.com/ Frame 5F44
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:22:42 GMT

Redirect headers

date
Fri, 26 Feb 2021 15:22:40 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6B6AA7D271ED48AD83543D0BECD33E5F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 25 Feb 2021 15:22:40 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 5F44 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
proxy0393.eu3.dynfactory.com
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
noop
px.owneriq.net/ Frame 5F44
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6676393602141516511&uid=Q6676393602141516511&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-62-154.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:43 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 26 Feb 2021 15:22:43 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
CookieIndex
rtb.adentifi.com/ Frame 5F44 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.51.239 New York, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5F44 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YDkSOg07e116RGehPSyt9QAA%261200
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:23:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3058
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 16:14:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/ Frame 2BDF 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3412
x-xss-protection
0
server
cafe
etag
11901405240610023202
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:18:25 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 2BDF 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ad.doubleclick.net
Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4242
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Feb 2021 14:11:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2BDF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174841
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 14:48:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ACB4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 25 Feb 2021 10:17:44 GMT
expires
Fri, 25 Feb 2022 10:17:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104697
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame 2BDF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=25325925&sid=6596925&plc=294279463&num=&adid=&advid=9641682&adsrv=1&btreg=487328518&btadsrv=doubleclick&crt=145028464&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
85dfa91c770fb65bcac7572380ee5599fba69e3315830cb9a6f177b8287b04e6

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Feb 2021 15:17:46 GMT
Server
Microsoft-IIS/10.0
ETag
"089d25e89bd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2979
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BDF 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614169956137819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:41 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f9bdf4dcf12a64a9459ee9c751cf7952ce2df92eeab046bacfeb1e01e784ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1952
date
Thu, 25 Feb 2021 20:53:38 GMT
expires
Fri, 26 Feb 2021 20:53:38 GMT
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
66543
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2BDF 		0
437 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv61CvQlPL0QkSP6LfSB_NyRLOM2ucmccKCf1RCU640Q0DUcIQZB4DgSd54B0p2j-CEmnJP2ZNSH8oMpDbpigddWf_4r0M2eoKeUdrpKA92X42VOJAJ-gfZrmizcaam4XFUQfVjn4r0faTMLEtMJ02OeQ&sig=Cg0ArKJSzKGxYfjDIUkvEAE&urlfix=1&omid=0&rm=1&ctpt=65&cbvp=1&cstd=61&cisv=r20210224.75278&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad_impression.gif
beacon.krxd.net/ Frame 2BDF 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25325925&advertiserid=9641682&placementid=294279463&adid=487328518&creativeid=145028464&siteid=6596925
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.1.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=93 t=1614352964
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame ACB4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:25:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
100610
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Fri, 25 Feb 2022 11:25:51 GMT
dv-measurements991.js
cdn.doubleverify.com/ Frame 4FDF 		461 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements991.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6eefcba6d0b51a5940e1a3b2fab08f71a653129b41da356a2e9b0c053acf0b16

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 15:16:28 GMT
Server
Microsoft-IIS/10.0
ETag
"02e81dbf69d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946090800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86831
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.css
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b8f3e3f40252ff041cf6c45efe8759f520dac4ad91fac11aa204d37edb02ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24782
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1074
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 27 Feb 2021 08:29:39 GMT
css
fonts.googleapis.com/ Frame 3BEB 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 13:52:39 GMT
server
ESF
date
Fri, 26 Feb 2021 15:22:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Feb 2021 15:22:41 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_bg_160x600.jpg
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_bg_160x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b7b1a8276796fefb8448c904fae3b1ae5715159b5aa6c3ae9ed7d0d84ddd5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 21:11:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
65457
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1704
x-xss-protection
0
expires
Fri, 26 Feb 2021 21:11:44 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_emc_160x600.png
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_emc_160x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c25f7507bf900752f5a48015db404e1a01c03c91692e76d61a74a98e944fc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 13:54:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
5267
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8148
x-xss-protection
0
expires
Sat, 27 Feb 2021 13:54:54 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_logo_160x600.png
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_logo_160x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d956b4a370f23d6d077bcf4ee2df0dfd0eaab454de238b3ff040ceaefbb57004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:38:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
2674
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11827
x-xss-protection
0
expires
Sat, 27 Feb 2021 14:38:07 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_pro1_160x600.jpg
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_pro1_160x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ac6489863d2e575f72fe7a8500180f7f640784c62d0cc8d91d286393649dfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:56:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
69993
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65250
x-xss-protection
0
expires
Fri, 26 Feb 2021 19:56:08 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_pro1up_160x600.png
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_pro1up_160x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd3f38ff13db954a5adff0eef0416b4765d8efbd17c529af9d14355d1c54b3fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:06:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
18956
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
expires
Sat, 27 Feb 2021 10:06:45 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_prolast_160x600.png
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_prolast_160x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba171cd027168631542f708b6c4206703f33f085445183b0d4d0571b4c4715a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:56:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
69993
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24927
x-xss-protection
0
expires
Fri, 26 Feb 2021 19:56:08 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_emcl_160x600.png
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_emcl_160x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec07145694bddafe369ac8cb1a160178bfd16cc144d36e4f3e632f62afc2ab1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:56:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
age
69993
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8223
x-xss-protection
0
expires
Fri, 26 Feb 2021 19:56:08 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3BEB 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Feb 2021 15:22:41 GMT
cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.js
s0.2mdn.net/9641682/1611317552180/ Frame 3BEB 		3 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb526432d243c9dca18b130aec52586c7d21e06d33a62a00c5672c26933157b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9641682/1611317552180/cs2102r0002_014_372854_de_cs_cm_fy21q4_oa_prc_fx_3240_cp_mt_160x600.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75387
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
808
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 12:12:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 26 Feb 2021 18:26:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3BEB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
41043
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3BEB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
18215
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3BEB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1320
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 26 Feb 2022 15:00:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3BEB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
255536
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:23:45 GMT
t2tv7.html
cdn.doubleverify.com/ Frame 1DEB 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host
cdn.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Fri, 26 Feb 2021 15:22:41 GMT
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 4FDF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?bridua=3&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5D%3BFDE%3B2C65%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5D%3BFDE%3B2C65%5D4%40%3ETar9EEATbpTauTauHHH%5D%3BFDE%3B2C65%5D4%40%3ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&dfs=3230&ddur=29&uid=1614352961692306&jsCallback=dvCallback_1614352961692496&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=991&tgjsver=991&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN1153793.3739983VDX.TV%2FB25325925.294279463%3Bdc_ver%3D68.195%3Bsz%3D160x600%3Bu_sd%3D1%3Bgdpr%3D0%3Baddtl_consent%3D1~%3Bdc_adk%3D897788855%3Bord%3Do5yyyu%3Bclick%3Dhttp%253A%252F%252Fa.tribalfusion.com%252Fh.click%252FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%252F%3Bdc_rfl%3D1%2Chttp%253A%252F%252Fwww.justjared.com%252F%240%3Bxdt%3D0%3Bcrlt%3DUM%27cPEqinS%3Bcmpl%3D8%3Bosda%3D2%3Bsttr%3D114%3Bprcl%3Ds&fcifrms=40&brh=2&dvp_epl=208&noc=16&ctx=3758893&cmp=25325925&sid=6596925&plc=294279463&crt=145028464&btreg=487328518&btadsrv=doubleclick&adsrv=1&advid=9641682&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=79189577961.922&dvp_tukv=14057460561.217443&dvp_uuid=194281423.48959723&dvp_strhd=0.5899965763092041&dvpx_strhd=0.5899965763092041&dvp_tuid=1178037442221&dvp_slmsd=127&dvp_vcmsd=181
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3b3b7ba31d1043f8fd2e8ad5f3e404a5837987101b49eb6d23f522540dedf821

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:42 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
2/25/2021 3:22:42 PM
view
googleads4.g.doubleclick.net/pcs/ Frame 2BDF 		0
424 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv61CvQlPL0QkSP6LfSB_NyRLOM2ucmccKCf1RCU640Q0DUcIQZB4DgSd54B0p2j-CEmnJP2ZNSH8oMpDbpigddWf_4r0M2eoKeUdrpKA92X42VOJAJ-gfZrmizcaam4XFUQfVjn4r0faTMLEtMJ02OeQ&sig=Cg0ArKJSzKGxYfjDIUkvEAE&urlfix=1&omid=0&rm=1&ctpt=377&vt=11&dtpt=312&dett=3&cstd=61&cisv=r20210224.75278&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 2673 		28 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/5WYzd9R-NgQ
X-YouTube-Client-Version
1.20210224.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtrN2RkT1dQajJINCi3pOSBBg%3D%3D
X-YouTube-Ad-Signals
dt=1614352951479&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C500%2C281&vis=1&wgl=true&ca_type=image&bid=ANyPxKqcMlbMNNaI6QebSz49sC_BEAkM3px9KieKjys_EKhonsXB4CNjGMO5MK07NUZYABcmwoiAavJykFsSELWPOusywzvrjg

Response headers

date
Fri, 26 Feb 2021 15:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACB4 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKU21QRI5YOP8FP2Ax_APzKeVqAQAAAAAOAHgBAI&bg=!CgmlCUrNAAXB_3NtwTsAKQB2-DxamwKbK_dKyULSLm2n4vm3lg-YBfUGrRHxd0floKQj3GN91RLrAgAAAcdSAAAADmgBBwoAX-8VHorus8y81sOQJW2veQ5_myDywF0_BqQ3lh4sLyyEF71pY5ttIzoLghpqMe09TAYmcZ_o6R0Slz6rKQtXdEmTxSfR70fSjqL9LYvaJaUOX222dGhxya_kqJ5UNs5omQJplVaNhp7_j7VE5xSOJfx6GSyXgBYmJew8jOdA-2jtQ49uqaNm__e2yjK-rrFuWk3--AmUIwlrZP5Tp-y-Pq2AYYjdAHKhle_2fBY4AyDcylNuiYhY1OsTUP1dyI6mjwjWyQlhMIUTzGIcJFOdM1yiaF49lp3DArY30Op3WvH-eb8H7PSbSIXyeLvXCr6LhKoMDW1SRnMGjNdcbYO5xZWm_RP3MGuh43lr0-qYl5YR1uAiFrTy1zmXlt-FOQPGv5wfrJZouJGQq8Jttv_wNGhCCzNEy3LRp3iCPOUMIzFZqBLHHMecyolqlLVQso13WMernYhkrBAG173Jn3d8tWpsdGN0wNktQybdQcK1vNzEKHqNmkSrqKN-qSqdkZUafrGARg0FPGO-oxh1BlYY1E8FebUXGDRnKQrIJ0syEf2ym-scypi6HsuDUa1hoz6mYz5_MyXdgBXgng0y0N4iS2Bz_A2QeFa47dm0FctbMehU7agvQnI-RI7AToG-1VqIHoMF8wOt2JTmjz4Rj_-mNUboIWC3HQ_Rj95zCl6VNV9-6gbu_sgyVuBl1eRYL9hyYN5QiFi6jOpMlwfIQIG9ByEcjRMP8kEXcSGHlHHk6TO7tagsMMqZyHYUgoVL5xQUa45xLcc2fgpY0PKAsrfBWnLa9qM5zwLytvO8uoQzooHYrssboy0YfdyWUnLNUQWK1QltUF-MSDc8kAmPYPbt2w-_W61oa2K8H6dR87TWp4s1KX97NJyhjCnVxwuhGAnRLsI20PGhYMuEkL3n__3DYNM23HHC2uxxYMGi_LvFYPbKppgI7Am3Q1ifcWU
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2BDF 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPYVpK0eYNMk71BqjHCZnV-gxj7L1g6FraCQpZS4LEp_yO9Q2pyDvQQ8fh_goUcZ-jFMK-prut6xswm2GfQQ57YeGSAO_fpPg&sig=Cg0ArKJSzNtSqayjHDzaEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=897788855&rs=6&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:43 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Other
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:43 GMT
content-length
0
vary
Origin
event.png
tps20248.doubleverify.com/ Frame 4FDF 		67 B
446 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20248.doubleverify.com/event.png?impid=9449e081e5864047b9d26d1d2c68fe9f&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&upvid=1614352961843109521&vdur=1147&eoid=5&msrjs=991&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&mpt=1614352964863326
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ad.doubleclick.net
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
2/25/2021 3:22:46 PM
PugMaster
image6.pubmatic.com/AdServer/ Frame 2DDF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=22038512&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3db10c8c39639a4f406c426f35e06a20d16cf5cb2a01e7f460c468ec5102108b

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 23:14:07 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 2DDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGUfRaZ0vUquuyXGUuovu0&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGUfRaZ0vUquuyXGUuovu0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
X-lat
Pug22001:0:608
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELGUfRaZ0vUquuyXGUuovu0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2DDF 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=22038512&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 25 Feb 2021 15:22:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2DDF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1019760091930897362
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1019760091930897362
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:43 GMT
X-lat
Pug23048:0:262
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:45 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1019760091930897362
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 41D0 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=22038512&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 26 Feb 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1246
x-powered-by
ASP.NET
date
Fri, 26 Feb 2021 15:22:44 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 1F3B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8433416658489623879
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8433416658489623879
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=22038512&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=2:2; KADUSERCOOKIE=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D; chkChromeAb67Sec=1; DPSync3=1615507200%3A227_226_221_201; SyncRTB3=1615507200%3A220_21_13_56_161%7C1615593600%3A35; KRTBCOOKIE_1051=22884-18072662211632556840; PUBMDCID=3; KRTBCOOKIE_391=22924-1019760091930897362; PugT=1614352963
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Fri, 26 Feb 2021 14:49:38 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-8433416658489623879; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 14:49:38 GMT; path=/ PugT=1614350978; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Mar-2021 14:49:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 27-May-2021 14:49:38 GMT; path=/
X-lat
Pug22074:0:240
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8433416658489623879
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync
rtb.gumgum.com/ Frame A218 		35 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2DDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e2-g6Y8rTmulxoUHuuCPnQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e2-g6Y8rTmulxoUHuuCPnQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
0
0
mw
mwzeom.zeotap.com/ Frame 2DDF 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
627aa9d2fe6e4a9e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08808877dd00004a9ebb90a000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 2DDF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:45 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:45 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 2DDF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:46 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Fri, 26 Feb 2021 15:22:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 2DDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0I2RkEwRTktOEYyQi00RTZCLUE1QzYtODUwN0JBRTA4RjlE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0I2RkEwRTktOEYyQi00RTZCLUE1QzYtODUwN0JBRTA4RjlE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:50 GMT
X-lat
Pug22068:0:340
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20248.doubleverify.com/ Frame 4FDF 		67 B
446 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20248.doubleverify.com/event.png?impid=9449e081e5864047b9d26d1d2c68fe9f&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=7&ismms=69&isumms=68&isvelg=1&nvr=6&isbxdms=3269&b0=100&b11=3240&adhgt=600&adwdth=160&norwdth=160&norhgt=600&engisel=1&vsos=5&dvp_vsosnmr=16&lftb=3340&sftb=3340&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1069&isuiabvms=1069&ispmxpms=1069&iscvmvms=2069&engalms=66&dvp_dpr=1&mpt=1614352965862725
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements991.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ad.doubleclick.net
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
2/25/2021 3:22:46 PM
performance
a.tribalfusion.com/cdn-cgi/beacon/ Frame 2B8D 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/beacon/performance?req_id=627aa9a48ffb3248
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=ajmT095U3WTFfEWPU3QaYXScvNPWBw0HBuVmUn2sY40UUZaT6qt5PUeQ6BE4dQy0HBJptTu5mQY5VbeTsQbUcbjRAMwUHUUUbrP5r6uVEjqWEJbSTMZcRGfZaPUEvRt7dUVMV2ruxmtuMXqqp2WbBQGjG5AUHoHeNTtJ9Xbn81UB90qqtPbUZbTrB4WtQUnrjsRU7NXqMO4abh5TUYnqbA1rUfWHMXmnZbKMrMBt8rRM3&mediaDataID=6719746&mediaName=frame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 26 Feb 2021 15:22:46 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
Connection
keep-alive
CF-RAY
627aa9d70a6a1f1d-FRA
X-Frame-Options
DENY
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=bid&cb=1614352966283&asid=602d1bead43286045749c0f4&ofpr=&fpo=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 705C 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:46 GMT
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame D784 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
imasdk.googleapis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Content-Length
192862
Date
Fri, 26 Feb 2021 13:14:43 GMT
Expires
Sat, 26 Feb 2022 13:14:43 GMT
Last-Modified
Fri, 26 Feb 2021 01:03:43 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Cache-Control
public, max-age=31536000
Age
7683
client.js
s0.2mdn.net/instream/video/ Frame 705C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1869 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2827
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:35:39 GMT
usersync.html
cdn.undertone.com/js/ Frame 2561 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:6a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-type
text/html
date
Fri, 26 Feb 2021 02:51:24 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
RbEUkGNGK8Xf5dEae6kAkyHVN3KMVcQwrlADlcK_162Srf3CJ8U4vg==
age
45082
ixmatch.html
js-sec.indexww.com/um/ Frame 17F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 26 Feb 2021 15:23:02 GMT
Content-Length
1151
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame BD23 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 27 Feb 2021 15:23:04 GMT
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 670B 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Feb 2021 15:22:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 581C 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Fri, 26 Feb 2021 15:22:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d3b7764ebdf07c43f69a3a219c7ddb1cd1614352969; expires=Sun, 28-Mar-21 15:22:49 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
zLK+otkipESBbarT0a8bhlo16ZCN/UFM5DuUEENRZ7spy18q3kPJVJejXa65EihRlHU1l1/jSCA=
x-amz-request-id
22BA75567DC2B50F
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2178
Expires
Fri, 26 Feb 2021 15:23:49 GMT
Cache-Control
public, max-age=60
cf-request-id
0880888892000023c7089f7000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
627aa9edb9e023c7-ZRH
Content-Encoding
gzip
usersync.html
cdn.undertone.com/js/ Frame ACEB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:6a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-type
text/html
date
Fri, 26 Feb 2021 02:51:24 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
yrojeTTqev505ElEqNXU-BZmCI5N7LbLEUeFjNI0qgweLR0A2PYndw==
age
45082
showad.js
ads.pubmatic.com/AdServer/js/ Frame A310 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=2:2; KADUSERCOOKIE=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D; chkChromeAb67Sec=1; DPSync3=1615507200%3A227_226_221_201; SyncRTB3=1615507200%3A220_21_13_56_161%7C1615593600%3A35; KRTBCOOKIE_1051=22884-18072662211632556840; PUBMDCID=3; KRTBCOOKIE_391=22924-1019760091930897362; KRTBCOOKIE_336=5844-8433416658489623879; KRTBCOOKIE_57=22776-3606964892088964558; PugT=1614350984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119108
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ 		0
0
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
0
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:48 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YDkSRwAAAHffOizr&_origin=0&gdpr=0&gdpr_consent=&_test=YDkSRwAAAHffOizr&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
date
Fri, 26 Feb 2021 15:22:48 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YWNhM2NmMi03ODQ2LTExZWItODE2My0wNjg2ZGUxY2MwY2E%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA3YWNhM2NmMi03ODQ2LTExZWItODE2My0wNjg2ZGUxY2MwY2E%3D&google_tc=
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:51 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Fri, 26 Feb 2021 15:22:51 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCfK30rbbKKxvq4sXGbou8&google_cver=1&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca&verify=true
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 6ED7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Feb 2021 15:22:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Fri, 26 Feb 2021 15:22:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
getuidnb
ib.adnxs.com/ Frame 2561 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid
2c42009b-78b3-4fb5-9bae-a67a429202fd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 2561
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:23:02 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Fri, 26 Feb 2021 15:23:02 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 2561
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 26 Feb 2021 15:22:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 2561 		0
0
sync
usr.undertone.com/userPixel/ Frame 2561
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TDP-W-I32M
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TDP-W-I32M
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TDP-W-I32M
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync
usr.undertone.com/userPixel/ Frame 2561
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:50 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Date
Fri, 26 Feb 2021 15:22:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
getuidnb
ib.adnxs.com/ Frame ACEB 		43 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.145:80
AN-X-Request-Uuid
f8b898fa-f040-4329-9b50-47e0bcb73731
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame ACEB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:23:02 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Fri, 26 Feb 2021 15:23:02 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21fa7e31-e578-4d22-be9e-67112d2b4a9f
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame ACEB
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 26 Feb 2021 15:22:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-vJQsQyp1l2YAZ5mmxbCnxnCCjDBvG.Qb~UP7aca3cf2-7846-11eb-8163-0686de1cc0ca
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame ACEB 		0
0
sync
usr.undertone.com/userPixel/ Frame ACEB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TEJ-K-HE5I
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TEJ-K-HE5I
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:52 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2TEJ-K-HE5I
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync
usr.undertone.com/userPixel/ Frame ACEB
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:50 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Date
Fri, 26 Feb 2021 15:22:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame FDAA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.undertone.com/js/usersync.html?ccpa=1---

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Feb 2021 15:22:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Fri, 26 Feb 2021 15:22:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
integrator.js
adservice.google.com/adsid/ Frame 705C 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame D784 		156 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FInstream_Mediatradecraft_DesktopJJ_Slider_Avantis_Google&description_url=http%3A%2F%2Fwww.justjared.com%2F&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=432618838276514&nofb=0&sdkv=h.3.444.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&gdpr=0&addtl_consent=1~&sdki=44d&adk=4247844527&sdk_apis=2%2C8&sid=19B0F258-9AB9-4657-B08F-2106E2208F1F&eid=420706136&url=http%3A%2F%2Fwww.justjared.com%2F&dlt=1614352966287&idt=190&dt=1614352966961&cookie_enabled=1&scor=1285830208800377&ged=ve4_td1_tt1_pd1_la1000_er3531.364.3681.664_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:47 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		0
0
ptv
ib.adnxs.com/ 		0
0
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:47 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=request&cb=1614352967212&asid=6025213edbdd163aca4d19b6%2C60106eb3a4195e08c941ef3d%2C60106ebe4f3e2a256b25146f%2C5fcfc4697565f220db1d951d%2C5fcf9657b299c044bf3b5c06%2C602d1bead43286045749c0f4%2C5fb53297720b1f11a9542072%2C5fcfbcfd4f19f419b2345a27%2C5fd0ce174e8a051b2a70e8b0%2C5fcf88dfc500ab58187341c3%2C5fb53275a7fbda3e5933736b%2C602934661d8ffa76a7724b48%2C5fcf90c24344c96af64fba86%2C5fcf877753d7836ffd7be585%2C5fcfbabddf65c83e2636a9f5%2C5fcf98395afd4148533e2c8c&ofpr=1.55%2C1.27%2C1.05%2C%2C0.85%2C%2C%2C0.65%2C0.55%2C0.55%2C0.59%2C0.49%2C0.45%2C0.45%2C0.45%2C0.39&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=request&cb=1614352967212&asid=5fcf8fd260ecb03f5416c32e%2C5fcf99c715e70b4a8f3e67a8&ofpr=0.39%2C0.29&fpo=%2C
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.25.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
605d5cd6677a4a2939358123347d976e1e34c1eb1e72bbc82095e2735649024e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Fri, 26 Feb 2021 15:22:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=483124&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2244fd38f1d731265%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228105%22%2C%22rid%22%3A%223fc1aaf60764f66b81cda47d13bbd591_1723128236%22%2C%22name%22%3A%22Media%20Tradecraft%22%2C%22hp%22%3A1%2C%22domain%22%3A%22sporcle.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245626d99fa87d3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22483124%22%2C%22sid%22%3A%22600x338%22%7D%2C%22bidfloor%22%3A0.45%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A1%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da1e0deaced7c9a413cc3b1d17288bcde5f94c679d7d975549ff1a86274b9df9

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:48 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
http://www.justjared.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 26 Feb 2021 15:22:48 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
275fc609330c00555a4986bf14480b2b92c7354394834d1b2602bbbc05a93934

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
hb
hb.undertone.com/ 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3710&domain=justjared.com&ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
via
1.1 e7ac510e4ba21d85d8aee7d252b283a9.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://www.justjared.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
VWzpNhq1eK8emTklwEOIwlTL6ayRxsjexBOGqvNFOYp6A7pYLtZr3Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=8000&ts=1614352967227&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Feb 2021 15:22:47 GMT
Content-Type
text/html
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
hb
ice.360yield.com/ 		0
0
hb
hb.yellowblue.io/ 		129 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb?auction_start=1614352967229&ad_unit_code=video_21&tmax=8000&width=600&height=338&publisher_id=5fad0eb54fdc5c00016859b1&floor_price=0.55&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&bid_id=55793508a2c7489&bidder_request_id=54872c376862372&transaction_id=ad593734-4b78-4f28-a126-c407f98b3e4f&session_id=999d5520-25a2-4c19-a2b6-f10fb905e152&publisher_name=www.justjared.com&site_domain=www.justjared.com&bidder_version=4.0.0&cs_method=iframe&us_privacy=1---&schain=1.0%2C1!avantisvideo.com%2C8105%2C%2C3fc1aaf60764f66b81cda47d13bbd591_1723128236%2CMedia%2520Tradecraft%2Csporcle.com&referrer=http%3A%2F%2Fwww.justjared.com%2F&page_url=http%3A%2F%2Fwww.justjared.com%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.227.143 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
65762667648dd7b9f71eabb437b56265ade196f3d16125359d7df6c17fc6312d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Feb 2021 15:22:47 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
http://www.justjared.com
x-reason
Internal error: maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
129
openrtb
ads.adaptv.advertising.com/rtb/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/216063/0/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216063/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.justjared.com
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
hb
hb.undertone.com/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3710&domain=justjared.com&ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:1600:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
via
1.1 e7ac510e4ba21d85d8aee7d252b283a9.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://www.justjared.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
305
x-amz-cf-id
HvwSzk6MHRzKXgIrMB3J79aBMHMXN5GWG0w7YWMTTrtemO3jgcaGbQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Tradecraft
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/216063/0/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216063/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.justjared.com
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.25.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
07e73cf8bd02700cfc277f0208cded0b2499f3fa80e6850932694df83021d1cd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:47 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 2DDF 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:47 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame A310 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41838162&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
696ab5455ac45491fa2a813404ad988de259236d411a9bc89307ea0540531684

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:47 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1731
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame D266 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D; chkChromeAb67Sec=1; DPSync3=1615507200%3A227_226_221_201; SyncRTB3=1615507200%3A220_21_13_56_161%7C1615593600%3A35; KRTBCOOKIE_1051=22884-18072662211632556840; PUBMDCID=3; KRTBCOOKIE_391=22924-1019760091930897362; KRTBCOOKIE_336=5844-8433416658489623879; KRTBCOOKIE_57=22776-3606964892088964558; PugT=1614350984; SPugT=1614352967; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119107
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D266 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=1340230&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
696ab5455ac45491fa2a813404ad988de259236d411a9bc89307ea0540531684

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 23:14:11 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1731
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1D9F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D; chkChromeAb67Sec=1; DPSync3=1615507200%3A227_226_221_201; SyncRTB3=1615507200%3A220_21_13_56_161%7C1615593600%3A35; KRTBCOOKIE_1051=22884-18072662211632556840; PUBMDCID=3; KRTBCOOKIE_391=22924-1019760091930897362; KRTBCOOKIE_336=5844-8433416658489623879; KRTBCOOKIE_57=22776-3606964892088964558; PugT=1614350984; SPugT=1614352967; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119107
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C67 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D; chkChromeAb67Sec=1; DPSync3=1615507200%3A227_226_221_201; SyncRTB3=1615507200%3A220_21_13_56_161%7C1615593600%3A35; KRTBCOOKIE_1051=22884-18072662211632556840; PUBMDCID=3; KRTBCOOKIE_391=22924-1019760091930897362; KRTBCOOKIE_336=5844-8433416658489623879; KRTBCOOKIE_57=22776-3606964892088964558; PugT=1614350984; SPugT=1614352967; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=119107
Expires
Sun, 28 Feb 2021 00:27:55 GMT
Date
Fri, 26 Feb 2021 15:22:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1D9F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23678367&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
696ab5455ac45491fa2a813404ad988de259236d411a9bc89307ea0540531684

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:47 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1731
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame DF9B 		35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41838162&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1019760091930897362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
date
Fri, 26 Feb 2021 15:22:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1019760091930897362; expires=Tue, 27 Apr 2021 15:22:49 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame A310 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A310
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:260b6039-1249-4500-902b-57dbb4b8fb78&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:260b6039-1249-4500-902b-57dbb4b8fb78&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:49 GMT
X-lat
lhrpug018:0:477
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:260b6039-1249-4500-902b-57dbb4b8fb78&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A310
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4782643470795332688&gdpr=0&gdpr_consent=
42 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4782643470795332688&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-lat
Pug22065:0:2107
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.140:80
AN-X-Request-Uuid
90c7c91f-62a3-4dbc-9188-74aa12c93c96
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4782643470795332688&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A310
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
0
0
SPug
image4.pubmatic.com/AdServer/ Frame A310
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc0f6039-1249-4900-b21a-d044e90b70dd
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc0f6039-1249-4900-b21a-d044e90b70dd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:50 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc0f6039-1249-4900-b21a-d044e90b70dd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A310
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:48 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:22:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A310 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A310
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3115095e-6922-4aff-b47e-a2753ce8e53a&user_group=1&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=3115095e-6922-4aff-b47e-a2753ce8e53a&user_group=1&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
X-lat
Pug23041:0:252
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 26 Feb 2021 15:22:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
pixel.onaudience.com/ Frame D266
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3ba0fa49e2cc6556f9c5cffd3f36816
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3ba0fa49e2cc6556f9c5cffd3f36816
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3174889.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:49 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3ba0fa49e2cc6556f9c5cffd3f36816
cache-control
no-cache
x-server
10.45.9.137
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 25A3 		35 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=1340230&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1019760091930897362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
date
Fri, 26 Feb 2021 15:22:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1019760091930897362; expires=Tue, 27 Apr 2021 15:22:49 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame D266
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f63d6039-1249-4400-be44-db263e06d677
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f63d6039-1249-4400-be44-db263e06d677
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:50 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f63d6039-1249-4400-be44-db263e06d677
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
generic
match.adsrvr.org/track/cmf/ Frame D266 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D266
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:487e6039-1249-4400-8c80-b9aca147af58&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:487e6039-1249-4400-8c80-b9aca147af58&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
X-lat
Pug23038:0:287
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:487e6039-1249-4400-8c80-b9aca147af58&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D266
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6800342852032022963&gdpr=0&gdpr_consent=
42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6800342852032022963&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-lat
Pug22026:0:860
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
4f12e6e1-737e-46a7-bb77-d84b5ddd8c9a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6800342852032022963&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D266
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:48 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:22:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D266 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D?gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=1340230&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D266
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=31ab78feb02742258074cdb4c827fc14&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:48 GMT
X-lat
Pug23045:0:252
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
date
Fri, 26 Feb 2021 15:22:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
spl.zeotap.com/ Frame 1D9F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
  • https://spl.zeotap.com/?zdid=1332&zcluid=525f031c17dd5e0d
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=525f031c17dd5e0d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
627aa9e78bb805f1-FRA
date
Fri, 26 Feb 2021 15:22:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08808884b4000005f12da5c000000001

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=525f031c17dd5e0d
content-length
0
match
c1.adform.net/serving/cookie/ Frame E6AC 		35 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23678367&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1019760091930897362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
date
Fri, 26 Feb 2021 15:22:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1019760091930897362; expires=Tue, 27 Apr 2021 15:22:49 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame 1D9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f3326039-1249-4000-80ef-9bd106730425
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f3326039-1249-4000-80ef-9bd106730425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 23:22:46 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f3326039-1249-4000-80ef-9bd106730425
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1D9F 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5b366039-124a-4b00-8706-cf371950639d&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5b366039-124a-4b00-8706-cf371950639d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:22:50 GMT
X-lat
Pug23028:0:893
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 26 Feb 2021 15:23:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5b366039-124a-4b00-8706-cf371950639d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Feb 2021 15:23:20 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5175968465026429813&gdpr=0&gdpr_consent=
42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5175968465026429813&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-lat
Pug22046:0:608
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.147:80
AN-X-Request-Uuid
74dc0035-4d6a-482d-bd76-a0c80c358dbc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5175968465026429813&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1D9F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 26 Feb 2021 15:22:36 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 26 Feb 2021 15:22:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mejy0j11l2JbLKEnop6BIFe.Fb5Ll4Y-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1D9F 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7B6FA0E9-8F2B-4E6B-A5C6-8507BAE08F9D?gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23678367&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1D9F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e3a1dcfab8224b5e9296e26ea33393c8&ssp=pubmatic&bsw_param=7742c3cb-a9c3-4887-a17d-91ee067d1a9c&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:50 GMT
X-lat
lhrpug011:0:564
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c0bde79a-da7f-42aa-ab03-44adfe84244e&gdpr=0&gdpr_consent=&gdpr_pd=
date
Fri, 26 Feb 2021 15:22:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C67 		0
0
usync.js
eus.rubiconproject.com/ Frame 91E0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sat, 27 Feb 2021 04:49:08 GMT
usync.js
eus.rubiconproject.com/ Frame 670B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sat, 27 Feb 2021 04:49:08 GMT
usync.js
eus.rubiconproject.com/ Frame 6ED7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sat, 27 Feb 2021 04:49:08 GMT
usync.js
eus.rubiconproject.com/ Frame FDAA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:22:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sat, 27 Feb 2021 04:49:08 GMT
dc_oe=ChMIo6G2tu2H7wIVfcARCB3MUwVFEAAYACDw6pNF;met=1;&timestamp=1614352974667;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2BDF 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo6G2tu2H7wIVfcARCB3MUwVFEAAYACDw6pNF;met=1;&timestamp=1614352974667;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B25325925.294279463;dc_ver=68.195;sz=160x600;u_sd=1;gdpr=0;addtl_consent=1~;dc_adk=897788855;ord=o5yyyu;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FahmX1pPbQGWUY1Tdv4mUjoRUMyYT3N5qja4qQPmTbD1rZbcUWbUnAnBnGvqpHQB3EU72typ4PJZcprUHYcQVYcF21s7OnTjV3U3PTFvBUA3TPav0ScUMPHjx0dJoWPbw3srYYFFAVm2m2AFhQ6MA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM02FAuVTnoTTQlQaBZdSsQARFeqRWf7UVn55rXunWEmYE2u3HMHSGrZa2mJHo9ZbSy8I8vQ7Lq8AwpTmsUFUsf8qXWj%2F;dc_rfl=1,http%3A%2F%2Fwww.justjared.com%2F$0;xdt=0;crlt=UM'cPEqinS;cmpl=8;osda=2;sttr=114;prcl=s
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:22:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6ED7 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame FDAA 		284 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
sync
usr.undertone.com/userPixel/ Frame 6ED7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:54 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync
usr.undertone.com/userPixel/ Frame FDAA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.153.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:54 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLMG2VEI-2-4MM&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5f90393909f55424c642cfdf&nid=59918a0e073ef4782e4e347f&pcid=5fb2553fad995e2e283f4e82&ncid=5fb5320d5de9970c5058df53&pasid=5fb534803589f6367b43abdf&e=bid&cb=1614352975233&asid=602d1bead43286045749c0f4&ofpr=&fpo=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0E0D 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:55 GMT
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame B7F2 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
imasdk.googleapis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Content-Length
192862
Date
Fri, 26 Feb 2021 13:14:43 GMT
Expires
Sat, 26 Feb 2022 13:14:43 GMT
Last-Modified
Fri, 26 Feb 2021 01:03:43 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Cache-Control
public, max-age=31536000
Age
7692
client.js
s0.2mdn.net/instream/video/ Frame 0E0D 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:22:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3A28 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2836
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 26 Feb 2021 15:35:39 GMT
integrator.js
adservice.google.com/adsid/ Frame 0E0D 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Feb 2021 15:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame B7F2 		156 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FInstream_Mediatradecraft_DesktopJJ_Slider_Avantis_Google&description_url=http%3A%2F%2Fwww.justjared.com%2F&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1709488273314381&nofb=0&sdkv=h.3.444.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&gdpr=0&addtl_consent=1~&sdki=44d&adk=4247844527&sdk_apis=2%2C8&sid=B8109FEF-4EB2-40FA-A4BD-A77A3E54A6DF&eid=31061774%2C44729226&url=http%3A%2F%2Fwww.justjared.com%2F&dlt=1614352975248&idt=430&dt=1614352976068&cookie_enabled=1&scor=473523223647747&ged=ve4_td1_tt0_pd1_la1000_er3531.364.3681.664_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=74c97696-c8a7-4883-8cb6-3fb6bd956ead&tagId=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:56 GMT
content-length
2
content-type
text/plain
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.41.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:22:58 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
52.28.41.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Feb 2021 15:22:58 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=www.justjared.com&rs=www.justjared.com&sid=63836&t=1614352958&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5f90393909f55424c642cfdf&test=&aafaid=&proto=http&uid=1614352958074-970031782341-031294-014-006045&cha=0.7&cb=1845200355&d9=0000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f90393909f55424c642cfdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.5.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Feb 2021 15:23:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3BB8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
efa5f0f1cbc9d4ca2e084e4bf9a2c9904bf6ea80208c5c842a9f9854fbefa001

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDkSVv-WuIoafbBFok2kcAAA; CMPS=3202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1547
Expires
Fri, 26 Feb 2021 15:23:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSVv-WuIoafbBFok2kcAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:23:02 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:23:02 GMT CMPRO=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:23:02 GMT CMRUM3=e66039125627600&f16039125605a00&696039125605a0&2d6039125605a0&086039125605a00&c46039125605a0&27603912560b40&286039125605a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:23:02 GMT CMST=YDkSVmA5ElYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 27 Feb 2021 15:23:02 GMT

Redirect headers

Server
Apache
Content-Length
377
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 26 Feb 2021 15:23:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YDkSVv-WuIoafbBFok2kcAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Feb 2022 15:23:02 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 27 May 2021 15:23:02 GMT
async_usersync
ib.adnxs.com/ Frame 7912 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
d5351b79-cc72-47c5-a2a2-0ca4eaf6349a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7C05 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
AN-X-Request-Uuid
dc3c7e52-4d67-4768-aa54-67667b9b8e06
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D440 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.57:80
AN-X-Request-Uuid
68c9bd0c-805a-425c-a22a-d0a7dcf302e1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3BB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAIosEaTcZKvDFpC4rgfJXk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAIosEaTcZKvDFpC4rgfJXk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:23:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAIosEaTcZKvDFpC4rgfJXk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3BB8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDkSVv_WuIoafbBFok2kcAAABF8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3BB8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDkSVv-WuIoafbBFok2kcAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOrdtHqhDx8LjfdGVBa4Mig&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOrdtHqhDx8LjfdGVBa4Mig&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Feb 2021 15:23:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOrdtHqhDx8LjfdGVBa4Mig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3BB8 		0
0
us.php
gu.dyntrk.com/adx/ie/ Frame 3BB8 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
proxy0393.eu3.dynfactory.com
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 3BB8
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 26 Feb 2021 15:23:02 GMT
server
nginx/1.18.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 3BB8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7e5f636d-81d4-407f-8d5e-14d6c19bb9c2&expiration=1645888982
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7e5f636d-81d4-407f-8d5e-14d6c19bb9c2&expiration=1645888982
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7e5f636d-81d4-407f-8d5e-14d6c19bb9c2&expiration=1645888982
date
Fri, 26 Feb 2021 15:23:02 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3BB8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YDkSVv-WuIoafbBFok2kcAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 15:23:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3058
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 16:14:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame FCD7
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.167.1 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7a77e6c7e87027799308ffbea25e31eae39fe713e64413c82961533b8481da79

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=e23bf568-6783-4810-92d1-7088ea42f856
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Response headers

date
Fri, 26 Feb 2021 15:23:03 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 26 Feb 2021 15:23:02 GMT
pragma
no-cache

Redirect headers

date
Fri, 26 Feb 2021 15:23:02 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=e23bf568-6783-4810-92d1-7088ea42f856; Path=/; Domain=eqads.com; Expires=Wed, 26 May 2021 15:23:02 GMT; Secure; SameSite=None
async_usersync
ib.adnxs.com/ Frame BD23 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:02 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.104:80
AN-X-Request-Uuid
6b334569-754a-4a06-9650-1765d0bfcb02
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FCD7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=e23bf568-6783-4810-92d1-7088ea42f856&expiration=1622042582
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/um/cs&eq_cc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Feb 2021 15:23:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Feb 2021 15:23:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
idx.liadm.com
URL
http://idx.liadm.com/idex/ie/any
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=191040
Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1400&ts=1614352952757&src=pbjs
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211287c7ac5b05bc%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212d4e29395f86e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212d4e29395f86e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c2shb.ssp.yahoo.com
URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017070aa756fac329da1007b&pos=justjared_728x90_1&cmd=bid&us_privacy=1---
Domain
c2shb.ssp.yahoo.com
URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017070aa756fac329da1007b&pos=justjared_300x250_1&cmd=bid&us_privacy=1---
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1400&ts=1614352952777&src=pbjs
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2232f04b5375d2556%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233c5855af80feff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233c5855af80feff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
www.zergnet.com
URL
http://www.zergnet.com/zerg.js?id=87011
Domain
d2na2p72vtqyok.cloudfront.net
URL
https://d2na2p72vtqyok.cloudfront.net/aniview-script/JustJared_Floating.js
Domain
tag.bounceexchange.com
URL
http://tag.bounceexchange.com/3479/i.js
Domain
cache.sellwild.com
URL
https://cache.sellwild.com/listings-img-data-sm-justjared
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=340d829b0019d3ce262a38f6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=340d829b0019d3ce262a38f6&gdpr=0&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=42796&in=1
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YDkSOg07e116RGehPSyt9QAA
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
c2shb.ssp.yahoo.com
URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017070aa756fac329da1007b&pos=justjared_rail_300xflex_11&cmd=bid&us_privacy=1---
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1400&ts=1614352955795&src=pbjs
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2251dce8137337b48%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22528c6aad539eddf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2253a59a27ea31635%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254d8c31fe267031%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22528c6aad539eddf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475128&size_id=15&alt_size_ids=9%2C10%2C221&gdpr=0&us_privacy=1---&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a27089b-eb08-4d43-9b9f-33da1c13e509%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tg_i.pbadslot=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Left_300xFlex_OuterRail&tg_i.dfp_ad_unit_code=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Left_300xFlex_OuterRail&tk_flint=dmpbjs_v4.24.0&x_source.tid=7f0110bb-9948-4910-aa36-1d4c3ee659b3&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6141013194445959
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2264a9c5c33058c68%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226546e5a8c0e8e7f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2266240765964ef3c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2267ed49450ae1a57%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226546e5a8c0e8e7f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475128&size_id=15&alt_size_ids=9%2C10%2C221&gdpr=0&us_privacy=1---&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a27089b-eb08-4d43-9b9f-33da1c13e509%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tg_i.pbadslot=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300xFlex_OuterRail&tg_i.dfp_ad_unit_code=21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300xFlex_OuterRail&tk_flint=dmpbjs_v4.24.0&x_source.tid=ea40ef5a-d1bf-41db-8fcd-8ca5fe139ff2&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8511008259958261
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
c2shb.ssp.yahoo.com
URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690f1017070aa756fac329da1007b&pos=justjared_rail_300xflex_11&cmd=bid&us_privacy=1---
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1400&ts=1614352955810&src=pbjs
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOA-YSWZF8FfXvN_xzdzRaY&google_cver=1&google_push=AQvitUL2O9RBWFTHePgLLjsLCFndhvLlmjttAM-Js1phowjOkpnT6bmmMqMXvms8pivLJHmfw1mXlGb6NwmPfVplynT0qNmkjh4Q
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb?auction_start=1614352958285&ad_unit_code=video_6&tmax=8000&width=600&height=338&publisher_id=5fad0eb54fdc5c00016859b1&floor_price=0.55&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&bid_id=83a870cd7e570f&bidder_request_id=783f2429027ad5&transaction_id=8d1a93b2-c13f-48d6-8df6-cf307c1f0583&session_id=f17bb0c3-f978-4067-a0c7-851aaf65a6f2&publisher_name=www.justjared.com&site_domain=www.justjared.com&bidder_version=4.0.0&cs_method=iframe&us_privacy=1---&schain=1.0%2C1!avantisvideo.com%2C8105%2C%2C3fc1aaf60764f66b81cda47d13bbd591_1723128236%2CMedia%2520Tradecraft%2Csporcle.com&referrer=http%3A%2F%2Fwww.justjared.com%2F&page_url=http%3A%2F%2Fwww.justjared.com%2F
Domain
tag.1rx.io
URL
https://tag.1rx.io/rmp/216063/0/mvo?z=1r&hbv=4.25,2.1
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2231f222de177792c%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22us_privacy%22%3A%221---%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228105%22%2C%22rid%22%3A%223fc1aaf60764f66b81cda47d13bbd591_1723128236%22%2C%22name%22%3A%22Media%20Tradecraft%22%2C%22hp%22%3A1%2C%22domain%22%3A%22sporcle.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221824694791c4192%22%2C%22currency%22%3A%22USD%22%2C%22bidfloor%22%3A0.49%2C%22bidfloorcur%22%3A%22USD%22%2C%22pubid%22%3A1737%2C%22pkey%22%3A%2222439622%22%2C%22tid%22%3A%2202294c58-a696-4829-a21d-93bf8427a2bd%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=483124&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221950ddee376e768%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228105%22%2C%22rid%22%3A%223fc1aaf60764f66b81cda47d13bbd591_1723128236%22%2C%22name%22%3A%22Media%20Tradecraft%22%2C%22hp%22%3A1%2C%22domain%22%3A%22sporcle.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22209329e3cf3ae04%22%2C%22ext%22%3A%7B%22siteID%22%3A%22483124%22%2C%22sid%22%3A%22600x338%22%7D%2C%22bidfloor%22%3A0.45%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A1%7D%7D%5D%7D
Domain
tag.1rx.io
URL
https://tag.1rx.io/rmp/216063/0/mvo?z=1r&hbv=4.25,2.1
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=8000&ts=1614352958300&src=pbjs
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662211632556840&redirectId=1001
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/rid?ttd_pid=qvrl0w8&fmt=json
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ptv?id=20752301&referrer=http%3A%2F%2Fwww.justjared.com%2F&us_privacy=1---&cbb=4352967209&imp_id=dca805f0-989d-42bf-b28a-8a6d6e5cb8ea
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ptv?id=20629435&referrer=http%3A%2F%2Fwww.justjared.com%2F&us_privacy=1---&cbb=4352967211&imp_id=dca805f0-989d-42bf-b28a-8a6d6e5cb8ea
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2270d2831f63fa287%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22us_privacy%22%3A%221---%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228105%22%2C%22rid%22%3A%223fc1aaf60764f66b81cda47d13bbd591_1723128236%22%2C%22name%22%3A%22Media%20Tradecraft%22%2C%22hp%22%3A1%2C%22domain%22%3A%22sporcle.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2253af7a8f8af5866%22%2C%22currency%22%3A%22USD%22%2C%22bidfloor%22%3A0.49%2C%22bidfloorcur%22%3A%22USD%22%2C%22pubid%22%3A1737%2C%22pkey%22%3A%2222439622%22%2C%22tid%22%3A%224291a2f8-b32f-4e6d-8668-8573bbff6a53%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/showad.js
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YDkSVv-WuIoafbBFok2kcAAA&cm_dsp_id=39

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| getOutboundLink object| _comscore object| _qevents function| __tcfapi function| __uspapi object| _sp_ object| _sp_ccpa object| core string| ggv2id number| is_home object| google number| _sf_startpt function| getSelectionText function| is_touch_device function| returnToMobile function| del_cookie object| head boolean| mob undefined| rScr undefined| ccScr object| jjfn object| blocks object| hPage boolean| noScr undefined| slot_mbelArt_ref undefined| slot_mBelCon_ref undefined| slot_mInContent_ref undefined| slot_mUnderV_ref undefined| slot_mUnderV2_ref undefined| slot_mInImage2_ref undefined| slot_mInImage3_ref undefined| slot_mInImage4_ref undefined| slot_mInImage5_ref undefined| slot_mInImage6_ref undefined| slot_mInImage7_ref undefined| slot_mInImage8_ref undefined| slot_mInImage9_ref undefined| slot_mInImage10_ref number| pageStart boolean| slot_inContent1_ref boolean| slot_inContent2_ref boolean| slot_inContent3_ref boolean| slot_inContent4_ref boolean| slot_inContent4int_ref boolean| slot_inContent5_ref boolean| slot_inContent6_ref boolean| slot_inContent7_ref boolean| slot_inContent8_ref boolean| slot_inContent9_ref boolean| slot_inContent10_ref boolean| slot_belArt_ref boolean| slot_botInner300_ref boolean| slot_midInner300_ref function| setCookie function| getCookie function| eraseCookie function| initPage string| ExitBeeObject function| xtb number| ord object| dmScr object| pbScr object| sigScr undefined| newTarg function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| headertag object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| googletag object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apstag function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE function| refBot function| dispDFP function| callAdserver function| adh function| topStickyInit function| topStickyScr function| innerScr function| innWidthChk function| scrBuild function| scrL function| scrR function| scrVis function| insticatorOverlapVis function| writeInsticator function| rcLL function| LL2 function| refCheck function| listenerGroupFn object| FB object| __s object| instgrm object| __twttrll object| twttr object| __twttr function| $ function| jQuery object| ggevents undefined| bean object| GUMGUM function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ggData object| __connect function| loadSite object| pbjs function| pbjsChunk object| _pbjsGlobals object| slot_top728 object| slot_topInner300 function| setImmediate function| clearImmediate object| regeneratorRuntime object| ats object| avntsWebpackJsonp number| avnts_player object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| com function| _avcp object| storageAni object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| slot_leftOuter300 number| tl300Ref object| slot_rightOuter300 number| tr300Ref object| e9PageData number| google_global_correlator object| closure_lm_922576 object| closure_lm_446904

0 Cookies

5 Console Messages

Source Level URL
Text
console-api warning URL: http://www.google.com/jsapi(Line 141)
Message:
Loading modules with the jsapi loader is deprecated. Please load jquery directly from https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js.
console-api log URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: https://ccpa.sp-prod.net/ccpa.js(Line 1)
Message:
CCPA script successfully executed.
console-api log URL: http://widget.sellwild.com/justjared/justjared-justjared-desktop.js(Line 1)
Message:
[object Object]
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 http://www.justjared.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

009d41c4a53d1de575248394b8195d12.safeframe.googlesyndication.com
1x1.a-mo.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.bidstreamserver.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
aud.pubmatic.com
avm.avantisvideo.com
b.scorecardresearch.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
biddr.brealtime.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cache.sellwild.com
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cdn.ampproject.org
cdn.avantisvideo.com
cdn.doubleverify.com
cdn.exitbee.com
cdn.jsdelivr.net
cdn.privacy-mgmt.com
cdn.undertone.com
cdn01.cdn.justjared.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjared.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjared.com
cdn03.cdn.justjaredjr.com
cdn04.cdn.justjared.com
cdn1.avantisvideo.com
ce.lijit.com
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.adroll.com
d2na2p72vtqyok.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dfp-gateway.s-onetag.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.quantserve.com
eus.rubiconproject.com
events.avantisvideo.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.rlcdn.com
get.s-onetag.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hb.emxdgt.com
hb.undertone.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
idx.liadm.com
ie-lb.gumgum.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js-sec.indexww.com
js.gumgum.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mediatradecraft-com.videoplayerhub.com
message.sp-prod.net
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.aniview.com
player.aniview.com
player.avplayer.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.owneriq.net
r.scoota.co
r.skimresources.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
settings-v2.service.exitbee.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.avantisvideo.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync3.sniperlog.ru
syndication.twitter.com
t.skimresources.com
tag.1rx.io
tag.bounceexchange.com
tags.bluekai.com
tags.expo9.exponential.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20248.doubleverify.com
track1.aniview.com
tracking.m6r.eu
tradecraft.s.llnwi.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
widget.sellwild.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.justjared.com
www.youtube.com
www.zergnet.com
x.bidswitch.net
x.skimresources.com
yt3.ggpht.com
ads.pubmatic.com
ads.stickyadstv.com
api.rlcdn.com
c2shb.ssp.yahoo.com
cache.sellwild.com
contextual.media.net
creativecdn.com
d2na2p72vtqyok.cloudfront.net
dmp.brand-display.com
fastlane.rubiconproject.com
hb.emxdgt.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
idx.liadm.com
match.adsrvr.org
p.rfihub.com
prebid-a.rubiconproject.com
prebid.a-mo.net
sync.ipredictive.com
sync.outbrain.com
sync.technoratimedia.com
tag.1rx.io
tag.bounceexchange.com
tg.socdm.com
ums.acuityplatform.com
www.zergnet.com
104.131.170.213
104.17.119.107
104.244.42.136
13.32.24.12
13.32.24.96
142.250.185.130
142.250.185.162
142.250.185.166
142.250.185.66
142.250.186.162
146.0.227.110
151.101.114.49
151.139.128.11
159.253.128.188
159.65.196.12
174.137.133.49
178.250.2.151
178.79.208.44
18.156.0.31
18.158.74.203
18.159.25.74
18.195.155.181
18.195.54.139
18.196.104.43
18.197.47.23
184.25.115.49
185.29.135.227
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.138.142
198.148.27.139
2.16.186.80
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.151
213.19.147.210
213.254.244.11
216.52.2.48
23.218.208.187
23.218.208.200
23.218.208.246
23.37.38.181
23.37.42.132
23.37.42.216
23.79.152.128
2600:9000:206f:7600:1c:38a0:8a40:93a1
2600:9000:206f:8800:1c:38a0:8a40:93a1
2600:9000:206f:9200:8:9ed9:9c40:93a1
2600:9000:20d7:1600:1f:df94:f9c0:93a1
2600:9000:20d7:6a00:1f:2473:9080:93a1
2600:9000:20d7:f800:6:44e3:f8c0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700:10::6816:1957
2606:4700:20::681a:78b
2606:4700:20::ac43:4acf
2606:4700::6810:5e41
2606:4700::6812:517
2606:4700::6812:d05
2620:116:800d:21:36a9:ecb:e518:b308
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:802::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2013
2a00:1450:4001:813::2016
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9b
2a02:26f0:64::214:846e
2a02:26f0:7100:1aa::4469
2a02:26f0:7100:1b2::2c79
2a02:fa8:8806:12::1370
2a02:fa8:8806:12::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42:3::621
3.121.79.35
3.123.110.9
3.218.101.84
31.172.81.158
31.172.81.160
34.120.207.148
34.120.25.144
34.194.148.31
34.235.227.143
34.243.1.111
34.250.193.151
34.98.107.212
34.98.97.158
35.171.145.49
35.171.5.130
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.210.53.219
35.244.159.8
35.244.220.155
35.244.255.22
37.157.2.238
37.252.172.36
37.252.172.38
51.178.20.139
51.210.112.63
52.0.250.105
52.17.137.119
52.210.253.186
52.214.70.9
52.28.41.98
52.29.24.115
52.4.51.239
52.59.111.161
52.71.207.7
52.9.153.242
52.95.123.167
54.210.192.116
54.212.156.141
54.239.17.112
54.244.32.41
54.36.109.46
54.78.251.22
54.78.254.47
54.84.63.25
54.85.167.1
63.33.123.138
63.33.75.105
64.202.112.159
65.9.187.57
65.9.187.74
65.9.187.95
65.9.24.128
65.9.58.106
65.9.58.26
65.9.58.90
66.155.71.25
69.16.175.10
69.16.175.42
69.173.144.138
69.173.144.139
69.173.144.143
72.251.249.9
75.2.13.80
77.243.60.138
85.114.159.118
88.214.206.247
88.221.62.154
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
011456c0b36f88816d9c6e3b0a6aa26e1e4b656b0529684285dad4efd0eb071b
0246e337263c43ad09c32f6fd56fc29bb38cbcf740168fe57a5664dfd605ffcd
0256e8897858ab04cd4379da54aa918107cdc9dddfc66089fa775492cc0de1e9
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
0471f56e87d7e05556d7368c47db28ec5e3945d594f092e54d33b3edc79a1b72
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
055dd0f1e0eae12d4587b12f516a1d7a0f858d80498823cbade9f97b5962d727
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353
065df2a5815c55092199b5adfd11949b5382948399354d2e04db6a1585058ed8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e73cf8bd02700cfc277f0208cded0b2499f3fa80e6850932694df83021d1cd
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a1c3e7366e4c19e0917c884fb90fe48f3809dbac2bb4946dfa87cc2a11032f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e7f611710f3d372428c4be42bc42c8aca0374a156433fda22774daf5b61baee
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1219ecd52d0a6e65fc181ef5e02fd389830433fc76ee65ba847f5927dc5fde23
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
132948a42f4151d616205d7bdd957d974918347993005343b893603499373925
1559bce124c1ade84a67a9e951fa7d9b5f5130626768b5cd0b5883443f7d8916
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a3538a907a1ff388121c020508a0923dde3f74cbfa9decf14c2e229a02558f8
1ba575a038ca10d5b3833dfe67bf444599b6499aa9f0173f215b273da38c7b88
1bf97dfa9db6666f9abf3b9e4e1373a258033d4a486765109e44a7c7d5333ee7
1bfd69e817e61d608b68b6844d62672e197c4e966b9c78699406078ad88559f9
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
21fd9a65967969a48659f04d0650f858d68cc0b9b134ca1b9615cb917d5e9217
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
260f5ae4081436fb1931556a3dd5224444def5996ed2d3ba9de326557479b704
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275fc609330c00555a4986bf14480b2b92c7354394834d1b2602bbbc05a93934
299c8257c1430e190ea6443ec7ef765f987b9d15e084cbc1b0850214904f9da3
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
2d8b9819fe24c644c0065c265c89b00674f3d5bb37e3c2cf004e1256486a47c8
2db9d8c241a8b0af0c19a3af3f88772927305c25f46c477df92a42979b130cba
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2f0ce5018684afc0d1c3115406f894103ea5f8a8ae65a6f08d1e3ad27b1e19dd
2f59e936754eb3994d67aa90eb1f5e21dc269426a7619676da58b062a622e994
30b1b1108031c9dc907a9bb7dd67e90b26a4ec18aa670fdc7a59e5ab581deb75
31a40e375189e915946179d63a10471989b8a370ba4ba7e4e74fdfbd0f93ee3a
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff
390e638319f4504aa655cbb011eaaaa9506bc970a3aea658de5258b9cc5f14b7
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
3b0f06428809f5a2af1153f294ec53f9b73bf713af5fe78657b696cfa2e12b54
3b3b7ba31d1043f8fd2e8ad5f3e404a5837987101b49eb6d23f522540dedf821
3b7b1a8276796fefb8448c904fae3b1ae5715159b5aa6c3ae9ed7d0d84ddd5fd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7f60ed7f067c16f0a35776f29dbca939a0e80e07e3b76e67331e290b133775
3db10c8c39639a4f406c426f35e06a20d16cf5cb2a01e7f460c468ec5102108b
3dd3eddc67a3bcd0b6d9785767b3096b2fbeb7f12347dccd755e3cd6be0a712b
3e11878b343306ec2ed6ac76a3bf94668ce48584db672919b31f46e2b1f4dbed
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
417f9902b9d1f7f3c5a3e2db63ec0ed0a80d2220127038dc41b9ab006a0cdf34
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
479434155f8a2bd6c800f4d4c34e966c772e0843660bc04bdfd3607ca05efa50
47a50d5505b5bdca64c52715ba0dabfa66221a8452f1e73166bfba6506f54706
47d653431da637e4c6cc5dec3cf13922395b522f2919b3c05c0844642621d462
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b5de22696847ab1087f6653bcbc8795d0f36ec34f2618e768eda63e8070ccf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc67dcad29c70f048a9851744de250126b80b47005147e657b0b98cf113b6f0
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1ae0e00a286134b3d6247d58b8a9b260dc56cafaed3026c6cd444b69dfd8c3
4f5e794fb3be73016ffd2e5048db5021b7e1a942fa38cb4749454459a3e24208
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52a89e4682baffa75e5cb334e545df1b65d5e133b9c2ba4901688311928ac1e6
5325781b1a73ef6f6d0b3e0b9eea6503d647a60400f4951e0eaf566de60fa21f
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
57819b6e056137efab32a2a09f75d711dc26d8c81d590ccf9986363e3f55d1b2
58924302f630e6b759804e9be5f1b46d89d49056ba9db1fab3ba1ca342d49fc0
5c25f7507bf900752f5a48015db404e1a01c03c91692e76d61a74a98e944fc94
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
5eeec740891d4193480318721c4827c611532276f038278cf5df42d51d484450
5f9c3fdb26074a93b25360dab2b8b8fe2d569d4094aa8a7b39601e36c3349828
605d5cd6677a4a2939358123347d976e1e34c1eb1e72bbc82095e2735649024e
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
62ca072d5423ff3660772e70455a132fdfcac1ba60cca6a8a3ce1a211e4995d0
632fc0267a1b04d338b0b378ff5806233ed53d5f9c2a8a77d78077a01f7f07ab
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
65762667648dd7b9f71eabb437b56265ade196f3d16125359d7df6c17fc6312d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
696ab5455ac45491fa2a813404ad988de259236d411a9bc89307ea0540531684
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eefcba6d0b51a5940e1a3b2fab08f71a653129b41da356a2e9b0c053acf0b16
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
70772a7a36ab39e1f8cc319770a5eea261d23326e087c878d390eca09963d83b
70a3f595d1da1d6eab77586086b9d81676dffde56ff5d800b39b07b15c9d8523
7471cc6d274c0ebc05c468ec82daa98dc1325fde221b3932a0c81de749b4cc60
7747964377b30d4dbf0abee6a976260c1a20914768b67ce0a2296af7a1740939
77a8ed1f7c261b9b342ccd75b90bfa6989820680e502c0df08c6a15397365712
7a6c12b3bfb2efc039fb0bd3a28032b47f5fd5d48030e24c0d62caf6c8ebd191
7a77e6c7e87027799308ffbea25e31eae39fe713e64413c82961533b8481da79
7ac6489863d2e575f72fe7a8500180f7f640784c62d0cc8d91d286393649dfff
7b2a2df3fedebf0b3d7cb502596465fa2a38db2b234a959d6a852424bdfd1c81
7cc09d5bb93b30d2d81d748e3d5c1fe7b1f52526b10b4c03698b28a328a19d8c
7d573363e898b8e114eee4bd4e20c4ba42f8714d7c85e51b5c79cdbf20f502b5
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb
84dff52c2df24ad9ff6500374457f7dfa3ffb4e59f428c75bede63c64a1daa14
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8511835fab4343679793f8cbd83a2e7e84e6e29862c924fab1ea60a5eb67cbf8
85dfa91c770fb65bcac7572380ee5599fba69e3315830cb9a6f177b8287b04e6
85f18d5c27f5d37f034367f42e203caf1aa4d59bec499e334b64a67297f487ad
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
872b7cf3b24a2e31e46e67d43529278a328f4781beeeef306259dc8c6548a968
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
898c1f70cde5cac8c3d350e6a237c25aac2c17bae5437c563daa4ee540f8223f
89f5dd0a1e61f989db43c160ddd3a80d9570213a0a537fa387eaf2f52aa4d329
8b43e98242d9a89a8f22344e8fe3bc4feb7dc3fa2251f064a4514652cb7f9b38
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934
8f7df96cf66af9897fc65d5c1395dd6465f7ab1e5c1b9a77b8df3309f4e6c0bb
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
910f628cebdc47b83f61c52828ff0b3ca5284f545cd8f29cd399e2b8b2e17153
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
96587c3411bb189719cd5af61ac7a567d146970fadda1069beaeeaf6000a7e3b
96abee9e80df94b28491f6ef5bcb21dd203342d88c64a6a264418e67e7980d86
9731f788ddc8668529c69c750d2037c44291f0b9c4a692058e155eeee0af73bc
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
98d6081f3886bc7c5b2b463dcf4ab8c416385492532f3536bb2bf23e33677207
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acc014c14c6690b25f7381186e214806d739f0a98ccfa2abf6a2c7358cfc58b
9b8f3e3f40252ff041cf6c45efe8759f520dac4ad91fac11aa204d37edb02ac3
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
9dc983de16549eb7f65c7b0f050d223c8ab914d9b663cdbbe54dc3ad9b0e21d0
9e36289a34d680cadcaa5002fdaa158adc6caa7e283c4ff55de1e246783a4301
9f9bdf4dcf12a64a9459ee9c751cf7952ce2df92eeab046bacfeb1e01e784ccf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11778dc276659c0e7a85715199200d76296ec6690e187d1d52dabbc5ac48525
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a19666be2a07fee5947949512d875ec62e73c070b8b32c78a01da2c70140bbec
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092
a4c366a4d5145deb2d49c78fae5d45376d9d97e66438b1ff961a76050019d6df
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73
a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7
a6c5b174e97af7e79da63ed5a713f4792f38c70343f43146538e3c7eee844c70
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae75f5e3fc9deee998daf1fc5f814d2475e5c7cb569123ba81a916ebb5bcd734
aee7edbcb570cae2ec689ea12a8195acddbdef7396e20f6389bba9f0608b39d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b426c6bd8d3fa03a9c575fda5ce95829e721e4e47ecc33185c1be4e77528c784
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
b86e6d14af9be21e3ca394f0d705ac84fd335bef9dadd9454c1a7d50e28764f0
b93d27a02acc863843339658cf429aa87f7390d44e2d76628e213055c7add7c7
b9eaec0cc1aeac905e1720a4647d9dee336440fd5ef2422022b56848ac69db8d
ba171cd027168631542f708b6c4206703f33f085445183b0d4d0571b4c4715a5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc2d7dfbbe8e415f08c919cc224b4b77ddbf957d7f294e3f476105eb1bd268d
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0fc60176979d94327d20bdd1d25e3913e2eafbf56477abe2c1815d760cc6c56
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c5ab8aabd8f132000916189cc8cb0eec137f043995555225aebd1db8580e9e3e
c6670734d1e1df14dd613f28f77ae98378ab3162a4075260135f32e42a6cae4b
c68525dfd3522e6502ba77c99b7f5b569ed0f682f09b920635b3366bc502ccb9
c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a
c7cfcde04f4d67f9a622885d416a95614e789602cc0f9007a4ce38e836f1078f
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacb82725f816b8da18e824d0f423089b6c0f73d4b086b921ac79848de3d47fb
cacc7ef4cd797fd55e352d225f839adcb34a62f1101777cc3aca8556f8be4702
cb4159ccb2bb649ec9b75a62d06814c6a4a0e62773d1b5d69e3aee6ced1d6ee5
cd7159160e758625ddd687e795b516e28057b1802d348e6a06dfef8a59eba6c3
ce228fe909a2d596d995ef8c95991d201dcb87527814d7037b1d07355fa2c257
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d001084d1673a05b85a1d7930aa5f0dee2a9688459bfd5015ed2fc2542230dbd
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b
d2372770ee5d4f17c460195df01599c4e75bcaa0d9694ce9dd4c0f394053d501
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a
d48c1d073b6316712c0f4cfd412eba61c6ac0fbf6dea3dd3d0d91724b2f5fdca
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
d533d520a7bc97bbb3f7eb3fdbbe4a9a0e42495c5fd6cd3c0adaec0f07f4dc4c
d6fdce41e277d14632e2490e73ec948da30c1b529630739a22b7b06d6e1b4b70
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d956b4a370f23d6d077bcf4ee2df0dfd0eaab454de238b3ff040ceaefbb57004
d98822c2ee45aa95f7c98f9ab5bf7eb3fb37dffb0332d7caf0fc7afe5805f506
da1e0deaced7c9a413cc3b1d17288bcde5f94c679d7d975549ff1a86274b9df9
dadf88e285287bca6316616c72fec035267982ac5da6e6c6980aa655236c5368
dc5a281743479dcc6f352b67e5219524b6153d1a73da652498a687e7aa16c81a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfd1cc451aa670a4498ca8dfc6aa06ae18807ff7ae962365bdc2fd8e0c8cea0
dd3f38ff13db954a5adff0eef0416b4765d8efbd17c529af9d14355d1c54b3fb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e026c316f74a03d99842195b8374d29132fbe6527fa6053cb7f1cac2cfac8575
e0dffeaf5c34dd8d1b2104c7e1730ec949f33769fd525ecfc89476d955cf75c2
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2af88cb1f7d60bbd68f56724744705c338431c08bd75a3c581d06489e9417d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec07145694bddafe369ac8cb1a160178bfd16cc144d36e4f3e632f62afc2ab1d
ece26aa0ea25f2fed042ddf07c349cc7fe643e1e3817e5e07f74c64ebe54da62
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ede74e5dd46a8e12415354ec42df96b37a9ac5f4fc1ffe8a9d62a539cdbb84ff
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f0f1cbc9d4ca2e084e4bf9a2c9904bf6ea80208c5c842a9f9854fbefa001
f17fd152e12a6a92ab10ccfea6033f88358dd183e2ea28eeef06a38f451d1075
f2c4a7ba35bf1d196aafd3bad862a5c0e4503d5acfffe8ae7299edd3477b0812
f33b8ccfae2f19901dd12a13d472b15d8e2a1017da2781328b19cb72d95d5944
f3c56f5066536935eb293bd1b01948c0638daec2654317269062f53addb10816
f461d04010854e0154a0c9de141920c07582c9530d7c226c43f8c479b4ccf7f1
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fa2a41c88d1da8b77aa083e1a638a7ab0ea052b0acdace1c24ed13697e375129
fb526432d243c9dca18b130aec52586c7d21e06d33a62a00c5672c26933157b2
fc79bf3c37e3c316b70c4bc2f1b29406385a0f5b1c59c0e30325cf49272bbd0f
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fedb6350665e6b03ab1c40b650fe58b09e0c163f9b4325df64abb901e6300e26