trib.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trib.com/
Effective URL:
https://trib.com/
Submission: On March 10 via manual (March 10th 2022, 2:06:00 pm UTC) from US — Scanned from DE

Summary HTTP 417 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 70 IPs in 7 countries across 63 domains to perform 417 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is trib.com. The Cisco Umbrella rank of the primary domain is 430719.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 12th 2022. Valid for: 3 months.

This is the only time trib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
41	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:3600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:7c00:2:36a1:2f40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
3 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	143.204.97.29 143.204.97.29	16509 (AMAZON-02) (AMAZON-02)
73	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	108.157.4.60 108.157.4.60	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6e00:7:5031:dc0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
10	161.47.17.28 161.47.17.28	19994 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2010	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:9e00:e:98bf:5f00:21	16509 (AMAZON-02) (AMAZON-02)
2	34.102.205.239 34.102.205.239	15169 (GOOGLE) (GOOGLE)
1	54.93.106.38 54.93.106.38	16509 (AMAZON-02) (AMAZON-02)
2	52.212.62.46 52.212.62.46	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
20	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
9	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
10	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1 21	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
10	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
10	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
10	35.157.98.225 35.157.98.225	16509 (AMAZON-02) (AMAZON-02)
15	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	34.231.128.63 34.231.128.63	14618 (AMAZON-AES) (AMAZON-AES)
10	23.218.208.246 23.218.208.246	() ()
6	104.102.28.254 104.102.28.254	() ()
5	104.17.119.107 104.17.119.107	() ()
3	67.202.105.22 67.202.105.22	() ()
1	192.82.242.209 192.82.242.209	() ()
2 3	37.157.6.252 37.157.6.252	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1 17	185.64.189.110 185.64.189.110	() ()
2 2	185.29.132.241 185.29.132.241	() ()
2 3	52.213.253.251 52.213.253.251	() ()
7 7	142.250.185.162 142.250.185.162	() ()
1	216.52.31.59 216.52.31.59	() ()
1	178.250.2.151 178.250.2.151	() ()
1	169.197.150.8 169.197.150.8	() ()
1 1	154.59.122.79 154.59.122.79	() ()
1 2	2606:4700::68... 2606:4700::6812:c05	() ()
2 2	18.159.83.65 18.159.83.65	() ()
1 2	104.89.45.32 104.89.45.32	() ()
1 1	104.45.178.220 104.45.178.220	() ()
1	38.27.122.101 38.27.122.101	() ()
1 1	23.88.75.189 23.88.75.189	() ()
1 2	34.192.179.231 34.192.179.231	() ()
1	35.244.174.68 35.244.174.68	() ()
2	185.64.190.81 185.64.190.81	() ()
1	169.50.137.182 169.50.137.182	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2a05:d018:d29... 2a05:d018:d29:3605:9290:fe02:2ee8:2378	() ()
2 2	3.126.56.137 3.126.56.137	() ()
1 1	107.23.10.176 107.23.10.176	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	() ()
2 2	18.184.212.115 18.184.212.115	() ()
1	34.98.67.61 34.98.67.61	() ()
1 1	66.155.71.25 66.155.71.25	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1 1	185.33.223.38 185.33.223.38	() ()
417	70

10 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

trib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:7c00:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)

d81mfvml8p5ml.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-29.fra50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-60.dus51.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6e00:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)

dn1i8v75r669j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)

saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:9e00:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)

dkpklk99llpj0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.106.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-106-38.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.62.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-62-46.eu-west-1.compute.amazonaws.com

am.freshrelevance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.157.98.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

saambaa-static.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.128.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-128-63.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.218.208.246 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.102.28.254 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.119.107 (None, )

ASN- ()

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.22 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.82.242.209 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.252 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.64.189.110 (None, ) 1 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.253.251 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (None, ) 7 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.31.59 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (None, ) 1 redirects

ASN- ()

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.83.65 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.45.32 (None, ) 1 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (None, )

ASN- ()

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.179.231 (None, ) 1 redirects

ASN- ()

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9290:fe02:2ee8:2378 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.10.176 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.212.115 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (None, ) 1 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.38 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com	2 MB
41	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 15296	555 KB
36	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	57 KB
22	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com	25 KB
20	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 709	2 KB
15	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	7 KB
15	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1201 cdn.districtm.io	625 B
15	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 409 ssum-sec.casalemedia.com	5 KB
14	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	490 KB
13	33across.com ssc.33across.com — Cisco Umbrella Rank: 1316 ssc-cms.33across.com	2 KB
12	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net	277 KB
10	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1565	1 KB
10	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1440	7 KB
10	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055 1x1.a-mo.net — Cisco Umbrella Rank: 3547	2 KB
10	saambaa.com saambaa.com — Cisco Umbrella Rank: 18988 api.saambaa.com — Cisco Umbrella Rank: 20554	206 KB
10	trib.com 1 redirects trib.com — Cisco Umbrella Rank: 430719	91 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	76 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	360 KB
5	brealtime.com biddr.brealtime.com	6 KB
5	indexww.com js-sec.indexww.com	9 KB
5	cloudfront.net d81mfvml8p5ml.cloudfront.net d1eoo1tco6rr5e.cloudfront.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net	22 KB
4	3lift.com ib.3lift.com — Cisco Umbrella Rank: 1006 tlx.3lift.com — Cisco Umbrella Rank: 512 eb2.3lift.com — Cisco Umbrella Rank: 346	85 KB
4	adsrvr.org 3 redirects insight.adsrvr.org — Cisco Umbrella Rank: 567 match.adsrvr.org	1 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	adform.net 2 redirects c1.adform.net	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 storage.googleapis.com — Cisco Umbrella Rank: 425	29 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 2150 bcp.crwdcntrl.net — Cisco Umbrella Rank: 691	12 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	573 B
2	owneriq.net 1 redirects px.owneriq.net	476 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	745 B
2	azureedge.net saambaa-static.azureedge.net — Cisco Umbrella Rank: 21572	43 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792 pixel.quantcount.com — Cisco Umbrella Rank: 3561	555 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1460	79 KB
2	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com	10 KB
2	freshrelevance.com am.freshrelevance.com — Cisco Umbrella Rank: 14748	5 KB
2	leetemplates.com a.leetemplates.com — Cisco Umbrella Rank: 31635	333 B
2	survicate.com survey.survicate.com — Cisco Umbrella Rank: 6919 surveys-static.survicate.com — Cisco Umbrella Rank: 11782	96 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	39 KB
2	gstatic.com www.gstatic.com	13 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 8124	84 KB
1	playground.xyz 1 redirects ads.playground.xyz	462 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	336 B
1	mookie1.com odr.mookie1.com	324 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	611 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	loopme.me 1 redirects csync.loopme.me	218 B
1	bnmla.com match.bnmla.com	114 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	348 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	674 B
1	deepintent.com match.deepintent.com	44 B
1	criteo.com dis.criteo.com	362 B
1	adgrx.com cm.adgrx.com	408 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 47428	456 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	4 KB
1	google.com ampcid.google.com — Cisco Umbrella Rank: 1737	527 B
417	63

	Domain	Requested by
73	pagead2.googlesyndication.com	securepubads.g.doubleclick.net trib.com www.googletagservices.com saambaa.com pagead2.googlesyndication.com
41	bloximages.chicago2.vip.townnews.com	trib.com bloximages.chicago2.vip.townnews.com cmp.osano.com
21	ib.adnxs.com	1 redirects saambaa.com
20	targeting.unrulymedia.com	saambaa.com
15	ap.lijit.com	saambaa.com
14	www.googletagservices.com	securepubads.g.doubleclick.net saambaa.com
11	simage2.pubmatic.com	1 redirects ads.pubmatic.com
10	dmx.districtm.io	saambaa.com
10	hb.emxdgt.com	saambaa.com
10	htlb.casalemedia.com	saambaa.com
10	apex.go.sonobi.com	saambaa.com
10	ssc.33across.com	saambaa.com
10	hbopenbid.pubmatic.com	saambaa.com
10	trib.com	1 redirects trib.com
9	prebid.a-mo.net	saambaa.com
8	saambaa.com	trib.com saambaa.com
7	cm.g.doubleclick.net	7 redirects
6	image2.pubmatic.com	ads.pubmatic.com
6	ads.pubmatic.com	saambaa.com
6	www.google-analytics.com	cmp.osano.com saambaa.com trib.com
6	www.googletagmanager.com	trib.com cmp.osano.com saambaa.com
5	ssum-sec.casalemedia.com	js-sec.indexww.com
5	biddr.brealtime.com	saambaa.com
5	js-sec.indexww.com	saambaa.com
5	cdn.districtm.io	saambaa.com
4	tpc.googlesyndication.com	2 redirects trib.com
4	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net www.googletagservices.com
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	ssc-cms.33across.com	saambaa.com
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	2 redirects
2	image4.pubmatic.com
2	beacon.lynx.cognitivlabs.com	1 redirects ads.pubmatic.com
2	px.owneriq.net	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	saambaa-static.azureedge.net
2	bcp.crwdcntrl.net	1 redirects cmp.osano.com
2	confiant-integrations.global.ssl.fastly.net	saambaa.com confiant-integrations.global.ssl.fastly.net
2	api.saambaa.com	saambaa.com
2	am.freshrelevance.com	cmp.osano.com dkpklk99llpj0.cloudfront.net
2	a.leetemplates.com	storage.googleapis.com
2	dkpklk99llpj0.cloudfront.net	cmp.osano.com
2	fonts.googleapis.com	cmp.osano.com saambaa.com
2	ib.3lift.com	securepubads.g.doubleclick.net ib.3lift.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
2	www.gstatic.com	trib.com
2	cmp.osano.com	trib.com cmp.osano.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pixel.quantserve.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	odr.mookie1.com
1	pubmatic-match.dotomi.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com
1	ad.turn.com	1 redirects
1	um.simpli.fi
1	idsync.rlcdn.com
1	csync.loopme.me	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	mweb.ck.inmobi.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	1x1.a-mo.net
1	e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantcount.com
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	secure.quantserve.com	trib.com
1	eb2.3lift.com	trib.com
1	tlx.3lift.com	ib.3lift.com
1	storage.googleapis.com	cmp.osano.com
1	ampcid.google.de	www.google-analytics.com
1	cdnjs.cloudflare.com	cmp.osano.com
1	surveys-static.survicate.com	cmp.osano.com
1	dn1i8v75r669j.cloudfront.net	cmp.osano.com
1	ampcid.google.com	www.google-analytics.com
1	a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com	cmp.osano.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	survey.survicate.com	cmp.osano.com
1	d81mfvml8p5ml.cloudfront.net	cmp.osano.com
1	tags.crwdcntrl.net	trib.com
417	92

This site contains links to these domains. Also see Links.

Domain
pagead2.googlesyndication.com
subscriberservices.lee.net
autos.trib.com
www.google.com
firstpresaugusta.org
www.acsadvertisinginc.com
lee.net
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
trib.com ZeroSSL ECC Domain Secure Site CA	`2022-01-12` - `2022-04-12`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-09` - `2022-04-09`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.saambaa.com Go Daddy Secure Certificate Authority - G2	`2020-04-01` - `2022-05-31`	2 years	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.freshrelevance.com Amazon	`2021-06-16` - `2022-07-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
beacon.lynx.cognitivlabs.com Amazon	`2021-04-28` - `2022-05-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 71 frames:

Primary Page: https://trib.com/
Frame ID: 33D78E2C757EFB09BAD7547A570DE260
Requests: 110 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 030796513F13B250E20D39D702AF8346
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 396A49DB0C6DA33816AEEAC9755CA9EF
Requests: 2 HTTP requests in this frame

Frame: https://a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F73A6FAD3BB3F0405D2580838AB8DE18
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstUFTdpFANX94g_OpFygJ5keN6KMM1jChMPzpKF9IrrIrulXgvHl55lalwC-gUdqjeJ4lyFm1dOlWwmtoQ7OFqGuGVsBesbWfNAwcQWuZm6_OOpWN3ooq-m6ylvhgivsytGpqWoWkdlflEUPGsJn_7EEV5jwc-Sw45TErrrCnTMUHAVYQH7164P7tGJDmzRHeVoq5crWz8PzOUYs5A2-VZwDB69mcM-QhuB3B8oOnKS-1R7TH8krl6SvbDdCCyQdZr4SJMDjjmGeMNQvLhfDBhDw0PiV5jLAicma7XfnPDsUtPCRTF3&sig=Cg0ArKJSzDl5hVdhnoqGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5ADC11AB8CB00EF793086D6296CFB55B
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsts_E4KTP_HEtrasCmjcvUio6dfAffkKeUB9S9TpBMtEqJroGHe2OQc7D504PSykGmpz9g0O3FwTNi5Lgwpgv8A_ARD-iSMsLAAvCC1AuxuU8ib8o6OFQqjP2r-ea0CkozAqNjKRNEf9q-ZpZ9DqngKaiIvtAlh8C4VqHsJvYlTYJ4fNpaPMg3GW3GWzNTTP-Q6Wnh6u9rABiKMuKTHILIrJUnX2IndLc_KZnJGwpkrYnUXc8K79dwnpoJgKZu6_4cDpuahL2HpMyFhxDwulvsnhoXeAa9ms3cTIUJ5kEQaklEqKrr8YPaSBg&sig=Cg0ArKJSzGT4kUCVwnqtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 011DA9F4B1C6FC084AA87BB2053DC878
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJdDLW0pWTLM-5PGhrZxhNzqaC8RUpKSZ2ylsz1YEQsriYOLn-eOWOCpa3TFgYYYlTyNhyVBG7HjuyHe2njuwnBLvaMAvt6pkULvPh0saSL93-Qrswn11P2_gcrNTXRE24y0UGeOy9PzLX3b-Q26LoJYiLHA61mwD86hhEkJBvX3GNq6Gwuf4VdP3SGTj6LIwsbDHdhHv3V_pDY-Q-FulwT21LBlNSFacNU3u2XHKp0hNZWPO5DRhtsYHgYNFQhOKkxLSfHF32c7HJM0Sd9aXD0ZAiRO8FZ0pZMfVO8YmJmVcPOhiS&sig=Cg0ArKJSzBbJupUD6BtHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 89BDCF302CD9DC1E387BD9A1C0ECD5C7
Requests: 153 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=lee_mid_article_native&referrer=https%3A%2F%2Ftrib.com%2F&rev=a40d8c8&fe=0&ft=1&cb=4145875819&gdpr=true&cmp_cs=CPVpDmPPVpDmPEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA
Frame ID: 08C6BB74796E00AAFDDAD1DB6F4B0A24
Requests: 1 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: 0459C69F6A13CAB30319F316D5581948
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 845CB410A513F2382D639BFD510958A7
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
Frame ID: F7F417540BAD855872F0697E3046FA05
Requests: 1 HTTP requests in this frame

Frame: https://e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B813E0D185552A8BA6E590EE82B93BD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvVsd2PUI0mNvP05444J67q2aBgA4CB14nB8qLEP50IxlhiZZAlUvTwuv4sayqyRyWfBov7NCMr8idgAFxiyoYgJIwDrXscGgq77qMKx9Vvt9MtArjCm3YK-7AMWTk7NN2NYtd3qG9UAnP3PE-NOeziLW9yuvGhQXPElbNUgSTtcKkvKdbc3L25KfY-cNUcfaXHnnzyoWdolpN2sgfJFY4ExE3NUZctIDIl_vOmDTmed6dF64xfGK-9F5UG8UrIHavpYED8l9Z29LCveblZxD8qdT2S9-fzpUxvONBwzFceFZiFKfqwA2MXkZIwZow&sig=Cg0ArKJSzDPao2YHfqeyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1FF00AFC87F6F8865CFA068CBCE42199
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu2CmVZDQzMkzLAyPfOgeogXsyOJ1h6U-jTQt7rtmTCbDSwvkEEObb-xXxmU3M_zpwzBUBRK3cMY_bdWvtHbaKxny10UyK8E-U0YjosUAXzXd5_B0s9JF-c4QhAKnMueqMIhGk3K1FwN49E3f0YeX9ecL6l3RAA3IR6E0z2fwsPOLceDmFNyKMdiE1eefzsFrm_siY4tQlxpMRKe-zfDMXfchW6NNIEgsFqZ7TwATgvvBTPZSKwpQsjmoBpaxGKUmnXnyQIq7i3FAu4-uHUCbyoBRaHq1fjDkZ44DdsaMs2B2uYTnZj-PWGVhiDvQ&sig=Cg0ArKJSzNJolUy90NMKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B5F22D48419A6A7AF49394885EDA12A4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstjKd2tjAm3G6SMJUd4unKYQUth0RBisrUKRZkk9QyPKLL2lxkrxAB544bzVRJcoGCPTStPKwhuZce00J5voCGfyJfsPeduqkK8QZWJqQOXAmyvF-Zz19UI5fWHcfv_kxhCgsW7xqLszadYpZuM5FlCoUw21qIddGNQQUPPbHKCqdtrqqOr6giaSpV6ENnyfpkjW7bNWHvoixhcv7yxrNHnC7M8iiH_WwYnZFedcnTAuSWVFZ_aVIbmGK5TuAKJhVbWc2RDQkMZ8BQgdEhNFlifYdJijZb9YVo4RDW3XnTOUxQq2W42G85F77PoR_Q&sig=Cg0ArKJSzGmg3FM9NzunEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0255A0DADB4523122755450F31C0B008
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuUKs9IW_linJwSRNe67GZPddC95gGLbEfzX5LsyoHGfolxwnAF7AHNEXvhc8WyjwuWpbNpYFovw-IbmJGgmibm80ewa2cn6vZANJdNAU1gXkoirtUlF47NnbM5kqGLxEA5HJoIw1JfgDWRK7s4y-18OCM_sRQ5JuFO-g6MvtclcaXK4p68wItrssy4mpZ0XQs2KtNcuQtTJK3NXzOi3QppeTZkuVdLD_53f_KK13JmR3MBoEHPBqfHC-oExwVsB6UHEjp4xXp6b__TktJk5mDF8h9g9fM05vy4Zwah3c6Xbv8oXb_H6AkJI4nqLd8&sig=Cg0ArKJSzJnI8JTVWtlKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F618A7B1115291EF1243121CF91B72C6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssKnD0SOD-0oYBxQqrbW2KepnRL2cn5fZrjkJZkt_lGecUnU1ePm9WRq17B-4lXorHwTRKvesg0tcu5Wm85744vcL9jTBpVnIEdln7koL7npQLlvkxPZXNHAzsrLmXLPDvLdJXzE_3024fcLJgtRl4zom9meRdsty_JVpW3vJ79sPrq_WE8wCmwAxzqayDGKviuG682-DdpRdXU6qytJFQCnwrT_Jquvf4AbB0-PxQgmZwPh1lwVh_aM_CTWND--3LfzSbzWQ2NTOSWLk-t8hgaa60-oDGk2CHIW8pb_HCEaah3Gxp9FVDap1Cholo&sig=Cg0ArKJSzDll4dWHJnyHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0E90BF92599395F0F32C31C925A564C3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuV2UTx4ixHq3qmBJbw-DJ3HNBsxzDkEM-5_JZH_igvX92uqrJ3MaJtSgDsdT-jWMxeFoT5PsDd_EpMT8EXRd7755mp-N4paXqmILdBz7qm_aYx5S2D_6KZ8QMZ6VDRHVpYd9WyNXoDj-VC-dTi--Zp7Q7EBL1IsRtp0-v3JAFsjANoyyqS0JidGBjp3qfTXZOgZNWJtyIm8ndjfCXxn_TaH5Ixr7Hf_Mc_DBwR64SNz1a5nWfFTqIYg8fyPiu3LFu5xw5tMiOM97jL6NyUblxs4wsquaT3yOqIDTeE-SqIZmt-XiKiQJsQ228379o&sig=Cg0ArKJSzIUGnrqOSyutEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 57EDB7DA489D56752847D5A1CB726F32
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstgSU1aKD4afYBlmvCNFM6ReeQXuhecWnNlt9sK36IPwRrXS1zS_LUNKfJEn8M4EQ1giuoOZK6dkRuxlBzdQFCr7QpZMk_JcKMJY5puUTQpF5jIMgvqxg_UPkslkP2TH3EjYiM5ZWAlcUJQC3JDlXTtYJ-YRjy0ToYenjSnRGRoYXQnZSEt0qPC6a3TVj9kUYh7tcs78qYr_DvUVzM9KIu6EL5zhS6t1KxHoiWvazJsGS0Rkfe8zEaO7JkHkpV_iBTGzL5lI32ai0AP4dNlEN4JRgkwNfEMoNLuklzU1syoTBP9YOScd53zosSSoEw&sig=Cg0ArKJSzB_rbbxQmmLyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7A860ABA34411DA7A131CF6B5971DC0C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvbGVvCLnGMEF6K4hwHov0TCiUbjw1Z3hAUVjq5sbsAAvz5JG4ZKMuCLQarnamMbiEpVjr79CSjcL_49x6aAU-DHK_GI8N7Apu1M90VDD1Hkfxy_liGSqtWAsdP2C3CkbU7ApLwqwyLVAoNAClVi2Y6loe4i3mcF69gZdwAbBk-6z5gw_AFwP8k3UbLGU4ojUHgZGiyTNP4PR-FtO5sodUI3bcFPC_cFfnjTHyTmXzsnd8sAvZRJ_j946RfipQ3N5q3DShPvNFOgYvIUfxA-mmfrlulDwEjixeH_t5Lggw4g1Q6x6BuMYucajtwL1g&sig=Cg0ArKJSzFRvQ7TDtevsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DD316919ED730EC48EC389D6BD011666
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvdkt1yco_kSgB--pO0nl6NS1xCDFm16mvMLnB6ozcxerd9pl_ObHtX7MUddytio0AjgJGvJBovuG_dVPlrTYvPsXsIIyssrxuPiHZurjZrLbb_gRNHRLl4ua3XGxWQ_zr-Q65EQU0v5bQP1zBSTi3-qXftnVefsNvxYrPM12RjUCvfP6R3cvYQrDZbIetaTIyM4GPc3oxHS_w_yHFT7zlhycZku3GxAzzGggGqUW4u3iKQuqnFn_MX_hhlFjjt9w9hjdDEh1VjS2GhHz_cW45ZNGlMV36G-LFScQRSgmPBX5PCk98qiQtI9IBqTdc&sig=Cg0ArKJSzG4hvtc1nUe9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1D643E14B6D7475AD403CDBCDA8D1B7D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvayG9lUkLVr6-pcb85ALawFJrzKgh7v40lBOP_cJIQshBHp9ybUpMtknMwsp9StnusnTRYjITPQS7u5vMmeof6W_cheYSS0nUUHjZHOqYracVSaSnOsjSgFmTvplE2lEw8Ebre2Nps4rmQwW6kc7pXdB3P7ObsEh0MhBy9Z56WeTU3tvELDSMQnk_cozdZv4wHuVMJN7jZzGbejDPat65mF6swwLgh7s9RWYr-5uxYUfYtO7axsyzQT5wv0I_CrvBxbBQRxaCTvBCsMXyModJeelgbOWeXpPZpWZXxt5VPemphJfVqx1CpchC0Ddw&sig=Cg0ArKJSzG-ONQuUSrknEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4F53D56FD9EBCB07EE9856EE7AFCB505
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 8130E0EC4982D78B8AC0562030634195
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B576DC4CF4739AD83AA48C80D60E8C98
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 6EC7761B50CC0D72E7882C04CD005860
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 88DBAAE35EC8AC578E52049F2270C7FA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9E437AF0A81B4E7875098B4C412A9535
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: CF59D52A4767A8A8436DD7387EB63FDF
Requests: 21 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 27CCB33D804C9EFC987B0D57578CED0C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DF80741CAF05487CCBFB30DFBC0E4FA9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: BAB68E16FFDBDF34748FC31328D72E2D
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 15014A431A312B5CED747C1F79311B82
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: BCCC307A1E5C9028A97A38A9CF521B21
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 585752B7DE6B3ED90A5C3555974964E5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: EB27C59041ED4E5FA8EA7CD53426CB0E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 90D8A0777CC1FC3E62C22B39EF6CA8B6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D94386FFA32DD7FA5477C6AA3E6D6087
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 2AC4071F8778AF47818F751BF5DD404D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 72DC5EF14F330BF15C2BF8718C2113E6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: B6307ECBFA0E3B09D9729FEEF6B324F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 2DD9393D731E3490DBB572D0B05CE29C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8C0A83BC34FC2C9A9DF27C0CF730C727
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 99E7E24D79439D9512B1404ABBC9CF5B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 89E6CD5AFFDE99E7607F99D1B5C73640
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 393FEBABC7416E624244C3D81EEDE13C
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 26E940F5048049B6887712D2CE74CC77
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5A6054633DA6328A37544599AFE50AA0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: ADDDA262DA7E86A55F90A76EB68EDFA0
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: F0EAB8F914DFF2074E84A49F0355C925
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Frame ID: 2F995C3E4C1365A041DF2BF0E910B5AF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 11FB0CB848122E2EB8991ADC62A0A44F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 13509A7B993F17F1F28A90429DF3A561
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3F4A5C9CF7E080FDCC02949F11BBDBE9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AA7A908DD573469E6F959703B5DED3CF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 695D5B487E7527E7BBC6F700440F56B4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 93F4A08F98961874D82CA5BE0003508A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
Frame ID: AAADC0E87183AE3F1804B1C315B278C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioFxwAMHQwwOgBH&gdpr=0&gdpr_consent=&_test=YioFxwAMHQwwOgBH
Frame ID: A28E1E8EB0C2DC79904F07B94C04E3DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6340622a-05c7-4400-af0e-ef0cc4ba2ff4&gdpr=0&gdpr_consent=
Frame ID: 3DFD0166D917ED8FB3763095DED1EAB4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 126225278BF9EEE197F6E4EB6E59A9D7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5C60FC8CC1EB9AE134E8776702DEB55F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2A4676D5E1BAE6477DA3372CA0B90FD0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 66030051CF6C74911FAB620C60DE33D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=653811070499
Frame ID: 57A27AB5EF0B6381BC69589858CFB2B8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C4421DB3AA721051D89DDFE9902D619F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CmU2Q04t1Nsjqv5&gdpr=0&gdpr_consent=
Frame ID: 20665B1BCF36EA09B725244371F758BF
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: A1A0343E37AD5E51EFC14D1A3BD6985F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7fb48720-0a64-4918-afd3-1aa25d12b763
Frame ID: F4F1379496115C53C8A023375986BC91
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: D6C8412CA9CFDF1E9B48D7B69B93CA03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 8D22ACA554171D4CE1F399401C457243
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
Frame ID: 2F1AEC831BC67ED6B2D7480441A87D3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casper Star-TribuneSchließen Sie diesen DialogSchließen Sie die Cookie-EinstellungenCollectionCollectionCollectionVideoVideoVideoVideoAudioAudioAudioAudioVideoVideoVideoVideoCollectionCollectionCollectionCollection

Page URL History Show full URLs

http://trib.com/ HTTP 301
https://trib.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

417
Requests

90 %
HTTPS

31 %
IPv6

63
Domains

92
Subdomains

70
IPs

7
Countries

5085 kB
Transfer

13226 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsvBovV2K-yAWFup6Q4jW2GiXta0zXMzTxnAqUNBzQG09GoJYYOyCSTr0ZRyeZoA3nN5ndV6K08BaJaU8rMb7y-SfwDsCZu2h7CRnRfmt4rSB7320l6qI_PiRnxQMAUPkFi8RvO5XaxIjaLAGXFu23lDZXZ8s84BerGD1BgiP-zgOMnuBLaigDN8f2AWfsl7knmBC1aQ2BeF7iVuPv8K3fGjZTcVJ8NvXB1Jr8B-g5oyy1AN5VPTMEcjHa_L1faLb54uuRhmZV4NzremsrUpL1PvdoOxLXOSizK3XINaKPYVi2bFVA%2526sig%253DCg0ArKJSzLy5AIMK37nuEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://www.iflycasper.com/?utm_source=trib.com&utm_medium=Banner_Ads&utm_campaign=Reveal

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=trib.com&SubscriberLevel=DOP&Return=https%3A%2F%2Ftrib.com%2F#tracking-source=header&ir=true
Title: Subscribe for $1

Search URL Search Domain Scan URL

URL: https://autos.trib.com/
Title: Cars

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=trib.com
Title: My Membership

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//804%20S%20Wolcott%20St%2BCasper%2BWY%2B82601
Title: 804 S Wolcott St, Casper, WY 82601

Search URL Search Domain Scan URL

URL: http://firstpresaugusta.org/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//18455%20STATE%20HIGHWAY%20220%2BCasper%2BWY%2B82604
Title: 18455 STATE HIGHWAY 220, Casper, WY 82604

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//5210%20Maryland%20Wy%20%23301%2BBrentwood%2BTN%2B37027
Title: 5210 Maryland Wy #301, Brentwood, TN 37027

Search URL Search Domain Scan URL

URL: http://www.acsadvertisinginc.com/
Title: Website

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trib.com/ HTTP 301
https://trib.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 100

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODA8dfAgQEQARgBMggSLKicT_kERw HTTP 301
https://tpc.googlesyndication.com/simgad/11139753753507866120

Request Chain 101

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODomeCQiwEQARgBMgg9QvG8DD5fJg HTTP 301
https://tpc.googlesyndication.com/simgad/3307988277885807439

Request Chain 154

https://bcp.crwdcntrl.net/5/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr

Request Chain 396

https://c1.adform.net/serving/cookie/match?party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2

Request Chain 397

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YioFxwAMHQwwOgBH HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioFxwAMHQwwOgBH&gdpr=0&gdpr_consent=&_test=YioFxwAMHQwwOgBH

Request Chain 398

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6340622a-05c7-4400-af0e-ef0cc4ba2ff4&gdpr=0&gdpr_consent=

Request Chain 399

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUFFFN0VWQXdBQUNvUG1wNVNodw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 403

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=653811070499

Request Chain 404

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 405

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CmU2Q04t1Nsjqv5&gdpr=0&gdpr_consent=

Request Chain 406

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 407

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7fb48720-0a64-4918-afd3-1aa25d12b763

Request Chain 409

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 410

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4ad53413-5f31-42d7-9481-435a2a5c6a09&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2

Request Chain 411

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fZJur_gwSPyU929buj9U0g%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fZJur_gwSPyU929buj9U0g%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 413

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f432622a-05c7-4700-8fa5-df76fc0fd968

Request Chain 414

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q5MjZFQUYtRjgzMC00OEZDLTk0RjctNkY1QkJBM0Y1NEQy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q5MjZFQUYtRjgzMC00OEZDLTk0RjctNkY1QkJBM0Y1NEQy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 415

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELepU96VL9EK8uISv_7b8Hc&google_cver=1

Request Chain 417

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3710950861622885667&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 418

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edeab01f-b08c-4745-999b-f38e86e23715

Request Chain 420

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hmZkQoxE2uUFfbrvqLYnwV06Xh3eObA-~A&gdpr=0&gdpr_consent=

Request Chain 421

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1179363741045328308&gdpr=0&gdpr_consent=

Request Chain 422

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=368107c7-a07b-11ec-885d-330e64547fde&gdpr=0&gdpr_consent=

Request Chain 424

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7a9f0190-5aae-4528-b764-de9023ac80d4&ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 425

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 426

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bQ5DHGsJEkp2BEVKalpcTWMLRUx2CkgfbF55ibiL

Request Chain 427

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4962106319940471131

Request Chain 428

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EC847F29_14A5A3C2&r=https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 429

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1179363741045328308

417 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
trib.com/
Redirect Chain

http://trib.com/
https://trib.com/

324 KB
45 KB

350ms
116ms

Document
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

f07b1942eeb578d414fb5637647fe6dc82d1d8fd4635443a5554d65ae86c4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 10 Mar 2022 14:01:09 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 10 Mar 2022 14:01:06 GMT
x-robots-tag: noarchive
x-xrds-location: https://trib.com/tncms/xrds/
x-ua-compatible: IE=edge
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms: 1.61.4; app20; 2.57s; 8.3M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
etag: W/be744f0b2781c90a14b791501e06e82f
content-encoding: gzip
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age: 281
x-vcache: HIT
accept-ranges: bytes
content-length: 43631

Redirect headers

date: Thu, 10 Mar 2022 14:01:05 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
cache-control: public, max-age=300
x-robots-tag: noarchive
x-xrds-location: https://trib.com/tncms/xrds/
location: https://trib.com/
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.61.4; app5; 0.01s; 1.3M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
age: 284
x-vcache: HIT
content-length: 1771

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 200ms
54ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3822465
cf-ray: 6e9c9b89eaea5bf1-FRA
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:19 GMT

GET
H2 200 user.js Show response
trib.com/shared-content/art/tncms/user/ 12 KB
4 KB 226ms
223ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:03:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 147
etag: W/"621e61c4-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 181ms
35ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5387798
cf-ray: 6e9c9b89fb075bf1-FRA
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 05:45:08 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
13 KB 180ms
35ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 873080
cf-ray: 6e9c9b89fb055bf1-FRA
last-modified: Wed, 05 May 2021 20:06:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad2-8154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 05:45:08 GMT

GET
H2 200 tnt.f3739bd4d04bcee9e077d20b4f31f29c.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 21 KB
6 KB 182ms
37ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 752723
cf-ray: 6e9c9b89fb095bf1-FRA
last-modified: Fri, 28 Jan 2022 22:01:23 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61f467b3-5572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:18 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 194ms
50ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15418368
cf-ray: 6e9c9b89fb0c5bf1-FRA
last-modified: Wed, 05 May 2021 20:06:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac0-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 22 May 2022 03:30:11 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
970 B 185ms
41ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15418368
cf-ray: 6e9c9b89fb0a5bf1-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:05 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 163ms
41ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1198933
cf-ray: 6e9c9b89eada5bf1-FRA
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:10 GMT

GET
H2 200 layout.f76629a7c033054cfd0839cf00037ab1.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 152 KB
27 KB 171ms
50ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.f76629a7c033054cfd0839cf00037ab1.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449b82a5c12e1cd152503114da60771bd0ca6fdea2cc9ff25fecadfd4b825edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 755979
cf-ray: 6e9c9b89eae05bf1-FRA
last-modified: Wed, 23 Feb 2022 14:24:20 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62164394-25f23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:18 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 93 KB
16 KB 161ms
40ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ca1b58f51144561a8b520521a36e0f8cce7f966e19f8765b249e0edf1dc2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 104952
cf-ray: 6e9c9b89eae25bf1-FRA
last-modified: Wed, 09 Mar 2022 08:03:11 GMT
x-vcache: HIT
server: cloudflare
etag: W/"62285f3f-172b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 08:08:42 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 170ms
49ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 857348
cf-ray: 6e9c9b89eae35bf1-FRA
last-modified: Wed, 05 May 2021 20:07:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fb00-189c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:38:18 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 170ms
49ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1153911
cf-ray: 6e9c9b89eae75bf1-FRA
last-modified: Fri, 16 Apr 2021 14:04:27 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079996b-12b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 11:58:11 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
11 KB 65ms
17ms Script
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 03:38:09 GMT
content-encoding: gzip
etag: W/"8cd042d9f203fe2e01747c7444f95498"
last-modified: Wed, 23 Feb 2022 22:37:16 GMT
server: AmazonS3
age: 38439
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: c3Z3AMEaBfW9WTQdYFOVRKnq3NTy7C_uPHTIlpRQdancyV5Nz5OKeg==

GET
H2 200 access.js Show response
trib.com/shared-content/art/tncms/api/ 86 KB
34 KB 127ms
126ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/api/access.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:03:01 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 00:49:40 GMT
age: 169
etag: W/"621827a4-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 350 KB
83 KB 101ms
22ms Script
application/javascript 2600:9000:224a:3600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:3600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

65f626af7c6ceb0be4d01854190ce8ef617d4f3e5d7b8054975ec622884b61da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
age: 58742
x-cache: Hit from cloudfront
content-length: 83915
x-xss-protection: mode=block
last-modified: Tue, 01 Mar 2022 22:03:56 GMT
server: CloudFront
date: Wed, 09 Mar 2022 21:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
etag: "bea0ec294d839b005d248c5f2635ada6"
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: I8u_LSZ4jeHBRw9vTqfeT48tZFPI9oVuIAhcMAsPo_M99RKF_UIksg==

GET
H2 200 trib.com.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 7 KB
2 KB 276ms
156ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/trib.com.js?_dc=03107

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d885ecc8b3105513e98d4c38306184a15613f3e60984651c8b0cccea1b2f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 6e9c9b89eaef5bf1-FRA
last-modified: Thu, 10 Mar 2022 06:00:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62299401-1cae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 10 Mar 2023 14:00:02 GMT

GET
H2 200 video.continue.a2b66a5f72b8916750786031ff004f58.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 3 KB
1 KB 42ms
30ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/video.continue.a2b66a5f72b8916750786031ff004f58.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1153910
cf-ray: 6e9c9b8b3df85bf1-FRA
last-modified: Wed, 08 Dec 2021 21:26:20 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61b122fc-dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 15 Feb 2023 20:02:27 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 43ms
32ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 51057
cf-ray: 6e9c9b8b3df95bf1-FRA
last-modified: Fri, 04 Mar 2022 14:28:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62222229-9ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 19:55:56 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 39ms
29ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 852501
cf-ray: 6e9c9b8b3dfb5bf1-FRA
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
H2 200 tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 6 KB
2 KB 41ms
31ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15418368
cf-ray: 6e9c9b8b3dfd5bf1-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-19d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 83ms
19ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 16:30:15 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 80ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 16:30:15 GMT

GET
H2 200 messaging.js Show response
trib.com/shared-content/art/tncms/api/ 4 KB
1 KB 124ms
115ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:03:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 142
etag: W/"621e61c4-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
276 B 156ms
36ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1451467
cf-ray: 6e9c9b89fb0e5bf1-FRA
last-modified: Wed, 05 May 2021 20:07:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092faf9-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:38:32 GMT

GET
H2 200 tracking.js Show response
trib.com/shared-content/art/tncms/ 3 KB
1 KB 200ms
198ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/tncms/tracking.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:02:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 18:11:16 GMT
age: 177
etag: W/"621e61c4-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 156ms
37ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1646812991

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ccd91915655443f0694161cc9ca923a929c56b58fac5796e93f9a1a0daafb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 104953
cf-ray: 6e9c9b89eaf15bf1-FRA
last-modified: Wed, 09 Mar 2022 08:03:11 GMT
x-vcache: HIT
server: cloudflare
etag: W/"62285f3f-233f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 08:08:42 GMT

GET
H2 200 fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 253 KB
91 KB 58ms
49ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1175273
cf-ray: 6e9c9b8b3dfe5bf1-FRA
last-modified: Wed, 25 Aug 2021 16:36:45 GMT
x-vcache: HIT
server: cloudflare
etag: W/"6126719d-3f553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:19 GMT

GET
H2 200 tracker.js Show response
trib.com/shared-content/art/stats/common/ 9 KB
3 KB 199ms
198ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/shared-content/art/stats/common/tracker.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:02:53 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 16:46:36 GMT
age: 177
etag: W/"60e72bec-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 403f0a3e-3038-11ec-9219-fbdc15c56230.png
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/custom/image/ 8 KB
9 KB 57ms
49ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/custom/image/403f0a3e-3038-11ec-9219-fbdc15c56230.png

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40f5e0d27b8ea46bf201abaf0142672f50aeb7ea6a15fa92487781831da3b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept
cf-cache-status: HIT
age: 1280183
cf-polished: origFmt=png, origSize=16097
last-modified: Mon, 18 Oct 2021 17:24:29 GMT
content-disposition: inline; filename="403f0a3e-3038-11ec-9219-fbdc15c56230.webp"
content-length: 8662
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "616dadcd-3ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Feb 2023 17:24:52 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b8b3e025bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 40ms
32ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept
cf-cache-status: HIT
age: 878045
cf-polished: origFmt=png, origSize=3610
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "551dba72-e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 25 Feb 2023 21:35:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b8b3e045bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
60 KB 87ms
24ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4814069f22d9d51362e0629e097095853dbd851f213275f402a84c85d1f0e098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61435
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:05:51 GMT

GET
BLOB 200
OK cb3a6199-3413-4249-aedf-fee014a42578
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/cb3a6199-3413-4249-aedf-fee014a42578
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ilad-logo.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ 8 KB
8 KB 41ms
33ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ilad-logo.png?_dc=22.03.10.07

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

656a62e7cfbd270352bfa0ccf580e3b84cb18ff2256277c699a9144edae5db21

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept
cf-cache-status: HIT
age: 3478
cf-polished: origFmt=png, origSize=13011
last-modified: Tue, 29 Sep 2020 18:45:56 GMT
content-disposition: inline; filename="ilad-logo.webp"
content-length: 8256
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f7380e4-32d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 12:00:44 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b8b3e065bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 dfp.floor.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/ 177 B
224 B 23ms
23ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/dfp.floor.js?_dc=03107

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55bd6bea1ac25e303f65c4dae0c1d9537696bb536691f55fa4cc5903177e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7138
cf-ray: 6e9c9b8b0d8b5bf1-FRA
last-modified: Tue, 08 Mar 2022 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6226f0e5-b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 10 Mar 2023 07:12:42 GMT

GET
H2 200 dfp.lazy.init.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 13 KB
3 KB 65ms
50ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.init.js?_dc=1645171393

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 849971
cf-ray: 6e9c9b8b3de95bf1-FRA
last-modified: Fri, 18 Feb 2022 08:03:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"620f52c1-320e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 18 Feb 2023 08:08:20 GMT

GET
H2 200 tracker.gif
trib.com/shared-content/art/stats/common/ 0
145 B 121ms
121ms Image
image/gif 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trib.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1646921151209160012001517882253585&tnms_dt=Casper%20Star-Tribune&tnms_upage=1&tnms_do=trib.com&tnms_uri=/&tnms_ref=&rt=1646921151253
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
BLOB 200
OK 7bc996c7-8201-4c08-b9c5-e551b03b5814
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/7bc996c7-8201-4c08-b9c5-e551b03b5814
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 7d82047e-6d3b-4bc4-98e5-4926d6a4aad9
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/7d82047e-6d3b-4bc4-98e5-4926d6a4aad9
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 71edd9dd-6ae3-4b0c-9834-e0075e2f66e7
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/71edd9dd-6ae3-4b0c-9834-e0075e2f66e7
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1d019ddb-3386-42f6-aee0-5b159a16122b
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/1d019ddb-3386-42f6-aee0-5b159a16122b
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 628a700f-6eec-4476-8182-d49b0c242b77
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/628a700f-6eec-4476-8182-d49b0c242b77
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 72ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

5770f72d26f8dd6f6d49e97f86f512cf2550105ff36c1ba1781d2757bc9e31bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27775
x-xss-protection: 0
server: sffe
etag: "1154 / 88 of 1000 / last-modified: 1646914126"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Mar 2022 14:05:51 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 85ms
20ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 880
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0FD901QGKVV1NJRWD37P
date: Thu, 10 Mar 2022 13:51:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AwQxsmyhC-9M5v1aiTSSiofQYmQipIRIB7aQafg2aXGA4S0pLVxVAQ==

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 68ms
29ms Font
application/font-woff2 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1646812991
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1169755
last-modified: Wed, 27 Oct 2021 07:03:09 GMT
content-length: 26164
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "6178f9ad-6634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b8cbd8c9a1d-FRA
expires: Thu, 27 Oct 2022 15:00:37 GMT

GET
BLOB 200
OK 55b4b50b-8031-467b-a9a3-89c296d2562e
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/55b4b50b-8031-467b-a9a3-89c296d2562e
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
cmp.osano.com/ Frame 0307 4 KB
1 KB 18ms
18ms Document
text/html 2600:9000:224a:3600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

content-type: text/html
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
server: AmazonS3
content-encoding: gzip
date: Thu, 10 Mar 2022 05:03:20 GMT
etag: W/"287b497c992487af362d33204f87d28f"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: IxyW8bnxkrk6zWb3KSW3asgc-Lr4366QfVtHq-MmZ2niESueHLNKUg==
age: 32601

GET /
trib.com/tncms/messaging/service-worker/ Frame 0
0

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 29ms
28ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 51057
cf-ray: 6e9c9b8e8c435bf1-FRA
last-modified: Fri, 04 Mar 2022 14:28:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62222229-9ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 09 Mar 2023 19:55:56 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 27ms
26ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 852501
cf-ray: 6e9c9b8eac745bf1-FRA
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 470 KB
109 KB 38ms
30ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43733381c7dc3759f543e0970352a5457ff9f50f53b976b0f53d887906ec2b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111514
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:05:51 GMT

GET
H2 200 tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js Show response
bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 6 KB
2 KB 31ms
25ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15418368
cf-ray: 6e9c9b8ecca05bf1-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-19d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:26 GMT

GET
BLOB 200
OK dd100105-7535-4a3a-84bf-d57da85f5263
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/dd100105-7535-4a3a-84bf-d57da85f5263
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK b32f61cf-46c1-442d-a24d-18b7cfb99c0d
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/b32f61cf-46c1-442d-a24d-18b7cfb99c0d
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 62290870bf03b.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/60/360d1d80-7b21-51b1-ac1b-9c5f2d60ac8c/ 57 KB
57 KB 27ms
10ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/60/360d1d80-7b21-51b1-ac1b-9c5f2d60ac8c/62290870bf03b.image.jpg?crop=1763%2C992%2C0%2C91&resize=750%2C422&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590126ccd2aef65920d3d31ea44ae95c495cb2c1b98eed645ac67b708b9c2328

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: origSize=58368, status=webp_bigger
last-modified: Wed, 09 Mar 2022 20:05:05 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "d4a0c6029d5e10ce0fd9713237a5a85e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 20:05:55 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f0d145bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6017397e3624e.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/2/98/29813623-3b52-5824-87f9-ea384d8938b1/ 11 KB
12 KB 57ms
38ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/2/98/29813623-3b52-5824-87f9-ea384d8938b1/6017397e3624e.image.jpg?crop=1798%2C1011%2C0%2C70&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dcc0031075366e0a3d31749b6409b52acc1acf3b6400578d7539c9ff967c497

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: origSize=11828, status=webp_bigger
last-modified: Sun, 31 Jan 2021 23:13:02 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "93d1013e0d289e7ab85ade224e029262"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 00:31:04 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f1d4b5bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 61e1c180de0ca.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/da/ddafb1e3-fcf6-506b-8b26-5b92b4ec53ac/ 12 KB
13 KB 47ms
28ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/da/ddafb1e3-fcf6-506b-8b26-5b92b4ec53ac/61e1c180de0ca.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0a28a87b0b94e1164b84e70692b630fb1e941e1171f64b1f9daa0a84d11a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: origSize=12858, status=webp_bigger
last-modified: Fri, 14 Jan 2022 18:31:29 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "d0ccb811c7ad50622f6458d592224715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 00:26:45 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f1d4d5bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 621eae97e3cac.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/ 11 KB
12 KB 49ms
31ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/621eae97e3cac.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef46e87c2064eddde2ec2d1c1c463ad831cd54f2fd1f440d6f7fb5428538ddd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: origSize=11957, status=webp_bigger
last-modified: Tue, 01 Mar 2022 23:39:04 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "4c9502c61a3d01f12571132ea50e492f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 06 Mar 2023 00:40:27 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f1d505bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 622905346ce71.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/de/dde25318-12dc-5eaa-aaf9-d9a065942dd4/ 13 KB
13 KB 47ms
29ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/d/de/dde25318-12dc-5eaa-aaf9-d9a065942dd4/622905346ce71.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed164f1d5d34a2dc860128e1ca51debfbe834ce74845f75137edd3a7cfb79ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: degrade=85, origSize=15598, status=webp_bigger
last-modified: Wed, 09 Mar 2022 19:51:16 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "c9d45b46b3d521a9f19e98987bcae877"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 20:57:36 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f1d535bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6228e2ee8dc9e.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/5/b6/5b6af313-00db-5d59-aee7-14f09286aab1/ 3 KB
3 KB 45ms
28ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/5/b6/5b6af313-00db-5d59-aee7-14f09286aab1/6228e2ee8dc9e.image.jpg?resize=300%2C169

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2387af7359cfa4f8acf87287f35cd9763a4807ed0ea637c7c1cfda9a14dae54

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept
cf-cache-status: HIT
age: 34363
cf-polished: qual=85, origFmt=jpeg, origSize=3986
last-modified: Wed, 09 Mar 2022 17:25:02 GMT
content-disposition: inline; filename="6228e2ee8dc9e.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "7b0da577a5e36238109ff4b000d18967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 22:11:11 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f2d555bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6228d89e2ac82.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/8/8b/88b34b0e-d57b-5537-9cdf-6e65fdd9d5ae/ 12 KB
13 KB 50ms
33ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/8/8b/88b34b0e-d57b-5537-9cdf-6e65fdd9d5ae/6228d89e2ac82.image.jpg?crop=1763%2C992%2C0%2C91&resize=300%2C169&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a71c41c763978beb32e4cf69e3b7fdc567ae69fe352fae1c47520309386051

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 34363
cf-polished: degrade=85, origSize=14950, status=webp_bigger
last-modified: Wed, 09 Mar 2022 16:41:02 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "b19dc46e64ff405acb1a43d7d96078cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 16:48:14 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f2d575bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 62280cb7034ee.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/f/84/f84fb03c-5d0c-5762-ba25-e76b3080992a/ 20 KB
20 KB 48ms
32ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/f/84/f84fb03c-5d0c-5762-ba25-e76b3080992a/62280cb7034ee.image.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c08a49b2a2c62d0c646cc86104f430c7db291d2c716f74f050819a565212f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
cf-cache-status: HIT
age: 34362
cf-polished: degrade=85, origSize=22656, status=webp_bigger
last-modified: Wed, 09 Mar 2022 02:11:03 GMT
strict-transport-security: max-age=604800
content-length: 20716
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "39b60d6991f74c8228ac908fc7666316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 02:33:20 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b8f2d595bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 622929f4778a3.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/6/55/655cf4bc-531b-53fa-8305-11fb1056030d/ 13 KB
13 KB 49ms
32ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/6/55/655cf4bc-531b-53fa-8305-11fb1056030d/622929f4778a3.preview.jpg?crop=1918%2C1079%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23a080940234d03b10c1a20bf0987deeb2023407e167c29054e808eb355e8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept
cf-cache-status: HIT
age: 34359
cf-polished: qual=85, origFmt=jpeg, origSize=14605
last-modified: Wed, 09 Mar 2022 22:28:05 GMT
content-disposition: inline; filename="622929f4778a3.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "ec9b1229c35cff8b4c477c1cdc71fd85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 22:30:35 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f2d5b5bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 621eae97e3cac.image.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/17/7175cd6f-f360-5f98-8432-650d1c051917/ 17 KB
17 KB 41ms
34ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79083466e54242df079c1f8a26f06a76ad40272869bed59d1d4af12f50b60ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 35670
cf-polished: origSize=17530, status=webp_bigger
last-modified: Tue, 01 Mar 2022 23:39:04 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "06caf0d46370f6dc8c55c5ae38ba97d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 02 Mar 2023 00:33:28 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b8f2d5c5bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 108ms
19ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 13:58:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 248 B
152 B 105ms
28ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trib.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

27737a746224f18f95c86e19bbfcb9d01a59f5f14d1a5c2fcf4ea982c4ce71a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:05:52 GMT

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 97ms
27ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 03:02:38 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 39795
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: YiJh2sDDl54kYyusYAYhGRe-Xzm1FU2KMBkJt5tw093kFDtjBtE_HA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1859
date: Thu, 10 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 15:34:53 GMT

GET
H2 200 i99g3gee.js Show response
d81mfvml8p5ml.cloudfront.net/ 13 KB
5 KB 87ms
24ms Script
application/javascript 2600:9000:224a:7c00:2:36a1:2f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7c00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:01:23 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 289
etag: W/"d5439e10177501ec79fe34fba97cb263"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: aSPK7SUePr0SoPXjQK6EN7ANbTGfhLDIYx5Fm-YcURvP9ez5bHX5uw==

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/ 7 KB
3 KB 114ms
16ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/web_surveys.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c890ccaefb37450e0dd87d54a39c457e663b2428a04e62557b29879204f5d5fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:30:46 GMT
server: keycdn-engine
x-amz-request-id: ESE4RNN7RJ2DSA29
x-edge-location: defr
etag: W/"21dff7e6e8f7903213cd6b065ad250cd"
x-cache: HIT
x-amz-version-id: C8suakgjkh.WyX85z3vLphBwEtb3B9cl
access-control-allow-origin: *
cache-control: max-age=300
content-type: text/javascript
x-amz-id-2: TTMmKnD+n3ww5HO8Xpyv1twSu5gcxzxfM8aKFwIc83QM9xBjEqOx/42pUPhMwxsSq5oY/Ojjpl4=

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 396A
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

74ms
16ms

Document
text/html

143.204.97.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-29.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 10 Mar 2022 03:57:28 GMT
Cache-Control: max-age=86400
ETag: "50351b1f6590b5c4886c111874e016a0"
X-Cache: Hit from cloudfront
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: zUm6S0mkLy8PPKMMlVIROjBvI_e8SXxH_CIxjxf4nY0lCRANAuc1_Q==
Age: 37143

Redirect headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
36 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94c3a3f828e4ec6bc25c2f4315c5098102d5747fb4b5c3924d62aff8174112e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36915
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:05:52 GMT

GET
BLOB 200
OK 6c6949b7-c5a1-4630-973c-fc1deaa23554
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/6c6949b7-c5a1-4630-973c-fc1deaa23554
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8de1693b-7fb7-4b33-9560-9df5195e5ab9
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/8de1693b-7fb7-4b33-9560-9df5195e5ab9
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ed096093-c4d0-4fac-be32-48c28cbe2b90
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/ed096093-c4d0-4fac-be32-48c28cbe2b90
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 47de002b-2a97-4ea1-ba42-65bd3b083af8
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/47de002b-2a97-4ea1-ba42-65bd3b083af8
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 57d77d51-dbf3-47df-a9cf-13fe50c5c65e
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/57d77d51-dbf3-47df-a9cf-13fe50c5c65e
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK cd02756e-07fb-4966-b32b-33116c9b706c
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/cd02756e-07fb-4966-b32b-33116c9b706c
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 30b5c2f4-31db-4d1b-8fca-25913c9255e2
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/30b5c2f4-31db-4d1b-8fca-25913c9255e2
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 36f8167f-506b-4842-9818-4382c9aa2f45
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/36f8167f-506b-4842-9818-4382c9aa2f45
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 35 KB
12 KB 150ms
106ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1256986244845292&correlator=3813079512796185&eid=31060437%2C31065485&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&gdpr_consent=CPVpDmGPVpDmGEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646921152607&lmt=1646920866&dlt=1646921150876&idt=1644&biw=1600&bih=1200&oid=2&adxs=799&adys=0&ucis=1&adks=1850792709&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=308653641.1646921153&ga_sid=1646921153&ga_hid=1221550142&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b635363357517bbe1fe516cb3e627921dc4c4ca77873265842e2ddb537414cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12035
x-xss-protection: 0
google-lineitem-id: 5915959080
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383544273
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 18 KB
8 KB 196ms
153ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1256986244845292&correlator=1925696206586864&eid=31060437%2C31065485&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&gdpr_consent=CPVpDmGPVpDmGEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dbreakout_top%2Cbtf%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646921152615&lmt=1646920866&dlt=1646921150876&idt=1644&biw=1600&bih=1200&oid=2&adxs=315&adys=827&ucis=2&adks=934792290&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x250&msz=1600x250&fws=4&ohw=1600&ga_vid=308653641.1646921153&ga_sid=1646921153&ga_hid=1221550142&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91b0a925039c3faf332de31415e0c41c6fe85d5bf50302c68f3ad882d74bc962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8071
x-xss-protection: 0
google-lineitem-id: 5872678011
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376918634
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 18 KB
8 KB 107ms
64ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1256986244845292&correlator=808285783943574&eid=31060437%2C31065485&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&gdpr_consent=CPVpDmGPVpDmGEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=3x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dnative_ad_grid_v3%2Catf%2C50%26density%3Dstandard%26lee_group%3D10%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646921152622&lmt=1646920866&dlt=1646921150876&idt=1644&biw=1600&bih=1200&oid=2&adxs=1155&adys=1144&ucis=3&adks=1964058597&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=325x1&msz=325x1&fws=4&ohw=1600&ga_vid=308653641.1646921153&ga_sid=1646921153&ga_hid=1221550142&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90f333e57c53aa7d89fa392096099546e141b03d7ab18bcdbc6a84aca2db5e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8225
x-xss-protection: 0
google-lineitem-id: 5851986392
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374522554
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 323 B
715 B 100ms
57ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1256986244845292&correlator=4010914608012011&eid=31060437%2C31065485&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&gdpr_consent=CPVpDmGPVpDmGEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=8438%2Ctrib.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D1%26lee_hours%3D14%26lee_day%3D4%26fp%3D138&eri=1&cust_params=k%3Dcasper%2520star%2520tribune%253B%2520casper%2520wyoming%253B%2520casper%2520news%253B%2520wyoming%2520news%253B%2520casper%2520newspaper%253B%2520wyoming%2520newspaper%253B%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&abxe=1&dt=1646921152634&lmt=1646920866&dlt=1646921150876&idt=1644&biw=1600&bih=1200&oid=2&adxs=798&adys=5890&ucis=4&adks=2602136340&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Ftrib.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=308653641.1646921153&ga_sid=1646921153&ga_hid=1221550142&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5d057bbea92b1151a5f2b15e28ce3b50952173fd9bd016e3e03c22d11b5a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F73A 6 KB
4 KB 98ms
25ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Mar 2022 14:05:52 GMT
expires: Fri, 10 Mar 2023 14:05:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 333e14bd-b354-4763-b401-189b5aa3fdf5
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/333e14bd-b354-4763-b401-189b5aa3fdf5
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
527 B 89ms
28ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trib.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5ADC 0
0 64ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstUFTdpFANX94g_OpFygJ5keN6KMM1jChMPzpKF9IrrIrulXgvHl55lalwC-gUdqjeJ4lyFm1dOlWwmtoQ7OFqGuGVsBesbWfNAwcQWuZm6_OOpWN3ooq-m6ylvhgivsytGpqWoWkdlflEUPGsJn_7EEV5jwc-Sw45TErrrCnTMUHAVYQH7164P7tGJDmzRHeVoq5crWz8PzOUYs5A2-VZwDB69mcM-QhuB3B8oOnKS-1R7TH8krl6SvbDdCCyQdZr4SJMDjjmGeMNQvLhfDBhDw0PiV5jLAicma7XfnPDsUtPCRTF3&sig=Cg0ArKJSzDl5hVdhnoqGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 5ADC 11 KB
4 KB 72ms
21ms Script
application/javascript 108.157.4.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=lee_mid_article_native
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-60.dus51.r.cloudfront.net
Software: /
Resource Hash: ee0900e843e2647636742d9ffb71b05586f00f5b6a980c70baab3759fd5e87a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:54:45 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
age: 667
etag: "66f129c089d88ed7c3fc8c79a7de8c2c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
content-length: 3960
x-amz-cf-id: cmX4_b3LAGvjN3211fna9yCAwOh_TlLtBR75Zk0kRFgvhc7p3mnYkg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5ADC 117 KB
36 KB 86ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:52 GMT

GET
H2 200 / Show response
dn1i8v75r669j.cloudfront.net/v/ 67 B
342 B 77ms
17ms Script
application/json 2600:9000:2156:6e00:7:5031:dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:02:09 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age: 224
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0-_kJHwLoCOlBbgidYX9iigFzym6eN_ws1-RVlJug5XcV5TsHOhfoQ==

GET
BLOB 200
OK fecc44f1-1e64-405c-87de-5dbcd6d5313c
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/fecc44f1-1e64-405c-87de-5dbcd6d5313c
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 396A 70 B
260 B 49ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 82ms
26ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600&display=swap

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d2df297341174be85027bbd8afc4dc4f34917eed27cfbc02b3fd37c57f67340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 13:05:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Mar 2022 14:05:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H2 200 widget_core-14.3.0.js Show response
surveys-static.survicate.com/ 318 KB
93 KB 69ms
17ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-14.3.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 277efb12865b473f3046a93f2bee53394ee5e7cae843926cf958fd97877b2688

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 9B441FNDZR5FXCJ2
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:aa4a42d4-583c-4e0b-90f2-2a642323d0d0
x-cache: HIT
x-amz-meta-codebuild-content-sha256: cd348d1ad7cb1a8303de6ce572b60a63ab573f7656ca67883794cc338b53aaaf
x-amz-meta-codebuild-content-md5: dff22eec9f0c4300eff3167f5ab36ca0
x-amz-id-2: 4vHF+FjjxfyUuNa6OQNx++/36ffVIQ17jPDqkD4zOLjJJwnU2zvw7d3tSO2ORUDX3rd1ejTUxas=
last-modified: Tue, 08 Mar 2022 08:40:19 GMT
server: keycdn-engine
etag: W/"1109f47e6379f1c7c0bb6d261aec2cf7"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 011D 0
0 51ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsts_E4KTP_HEtrasCmjcvUio6dfAffkKeUB9S9TpBMtEqJroGHe2OQc7D504PSykGmpz9g0O3FwTNi5Lgwpgv8A_ARD-iSMsLAAvCC1AuxuU8ib8o6OFQqjP2r-ea0CkozAqNjKRNEf9q-ZpZ9DqngKaiIvtAlh8C4VqHsJvYlTYJ4fNpaPMg3GW3GWzNTTP-Q6Wnh6u9rABiKMuKTHILIrJUnX2IndLc_KZnJGwpkrYnUXc8K79dwnpoJgKZu6_4cDpuahL2HpMyFhxDwulvsnhoXeAa9ms3cTIUJ5kEQaklEqKrr8YPaSBg&sig=Cg0ArKJSzGT4kUCVwnqtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 73ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 71969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjRJus7kH6pKwx4VHjRq%2BVCE6kYOaKgQ5W84K5QP3FUG93Az%2F8TEPdKbICPIj9VMs244fuzHBA1aYyYgvvt5tHWBZjEzSDgYGyNSaLebb%2F%2BYoY9qO8qyR8vgP0pFbT9cpwVDMPo5h4JZ68zOD0CwOtAI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e9c9b968e215c1a-FRA
expires: Tue, 28 Feb 2023 14:05:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 011D 117 KB
36 KB 63ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H3

200

11139753753507866120
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODA8dfAgQEQARgBMggSLKicT_kERw
https://tpc.googlesyndication.com/simgad/11139753753507866120

459 KB
459 KB

53ms
25ms

Image
image/jpeg

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11139753753507866120

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3834bc943a706105cd6696a28ab8bd8fcd2f5bd68eae19722840de30ed5445a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 08:01:36 GMT
x-content-type-options: nosniff
age: 367457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470319
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 20:42:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 08:01:36 GMT

Redirect headers

date: Thu, 10 Mar 2022 11:16:17 GMT
x-content-type-options: nosniff
server: cafe
age: 10176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11139753753507866120
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Apr 2022 11:16:17 GMT

GET
H3

200

3307988277885807439
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODomeCQiwEQARgBMgg9QvG8DD5fJg
https://tpc.googlesyndication.com/simgad/3307988277885807439

202 KB
202 KB

52ms
25ms

Image
image/jpeg

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3307988277885807439

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0819c26fec68702f8ff7a0973a41662d9c8626364b112b5eec9d5451308bc446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 07:21:04 GMT
x-content-type-options: nosniff
age: 369889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207005
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 20:42:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 07:21:04 GMT

Redirect headers

date: Thu, 10 Mar 2022 10:59:03 GMT
x-content-type-options: nosniff
server: cafe
age: 11210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3307988277885807439
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:59:03 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 89BD 0
0 43ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJdDLW0pWTLM-5PGhrZxhNzqaC8RUpKSZ2ylsz1YEQsriYOLn-eOWOCpa3TFgYYYlTyNhyVBG7HjuyHe2njuwnBLvaMAvt6pkULvPh0saSL93-Qrswn11P2_gcrNTXRE24y0UGeOy9PzLX3b-Q26LoJYiLHA61mwD86hhEkJBvX3GNq6Gwuf4VdP3SGTj6LIwsbDHdhHv3V_pDY-Q-FulwT21LBlNSFacNU3u2XHKp0hNZWPO5DRhtsYHgYNFQhOKkxLSfHF32c7HJM0Sd9aXD0ZAiRO8FZ0pZMfVO8YmJmVcPOhiS&sig=Cg0ArKJSzBbJupUD6BtHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 smb-dispad_728x90.js Show response
saambaa.com/widget/gpt/728x90/assets/ Frame 89BD 32 KB
12 KB 630ms
240ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dbdf0744a013dc2465064690955405988582190840f3f3b8d79b230f1bab2f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:48 GMT
content-encoding: gzip
etag: "06501db629d81:0"
last-modified: Thu, 24 Feb 2022 19:38:36 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 11515

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89BD 117 KB
36 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H2 200 62299b1ee932e.preview.png
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/c/19/c19b9277-211e-5d27-beef-874ce8c55e10/ 43 KB
43 KB 135ms
130ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/c/19/c19b9277-211e-5d27-beef-874ce8c55e10/62299b1ee932e.preview.png?crop=620%2C349%2C0%2C0&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b2d3a6c1e73324dd504475718352d54ec66b66e8a5f16b3492a49de31d88f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=76417
last-modified: Thu, 10 Mar 2022 06:30:55 GMT
content-disposition: inline; filename="62299b1ee932e.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "93b5c6479303cd6a9da6abfccb213068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 09:37:00 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b96ab705bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6229976cf1bfd.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/c5/3c56a748-44de-5fc2-8ff7-3489f43cbf8f/ 15 KB
16 KB 147ms
144ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/3/c5/3c56a748-44de-5fc2-8ff7-3489f43cbf8f/6229976cf1bfd.preview.jpg?crop=1810%2C1018%2C0%2C63&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=18196
last-modified: Thu, 10 Mar 2022 06:15:09 GMT
content-disposition: inline; filename="6229976cf1bfd.webp"
content-length: 15698
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "e9ef9570d3801b8cb1a79bbe880b9c58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 06:36:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6e9c9b96ab745bf1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 5f0fe26a820f2.preview.jpg
bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/0a/70aaa42a-a73f-592e-b2f3-bdaadca6e722/ 19 KB
19 KB 124ms
122ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/trib.com/content/tncms/assets/v3/editorial/7/0a/70aaa42a-a73f-592e-b2f3-bdaadca6e722/5f0fe26a820f2.preview.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a751af56afc484774a251f070f5f2b0f6f9af727a3d767fb5be28fe8b2b9030

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=19285, status=webp_bigger
last-modified: Thu, 16 Jul 2020 05:15:22 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "8656066b5f080babf5121a36998f9846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 09 Mar 2023 01:16:49 GMT
cache-control: public, max-age=31536000
cf-ray: 6e9c9b96ab775bf1-FRA
cf-bgj: imgq:85,h2pri

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
456 B 93ms
30ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trib.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe25948c39b70de9cb3fedf7dff8845f3ca6571cd4e3d44c17ebd17d40069011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64822
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 93 KB
36 KB 55ms
29ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-TQ9PK73

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7cdbaaf76f67c977f3b4a6906e9f82104a643002c1b73b13f4610be89ba4fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36614
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:80e::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:36:56 GMT
content-encoding: gzip
age: 1737
x-guploader-uploadid: ADPycdvxQ9HQ2dVmcSIlT8zCm91xzgfosxdAeqOugJEthwMvkNw8KcDvuXZWlkBXl3GV7a-CtEARvVZSam6kPKcG6AI
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation: 1613661400000346
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Mar 2023 13:36:56 GMT

POST
H2 200 /
trib.com/tncms/tracking/business/block/ 0
150 B 130ms
112ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/tncms/tracking/business/block/?i=9a5cded3-9325-558d-9343-d91a5d0aadbb,84b22ba0-48d5-5de9-8419-d8267afd85a0,e9353a0c-b35e-55b0-89f3-d62f7cf6c939,
Requested by: Host: trib.com
URL: https://trib.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

real-hostname: trib.com
x-vcache: MISS
age: 0
date: Thu, 10 Mar 2022 14:05:53 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

POST
H2 200 /
trib.com/tncms/tracking/classifieds/featured/ 0
150 B 132ms
115ms Ping
application/octet-stream 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trib.com/tncms/tracking/classifieds/featured/?i=69116d0e-38d4-11ec-804e-33393d70ce7c,
Requested by: Host: trib.com
URL: https://trib.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

real-hostname: trib.com
x-vcache: MISS
age: 0
date: Thu, 10 Mar 2022 14:05:53 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/ Frame 5ADC 253 KB
81 KB 21ms
20ms Script
application/javascript 108.157.4.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=lee_mid_article_native
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-60.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff7cfb9cb22470507879580b814385fe0165be2cf797b43b370a1be72d9ebfb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:29:54 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:26:28 GMT
server: AmazonS3
age: 135360
etag: "ed4c30e50034bcdb125f687153715203"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 82163
x-amz-cf-id: lLtcwWHPN1VfBMsZ0KYuTdVjkzrVGkAn3fejRN3M9e_PcD9cjXwCRg==

GET
BLOB 200
OK e4a851e5-62b0-473c-b270-dcd4c0756f83
https://trib.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trib.com/e4a851e5-62b0-473c-b270-dcd4c0756f83
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 011D 0
0 64ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst_R9q8QWQIhwt3Pe5QrgtRf_8HolZSDYarsW3MFEJ8IsS63pCThtHqOGiu2xfIVvqU_ncSwfXCqNk2kjls09RPX2Uo2OAqufYNH-S10ekLp2LMkBkhEWKAXiRvBAmoBumCBz4a3QkKtZeOosbu1idaciLIzO8xYEvFpfHCKHcTCRW10LXE6DG46PMPp4H3z2LoxTRuFhd_6XVMRVlufvbcYoFh3PTIyVjyzUMs5eL1KUxABEKfnMLaC3HKiW1lDfXUCXZWnfK0LoLuuc7Y2uYbUJlZxGPHIPdAfluDd1OZu9g8llDeKQSMgQqg&sig=Cg0ArKJSzMLXfIBVFyNhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 5ADC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2723d836f454ee6ff14fd559b479fbf8566c46af66422b6e31b48076446de92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 16ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Mar 2022 14:17:17 GMT

GET
H2 200 i99g3gee_content_config_1627585676199.js Show response
dkpklk99llpj0.cloudfront.net/ 845 B
1 KB 80ms
21ms Script
application/javascript 2600:9000:20eb:9e00:e:98bf:5f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1627585676199.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9e00:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 06:45:03 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 14368851
etag: "139043e0f27d6df6fda9a9005cd5c871"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 845
x-amz-cf-id: FxRFWTJfaws0q_Gf9dROvroJi72UlY2wwhjE3jJJu65oDQ5NGdpOHg==

GET
H2 200 i99g3gee_1606137453919.js Show response
dkpklk99llpj0.cloudfront.net/ 48 KB
15 KB 75ms
22ms Script
application/javascript 2600:9000:20eb:9e00:e:98bf:5f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9e00:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 12:51:13 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:17:46 GMT
server: AmazonS3
age: 19790081
etag: W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WrCnlZhJAXH1G3WAF-MOGuKu1ZuSMFi8drhPRMDstGI02uwAvF9fvA==

GET
DATA 200
OK truncated
/ Frame 89BD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d06adaa121f8fc25b69e714ec69d738a029e13a7733753b6dbee752854b601b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
333 B 158ms
124ms XHR
text/plain 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
via: 1.1 google
server: akka-http/10.2.7
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: clear
content-length: 2

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 573ms
122ms Preflight 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
date: Thu, 10 Mar 2022 14:05:53 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 auction Show response
tlx.3lift.com/web/ Frame 08C6 50 B
456 B 60ms
17ms Script
application/javascript 54.93.106.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/web/auction?inv_code=lee_mid_article_native&referrer=https%3A%2F%2Ftrib.com%2F&rev=a40d8c8&fe=0&ft=1&cb=4145875819&gdpr=true&cmp_cs=CPVpDmPPVpDmPEXABADEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a40d8c8472466100a39ccf1a8f985e84c3252b84/dist/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-106-38.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3e07c0ca6f0a2a8b2db8dcfe88721eeb9531625ab1b4c87b54eefba27e3aa68b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:53 GMT
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 50
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e71d8518e840211677103e45de5d233245463ad84edc82d4434bbfe64169f586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62104
x-xss-protection: 0
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5ADC 0
0 39ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvswVuBbC47YlL2UkMHZzuW8Eu8GkRrhTWeFc1TVpDG4b67s15CBVv2q_0aLdTTtqeWMXDri0hWnOv06BjoyY21IYmoE4kozfHnXf2c6Vyl8C7gdIfoKY44b4mDBiKlB1WgiDI8ClJZzp2dHeZoffSHDyLKSowkhTF4Nq-T8JEA-Bzj9QpeOvBzOZ00_dVbupH1mRhpqUSNcaAI7fLbc8y57B7wHgzZfe5S2DNOBu1vbuRSYbq5O0AJ3zwd_zjPJokbpco1jojO7sBKYBTYNEBggQzWyZE3HOG1bY58VI5jNyrZ3p6gpjc&sig=Cg0ArKJSzLCSw1bOA0mKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
am.freshrelevance.com/tpc/ Frame 0459 5 KB
5 KB 132ms
38ms Document
text/html 52.212.62.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/tpc/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.62.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-62-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7a58e7d118df27f86479b9e7a8ee3819e60b7012787ce02caedbfa1d66d822d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-length: 4662
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 r
eb2.3lift.com/ 37 B
140 B 60ms
19ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=lee_mid_article_native&aid=28356408521968053201710&rev=a40d8c8&domain=trib.com&ref=https%253A%252F%252Ftrib.com%252F&pr=un&rr=auction&cb=81590
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 89BD 6 KB
670 B 48ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 14:04:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Mar 2022 14:05:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H2 200 select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 89BD 1006 B
783 B 122ms
120ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:48 GMT
content-encoding: gzip
etag: "02525d0cceed21:0"
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 645

GET
H2 200 smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 89BD 11 KB
3 KB 123ms
121ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 97ded2a432e64f4e5086f03ae1238d87e1e2ffdd63216d068996c566aa55882b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:48 GMT
content-encoding: gzip
etag: "80ac7208c46d71:0"
last-modified: Tue, 11 May 2021 17:36:09 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2982

GET
H2 200 0 Show response
api.saambaa.com/properties/widgetconfig/728x90/partner/trib/platform/ Frame 89BD 4 KB
2 KB 242ms
235ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/properties/widgetconfig/728x90/partner/trib/platform/0?callback=__smbcfgldr578395
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 16d99d2df71528c1bf0308cd213e8e79c52e504afae0afaab8a97a1b32002bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:48 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 1592
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 89BD 81 KB
27 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5770f72d26f8dd6f6d49e97f86f512cf2550105ff36c1ba1781d2757bc9e31bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27775
x-xss-protection: 0
server: sffe
etag: "1154 / 140 of 1000 / last-modified: 1646914126"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H2 200 saambaa_prebid.js Show response
saambaa.com/assets/js/ Frame 89BD 363 KB
108 KB 122ms
121ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/assets/js/saambaa_prebid.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6d69434d10f3b284edb24e748769b43d4f667026dfc91a347958f3d299d14a8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:49 GMT
content-encoding: gzip
etag: "0afe6f5f03d81:0"
last-modified: Fri, 07 Jan 2022 18:04:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 109774

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 89BD 76 KB
30 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3595eeb69a00323ae65e5c65341a78e71b3f4dfa4a913e7c20fdca1abc0e399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30763
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 14:05:53 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 89BD 49 KB
20 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1860
date: Thu, 10 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 15:34:53 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 89BD 364 KB
122 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 13:58:17 GMT

GET
H2 200 get Show response
am.freshrelevance.com/ 1 B
97 B 115ms
38ms XHR
text/plain 52.212.62.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%224km1v2bz65%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.62.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-62-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Mar 2022 14:05:54 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 89BD 24 KB
10 KB 71ms
18ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 17 Mar 2022 14:05:54 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame 89BD 75 KB
18 KB 62ms
15ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4cdf2c0cda0c4168affd0d48822952c8534dfcb328d901d55756d7a900c30e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Age: 2522
X-Cache: HIT
Connection: keep-alive
Content-Length: 17539
x-amz-id-2: RIyg+/9AcJAG6YokifH7Ixg9Xfb61LDAEGg1VuuD+77Ml28gNvRO+FnLdp5ciCqbtTyabC5A8hc=
X-Served-By: cache-hhn4051-HHN
Last-Modified: Thu, 10 Mar 2022 11:58:55 GMT
Server: AmazonS3
X-Timer: S1646921154.224367,VS0,VE0
ETag: "ebe4c27c9b0955f0aeb5f26a23fbd900"
x-amz-request-id: WW6PCTJ0GPRQTVQY
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 72

GET
H2 200 0 Show response
api.saambaa.com/post/storyboard/2602/market/ Frame 89BD 544 B
589 B 561ms
122ms XHR
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/post/storyboard/2602/market/0
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 232bf7998ebafda88a66a06d9c3b238b47df0ae62748a99df119038e965ed2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:49 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 89BD 152 KB
53 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2c6061885137b3affadb7857959e28768c51ba8a535f1d6f2dbc58e5becd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Origin: https://trib.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53735
x-xss-protection: 0
server: cafe
etag: 13635736095999435079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:54 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 89BD 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=290049490&t=pageview&_s=1&dl=https%3A%2F%2Ftrib.com%2F&dp=widget%2Fgpt%2F728x90%2Ftrib&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABE~&cid=737309210.1646921154&tid=UA-172552200-29&_gid=1402984931.1646921154&z=272687873

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 22:04:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 89BD 35 B
55 B 21ms
19ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=290049490&t=pageview&_s=1&dl=https%3A%2F%2Ftrib.com%2F&dp=widget%2Fgpt%2F728x90%2Ftrib&dh=trib.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aMAAAAABE~&cid=7dc7e622-8c02-4c46-a30c-a436c486d212&tid=UA-55160257-4&_gid=655613662.1646921154&z=109458953

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 22:04:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-saambaa.png
saambaa.com/assets/image/ Frame 89BD 2 KB
2 KB 125ms
123ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/logo-saambaa.png
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:50 GMT
etag: "39e0e3a6a83bd31:0"
last-modified: Mon, 02 Oct 2017 18:02:46 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2412

GET
H2 200 loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 89BD 33 KB
33 KB 129ms
128ms Image
image/gif 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by: Host: trib.com
URL: https://trib.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:49 GMT
etag: "02525d0cceed21:0"
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 33406

GET
H2 200 sidestage-728.jpg
saambaa.com/assets/image/ Frame 89BD 45 KB
45 KB 133ms
133ms Image
image/jpeg 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/sidestage-728.jpg
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 87a6266c72bd0c1cfd50b1725c7e3f7a1e87773f0df81d50c4d1d404d9fe7ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:49 GMT
etag: "b83fbea8ad66d61:0"
last-modified: Thu, 30 Jul 2020 20:11:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 46329

GET
DATA 200
OK truncated
/ Frame 89BD 690 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203021325/ Frame 89BD 191 KB
61 KB 17ms
16ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203021325/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a69669a5a840a3b88c0a6a09d414800480e4869b86caa62b2cadf630ef7e478

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Age: 631
X-Cache: HIT
Connection: keep-alive
Content-Length: 62318
x-amz-id-2: fncaEIowuAXyxkJnQkQfJ71ReuZFUO2hvmXIVardDfZqo2KmcQOKQmHJM56pT4GZsApke2I+OuM=
X-Served-By: cache-hhn4051-HHN
Last-Modified: Wed, 02 Mar 2022 18:49:58 GMT
Server: AmazonS3
X-Timer: S1646921154.250457,VS0,VE0
ETag: "d4957d4e1f94bb74a7ad7c463b54f902"
x-amz-request-id: R1M2G5TBTSNP269T
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 2296

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 89BD 292 KB
105 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4824951468046394&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aaca292221d94693d7393d6d84e9cd350483358fccd88c048c9706e002c8400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107532
x-xss-protection: 0
server: cafe
etag: 17717895501999580697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 845C 10 KB
5 KB 77ms
13ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4824951468046394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 09 Mar 2022 23:41:54 GMT
expires: Wed, 23 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 51840
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rules-p-TWKb6gH_3MnFX.js Show response
rules.quantcount.com/ Frame 89BD 2 B
345 B 66ms
16ms Script
application/javascript 2600:9000:2156:e600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:47:23 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: AmazonS3
age: 1110
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-length: 2
x-amz-cf-id: Tyemvq10a5l9MOsA-jk4SG_-YqB4yuyV3hF2oSClOsJICn_PwKESVA==

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 89BD 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvvxDp0dlIsIjj-mRSybxdwqfIm7AyX7otSsJ3KNMdy8qbaHaW3V-A6wpAMc-1pMlMm1gGbyeEitRBKMW0Kwcd4oaxRByGjP0FhykzKYLjGh2K7GdpMx8ngEQBQrXrufbIeORw-xvlTThbl4JhKwwp4Ta-a_cvLpHaJI_A7uvP2ARf2LMwLrIuY5uBXRLanVo7fdij5VSdqjskyqYFqtW5Y357kNgxWAo_wn2JhMgZsPnqGtvgWgFpwjvjVMYUxBCpEv7Xa0z6QY9A5yT-ITpLZ0WUTvB6xAV0QtZc-wIPhj_kluZvi81k&sig=Cg0ArKJSzDJWr1iCQyFoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20... Frame F7F4
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site...
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%2...

163 B
403 B

48ms
48ms

Document
text/html

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
content-type: text/html;charset=utf-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.17.84
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Thu, 10 Mar 2022 14:05:54 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=304339525/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20trib%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22casper%20star%20tribune%3B%20casper%20wyoming%3B%20casper%20news%3B%20wyoming%20news%3B%20casper%20newspaper%3B%20wyoming%20newspaper%3B%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.4
server: Jetty(9.4.38.v20210224)

GET
H2 200 pixel;r=1024739338;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrib.com%2F;uh=u;uht=u;ns=1;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=1;gdpr_consent=CPVpDmYPVpDmYEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCF...
pixel.quantcount.com/ Frame 89BD 35 B
210 B 52ms
19ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantcount.com/pixel;r=1024739338;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrib.com%2F;uh=u;uht=u;ns=1;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=1;gdpr_consent=CPVpDmYPVpDmYEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA;us_privacy=1---;ref=;d=trib.com;je=0;sr=1600x1200x24;dst=0;et=1646921154393;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 80ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:54 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 58ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:54 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
342 B 607ms
175ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 68
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 596ms
164ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
337 B 529ms
102ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 31be57c3a736dad620d0bc011314f0de3e17e05027cfdf67f00047371ebf18dd

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 78ms
24ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 25869f47-c336-4207-a6e4-eb3004129dea
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 71ms
26ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 95 B
837 B 105ms
27ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212cbc7d59ce5bf1%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=b93f19fd-99c3-4d9c-9919-771dcd2dd1be&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

96fab4cb05d555b2d0e10938849a6bc03dc1fee68b59214187fd54dffcd5fe5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 37 B
333 B 82ms
18ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22138b546c904b0fd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214ff7b157fd1183%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 267a9525e3a0c8e65c911647bc8867c5421b5d7e75a6529ef6e1a3ab037dbd83

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:54 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 86ms
27ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921154759&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
279 B 66ms
25ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba19c209b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 138 B
810 B 68ms
23ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

17b27b244541ce78890ad2f466b09c7ae29eda0774e8813bfc6b3240180ab9a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9bb619ec-c2eb-4710-bce8-2723df695d07
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 94 B
739 B 515ms
107ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: ad42b1b4a33db5424147299fbca7cbe6d598f26020233e60b22aac0906411f67

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST c
prebid.a-mo.net/a/ Frame 89BD 0
0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
154 B 77ms
26ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921154768&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 577ms
164ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 87ms
41ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 17cc4e25-4444-4b85-8167-0f6fdd50e10e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 37 B
333 B 68ms
22ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2232bccef009ddc57%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223346a196bee9e8e%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0aa781c4874091135645fca175b7e605ee1ca8d44ae76afeb9541cbfad61a90b

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:54 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
35 B 62ms
36ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba19c229b1b-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 95 B
841 B 96ms
27ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223767595a1de699c%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90b_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=a3eeb9e7-f4dc-4313-9188-7ae98e8c0e7c&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

20ec6b5f5ac6dfa4114e228dd920eef60d9a70eae24a137cdc12f43f01fc6b18

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
170 B 505ms
102ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: add064aeb1d63fb8d2b6191f00e7399eb10c4295ef9097be09a2616e03c35189

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 94 B
738 B 498ms
100ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: af8005399aeee00ed566ef5050f46bd30f0be401efc34e293e9d1625d033fda9

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 100ms
55ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 139 B
811 B 67ms
22ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

14c8d3baa27c4ef07c352df2edeb5e30ebf8315d7ffbc8365c65dbcecfaded5f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 87cd02f1-07df-437d-8fee-6e11ba62a497
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 blank.png
saambaa.com/assets/image/ Frame 89BD 68 B
151 B 126ms
120ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/blank.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:49 GMT
etag: "cebd78f2e7a5d31:0"
last-modified: Wed, 14 Feb 2018 23:02:54 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 68

GET
H2 200 728x90_ukraine_family_v1.png
saambaa-static.azureedge.net/sidestage/ Frame 89BD 19 KB
19 KB 404ms
20ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/728x90_ukraine_family_v1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: b0824285ab642b362c0d255978a157f91aaea39966ab417326018a1d1c8ecb0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 10 Mar 2022 14:05:55 GMT
last-modified: Wed, 09 Mar 2022 18:04:48 GMT
server: ECAcc (frc/8FA5)
content-md5: cIQDXScCyrRkHA+WuI0dEQ==
age: 71726
etag: 0x8DA01F74D026679
x-cache: HIT
content-type: image/png
x-ms-request-id: 907e3562-a01e-0027-7de0-33774b000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 19553

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 22ms
21ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba1cc709b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 30ms
29ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fc0be9b0-00d0-4d14-98c1-1523a5673785
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
741 B 443ms
104ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: d3cb37847ef5252ad9c61519a098c4fbeff1267b899cf493c23f25600a44c411

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 139 B
811 B 24ms
24ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1f5c32affe976b6cb4f952d6cebe1c491830737142c0d2f9ed38a395592e2b4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 92b03960-4255-4158-8bfd-698bc62ced7a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
111 B 509ms
163ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 79ms
56ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 95 B
839 B 56ms
32ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22604e8d4527454e8%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90c_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=0bb9bb59-0f88-4d2f-9e72-a2160e99a529&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

fa707ee33c01d09d80365b33f0eb6edf0439ca14a7113d9c30ebc54a7da9610b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 37 B
333 B 18ms
18ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2261ccf5dca87074f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22629ae55e313b0d6%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4e12626df494f4598866b8de37f0e453fba255fcb18a0c86dcea52780024580d

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:54 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
179 B 446ms
105ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: d81c539d71b3214f7dcae8d432e9cad2bcc4a4fddb40cdcddc94469499fe0817

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
228 B 528ms
187ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 80
vary: origin, Accept-Encoding

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 28ms
28ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921154840&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 95 B
841 B 70ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22704d19b0cc0b7f6%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90d_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=14d7c6a9-7b7d-4008-a32f-46d2647c6b29&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

20fdf5112824d8572d4b88341fa4585f038e826290bf44d84331ffc3f3636906

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
739 B 447ms
120ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 01ba889c779c757c773ee1143971d84ba8a0f510cd9d5ca5891c9a751ef935b3

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 139 B
811 B 23ms
23ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a8ff920fd471e781177603056215924bcad19c510759f55fdc18c5f7cd00c9df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2cdaba9c-4cf8-4fc0-8b8e-788f1a5da6dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 37 B
333 B 19ms
18ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2275fe90cbc648357%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22763daee4fb5dc2b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9551e6cfc2068d1c0217c5edb034ee92051f2d7551f547ee7db33c7f3e295c82

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:54 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 33ms
23ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:54 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7cec2e4f-b415-4bfb-9001-ca327775bd04
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 496ms
164ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
169 B 432ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 26b1d16d68033c1afee8fb44c9f446e50f751419b4d02ee38a83bbabf221764a

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 43ms
35ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
204 B 520ms
193ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 86
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 26ms
26ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba1ec9e9b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 33ms
32ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921154854&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 21ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:54 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 21ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:54 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 21ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 24ms
23ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155357&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
741 B 87ms
87ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b7812716e8c785e9974a1b5668da57326ce2081a1af37b0c1391a1315ee5936d

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 139 B
811 B 35ms
35ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b11c92140f7985d13085eacbfdb314c66eb3726037e662128ca9aa310dab2c56

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 25d5e95a-915b-474c-927c-631f9097e26c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 59ms
59ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4e56649a-3653-4578-834a-b93dd5aba6b4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
201 B 175ms
175ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 68
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 83ms
83ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 26ms
26ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22104136e0651dbd99%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90e_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=0f3f61f5-d42f-41a7-8828-ce1624ed43b9&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

99f6216f99124117e9a49b232e90d7d1715964c013cd8926a716813d93583fc3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
125 B 156ms
138ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: db408facd00cbc891ed09905faff504c60b5973e9307ff66c381136ef92c92cd

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 38 B
334 B 18ms
18ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22107b4cbd28bf3b3d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221080e4f313ec4119%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a94477c41748171efbae9e3d9391a7dc9c249ee66d9d9deb5020bd67cd65f3b

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
59 B 24ms
24ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba51a6b9b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 26ms
26ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 23ms
23ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 58b8bd76-d2c0-414c-a791-74f97b2cabcf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 138 B
810 B 39ms
39ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ce5a6694bbe905248ec43c80f05829d635f176e74742d9143687d108781691b1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b85773b5-015e-4fa6-8554-fe0de7c6ed11
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 21ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
738 B 83ms
83ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e5c6097e158405b67e845e0c1a5da83be7e26f4bb42d982ad1a60ff689f88ff1

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 26ms
25ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba52a9c9b1b-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 38 B
334 B 21ms
20ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212108f68afc6cce4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221223dd6a1f04dde%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a98b97fb99fd446ea808a00c7bb660986666031870f79956ab098099cca0f236

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 41ms
40ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22124a973c81c1ce65%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90f_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=c6f668ff-55c9-4e1e-90a6-f1d08f439ce4&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

16abfcd446bbc34e0b3bb892c8bd795e9d1ee28ea6e3207d73f34ca3a07abf19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 22ms
21ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155384&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
125 B 110ms
110ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 8f416a18e6e6218ce78aa4454b40707104504fbaa1ac3e95568a15aa1610b91b

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 83ms
83ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
204 B 141ms
140ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 34
vary: origin, Accept-Encoding

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 46ms
45ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 141ms
140ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=1852181489077961&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmiPVpDmiEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155404&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=l5xwyyv02al2&adks=889030988&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070271b9bffc4a3e02409037b41d36681695c47c4ee812cf8545f8bdf9a869d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8356
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608329
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B813 6 KB
3 KB 61ms
25ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Mar 2022 14:05:55 GMT
expires: Fri, 10 Mar 2023 14:05:55 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 179ms
177ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2422872964674066&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmiPVpDmiEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155413&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=4mfpbdhygi50&adks=2665021203&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

171a331df56f887192d1264fc8cb721cbb2bdaa289efaed41c78809df43796eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8413
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608344
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 103ms
103ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2842017257388639&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmiPVpDmiEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155418&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=gl2tc8wmjbyb&adks=3436911532&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964d3be9b2d73e7d75bb3eaee3359afd681d240dbbcb945c082f5c0a6b45df1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8352
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608338
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 23ms
23ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 35ms
33ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
128 B 105ms
105ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0e017695837f6bbb6a4e4f86e0c1289f191ec006d819102ca5bcf3b3a6eb944e

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 140 B
812 B 23ms
22ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

36a1cdd53ef58e3e55b0209de42e93b31e5efcd2e010b7cce62255f0883a0ad2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d1922894-2613-4707-899f-ec8adbd10a51
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 21ms
20ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba57b1e9b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 26ms
25ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 099dd1be-628a-4d47-a4a6-01738900e9a5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 56ms
55ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155426&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 89ms
87ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
739 B 88ms
88ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 55edb91740ad6742aa03b040fc75d633310b60c069584020e510c21460f0353b

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 37 B
333 B 19ms
19ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221517dfe85284143%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221521eb8e323e608d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a454a0dab553d1f230f7897f15864b4c9ae6e1c1ddfb5a4d1b9751b6e324fe76

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 43ms
41ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22154b56cfe7a4f396%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90g_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=cc30c301-6238-4ae8-a5cb-3047ca37dc54&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3344ae3afde05c9b109a93724331732b06f08056013b2e96d543fddd25c278c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
204 B 116ms
116ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 10
vary: origin, Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89BD 42 B
64 B 41ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS3mRqgYU7mcA2B_38mm91ITVQ_SK_iP63uEjXAAYkvEo8z2GigL18aEKIJ8QWdFhF8dZzcsJNXDERA05gSjBqCVjAKRtQ8Z9OxYxl8SAh_mSHvwaz&sig=Cg0ArKJSzM_bjMO6Nsk3EAE&id=lidar2&mcvt=1026&p=1120,436,1210,1164&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=934792290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921153038&rpt=1360&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ Frame 89BD 0
89 B 328ms
104ms Image
text/plain 34.231.128.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1646921155469&eid=22886c2d1d8f9a8c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.128.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-128-63.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 22ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 39ms
39ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5aded247-9b6e-4425-acd9-7facf64e2134
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 21ms
21ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba5cbc49b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
739 B 83ms
83ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: d9b4f9c567fd97e843fe4ca8f041966e03bc0ecd1b053ab8c32f3a58b1424359

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
127 B 108ms
108ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0645c89f02a94e3e0bd4ed5257486f135a1e34a0ec6d477d438b041cb282b111

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22166ce977d260b0d3%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90h_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=a4e52078-c4d9-401c-81f8-686fe57abc2e&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

00c7b3910663b00a093fffc89a4a9ee9826fdcf155e697ab6d10c655657ae22c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 80ms
80ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 146 B
1 KB 368ms
368ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fc9cc9d519a531cf13e3c6b32a1f80d8c27f3eec4ea17410d65aae7cbe70516d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 00a550eb-14ef-48c1-adb9-ed7716fd3d7e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
204 B 210ms
209ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 102
vary: origin, Accept-Encoding

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 38 B
334 B 21ms
20ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22173b48894bec8a46%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2217450edfff6b752b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 60ec3708d7073681e872f3a4d012d6594c682863e7e2970330abfe52b701d808

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 27ms
27ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 34ms
34ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155486&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 83ms
82ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2212883998846138&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmjPVpDmjEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155491&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=ey23h4vl1igm&adks=2384033330&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b2fe5455590ee6f78ac6e9de9a75cf4e08268b97bd9e7811e5739ee94c0b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8357
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608323
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1FF0 0
0 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvVsd2PUI0mNvP05444J67q2aBgA4CB14nB8qLEP50IxlhiZZAlUvTwuv4sayqyRyWfBov7NCMr8idgAFxiyoYgJIwDrXscGgq77qMKx9Vvt9MtArjCm3YK-7AMWTk7NN2NYtd3qG9UAnP3PE-NOeziLW9yuvGhQXPElbNUgSTtcKkvKdbc3L25KfY-cNUcfaXHnnzyoWdolpN2sgfJFY4ExE3NUZctIDIl_vOmDTmed6dF64xfGK-9F5UG8UrIHavpYED8l9Z29LCveblZxD8qdT2S9-fzpUxvONBwzFceFZiFKfqwA2MXkZIwZow&sig=Cg0ArKJSzDPao2YHfqeyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1FF0 113 KB
39 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aec6f5ad4a7f0614b46c435fbe8818b359bab6032eca4e91b960c5cb6a0fa7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40123
x-xss-protection: 0
server: cafe
etag: 3998566006582862348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FF0 117 KB
36 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 22ms
22ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 38ms
38ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155535&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 38 B
334 B 24ms
24ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22181371c0a5173c53%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22182c9a74a2e159c9%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 765993382391a24ef0125db4beef96ddf420873f20534f2ecf4173586186d0b2

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 145 B
1 KB 265ms
265ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f70fce2eaebc89b82eb5c2b18deb21e0c787d37ecade18354d9770d8b6364c30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 940028f8-5760-4810-9c33-856e771114a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 77ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
125 B 117ms
117ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 09b853989d60d314cd3f6d2f051929f1b3170b04d75c9ab9b0ede1b712586fa3

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 22ms
22ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba62c4f9b1b-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 29ms
26ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
739 B 100ms
100ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b37cff1ece8f2ba1dca1217408e8b7b17a7ddf1692628773c7ad429338cdd7b7

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
205 B 407ms
407ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 301
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 81ms
81ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c95d3e18-0d0f-44ec-a8ef-e15fb5345e69
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 27ms
27ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222008bd9f3e9c2c49%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90i_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=c81fcec2-90f5-48a5-b849-172fdbf1e31a&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a84a41585f9f50d3a48f8fe348fa2fdaa461e5e797d40c143320d90f8ad86f12

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 22ms
21ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Thu, 10 Mar 2022 14:05:55 GMT
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 50 B
721 B 317ms
316ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 186707cb-3c9e-4f8c-8dc6-0c6a32783232
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 89BD 0
164 B 39ms
39ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trib.com
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 89BD 95 B
737 B 87ms
87ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 23990ef5c842f350e893aa5ffc294182a6d0fe926edea0b16c25969b5d24ab32

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trib.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 89BD 0
153 B 26ms
25ms XHR
text/plain 35.157.98.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=700&ts=1646921155549&src=pbjs
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 89BD 0
55 B 78ms
78ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 89BD 0
36 B 28ms
28ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
cf-ray: 6e9c9ba63c819b1b-FRA
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 89BD 96 B
640 B 26ms
26ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22214d19604b72e615%22%3A%22919a837c9f507393be45%7C728x90%7Cgpid%3D%2F65889844%2Ftrib.com_728x90j_desktop%22%7D&ref=https%3A%2F%2Ftrib.com%2F&s=7df87631-6469-4215-acd1-3ae419922248&pv=8f81ed88-e63c-4df3-83a0-63362d57f6e4&vp=mobile&lib_name=prebid&lib_v=6.6.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

047515d3b75bbac790bc8692f5fb9878b82b542eb0b7ac11a55e401b473b06c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 89BD 38 B
334 B 32ms
20ms XHR
text/plain 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=555399&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222152d9359dab347e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216f346421e86c2f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555399%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000002%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9db18b95776a5a8659133d4513c90a009f3aef773658a631e088f6bc6e5158c4

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:55 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.165], XFF:[]
server: Apache
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://trib.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Thu, 10 Mar 2022 14:05:55 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 89BD 0
205 B 207ms
199ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trib.com
date: Thu, 10 Mar 2022 14:05:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 95
vary: origin, Accept-Encoding

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ Frame 89BD 87 B
126 B 112ms
106ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 1db4a7945d3947cccdf920e32e589e604b931d879fb7684e58fa0dc6b12520a6

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trib.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89BD 16 KB
8 KB 271ms
269ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

33580f66420b0a9c07cc7ba580f294d21bdb9a45fd1aef9ec1ec573a1619485e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trib.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Mar 2022 14:05:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2570d21a-e18a-442a-928a-ad631ae416bc
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trib.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B5F2 0
0 40ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu2CmVZDQzMkzLAyPfOgeogXsyOJ1h6U-jTQt7rtmTCbDSwvkEEObb-xXxmU3M_zpwzBUBRK3cMY_bdWvtHbaKxny10UyK8E-U0YjosUAXzXd5_B0s9JF-c4QhAKnMueqMIhGk3K1FwN49E3f0YeX9ecL6l3RAA3IR6E0z2fwsPOLceDmFNyKMdiE1eefzsFrm_siY4tQlxpMRKe-zfDMXfchW6NNIEgsFqZ7TwATgvvBTPZSKwpQsjmoBpaxGKUmnXnyQIq7i3FAu4-uHUCbyoBRaHq1fjDkZ44DdsaMs2B2uYTnZj-PWGVhiDvQ&sig=Cg0ArKJSzNJolUy90NMKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B5F2 113 KB
39 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd5e55161823cf463c786c0190e8f2544d7106f55aeb11c59f35b039fcf7404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39988
x-xss-protection: 0
server: cafe
etag: 9571886337728803550
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5F2 117 KB
36 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 112ms
111ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2456351247881904&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmkPVpDmkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155582&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=yq3y9juh91b&adks=1326595308&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c840e9e745e975754a8a466f58d4800bc0501f61631c967c88599dbc605bab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8349
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608320
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 95ms
95ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2540603624954199&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmkPVpDmkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155589&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=h70vmvz9bf0e&adks=2920569117&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c5e8d6705bc784966f37616b27cfb2f8164247f6731f53fd67a5e86f7fbe063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8349
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608863
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 104ms
103ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2233516818639969&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmkPVpDmkEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921155593&lmt=1646921155&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=f0dq9qyg7rii&adks=2192087926&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a999a573e106937a2f47a15e81521244c146e507a3f594ebeb7c050093e00cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8356
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317602674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0255 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstjKd2tjAm3G6SMJUd4unKYQUth0RBisrUKRZkk9QyPKLL2lxkrxAB544bzVRJcoGCPTStPKwhuZce00J5voCGfyJfsPeduqkK8QZWJqQOXAmyvF-Zz19UI5fWHcfv_kxhCgsW7xqLszadYpZuM5FlCoUw21qIddGNQQUPPbHKCqdtrqqOr6giaSpV6ENnyfpkjW7bNWHvoixhcv7yxrNHnC7M8iiH_WwYnZFedcnTAuSWVFZ_aVIbmGK5TuAKJhVbWc2RDQkMZ8BQgdEhNFlifYdJijZb9YVo4RDW3XnTOUxQq2W42G85F77PoR_Q&sig=Cg0ArKJSzGmg3FM9NzunEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0255 113 KB
39 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322b20c53e3f913ffd5f63070bfa8711606b962797d9d7a12cbe389c3cf09b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40108
x-xss-protection: 0
server: cafe
etag: 13795019441304303721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0255 117 KB
36 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F618 0
0 40ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuUKs9IW_linJwSRNe67GZPddC95gGLbEfzX5LsyoHGfolxwnAF7AHNEXvhc8WyjwuWpbNpYFovw-IbmJGgmibm80ewa2cn6vZANJdNAU1gXkoirtUlF47NnbM5kqGLxEA5HJoIw1JfgDWRK7s4y-18OCM_sRQ5JuFO-g6MvtclcaXK4p68wItrssy4mpZ0XQs2KtNcuQtTJK3NXzOi3QppeTZkuVdLD_53f_KK13JmR3MBoEHPBqfHC-oExwVsB6UHEjp4xXp6b__TktJk5mDF8h9g9fM05vy4Zwah3c6Xbv8oXb_H6AkJI4nqLd8&sig=Cg0ArKJSzJnI8JTVWtlKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F618 113 KB
39 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbc6604ca3b2cba8f35170dd15c368e2243143f10789ea5ddba0b806090c69e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40113
x-xss-protection: 0
server: cafe
etag: 5244964672292757196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F618 117 KB
36 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 1FF0 292 KB
105 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aaca292221d94693d7393d6d84e9cd350483358fccd88c048c9706e002c8400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107532
x-xss-protection: 0
server: cafe
etag: 17717895501999580697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
DATA 200
OK truncated
/ Frame 1FF0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e910a91ab32b0c0020d2a755c8de1e9984d89ed44f641e93ed78d752ce73117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ Frame B5F2 294 KB
106 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065595

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

754c0c5c601794d13d7fae6c43e2bd7618190a1abd358bacdb1275b8c84b8fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108388
x-xss-protection: 0
server: cafe
etag: 7127549866840692014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 0255 292 KB
105 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107520
x-xss-protection: 0
server: cafe
etag: 11400439825139180766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0E90 0
0 42ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssKnD0SOD-0oYBxQqrbW2KepnRL2cn5fZrjkJZkt_lGecUnU1ePm9WRq17B-4lXorHwTRKvesg0tcu5Wm85744vcL9jTBpVnIEdln7koL7npQLlvkxPZXNHAzsrLmXLPDvLdJXzE_3024fcLJgtRl4zom9meRdsty_JVpW3vJ79sPrq_WE8wCmwAxzqayDGKviuG682-DdpRdXU6qytJFQCnwrT_Jquvf4AbB0-PxQgmZwPh1lwVh_aM_CTWND--3LfzSbzWQ2NTOSWLk-t8hgaa60-oDGk2CHIW8pb_HCEaah3Gxp9FVDap1Cholo&sig=Cg0ArKJSzDll4dWHJnyHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0E90 113 KB
39 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8620cc7478cbd189cb5818df1d723a5d1eb98864d827693068f9d80874fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40101
x-xss-protection: 0
server: cafe
etag: 8472261353430427937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E90 117 KB
36 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
DATA 200
OK truncated
/ Frame B5F2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 759843add8c11b6292dc0164df3616da44dfcf6ab67d24b863d5c27539818614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 57ED 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuV2UTx4ixHq3qmBJbw-DJ3HNBsxzDkEM-5_JZH_igvX92uqrJ3MaJtSgDsdT-jWMxeFoT5PsDd_EpMT8EXRd7755mp-N4paXqmILdBz7qm_aYx5S2D_6KZ8QMZ6VDRHVpYd9WyNXoDj-VC-dTi--Zp7Q7EBL1IsRtp0-v3JAFsjANoyyqS0JidGBjp3qfTXZOgZNWJtyIm8ndjfCXxn_TaH5Ixr7Hf_Mc_DBwR64SNz1a5nWfFTqIYg8fyPiu3LFu5xw5tMiOM97jL6NyUblxs4wsquaT3yOqIDTeE-SqIZmt-XiKiQJsQ228379o&sig=Cg0ArKJSzIUGnrqOSyutEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 57ED 113 KB
39 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec37472a7272005528083fc9f09fc3df446595edcbacbcaac2dcd0d2793e424c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39977
x-xss-protection: 0
server: cafe
etag: 13261752470082853691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57ED 117 KB
36 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7A86 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstgSU1aKD4afYBlmvCNFM6ReeQXuhecWnNlt9sK36IPwRrXS1zS_LUNKfJEn8M4EQ1giuoOZK6dkRuxlBzdQFCr7QpZMk_JcKMJY5puUTQpF5jIMgvqxg_UPkslkP2TH3EjYiM5ZWAlcUJQC3JDlXTtYJ-YRjy0ToYenjSnRGRoYXQnZSEt0qPC6a3TVj9kUYh7tcs78qYr_DvUVzM9KIu6EL5zhS6t1KxHoiWvazJsGS0Rkfe8zEaO7JkHkpV_iBTGzL5lI32ai0AP4dNlEN4JRgkwNfEMoNLuklzU1syoTBP9YOScd53zosSSoEw&sig=Cg0ArKJSzB_rbbxQmmLyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7A86 113 KB
39 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322b20c53e3f913ffd5f63070bfa8711606b962797d9d7a12cbe389c3cf09b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40108
x-xss-protection: 0
server: cafe
etag: 13795019441304303721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A86 117 KB
36 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
DATA 200
OK truncated
/ Frame 0255 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c284f93c368a318a3a30132edd6c2c4320dc9529521678b46c39d93be538c9a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame F618 292 KB
105 KB 52ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107520
x-xss-protection: 0
server: cafe
etag: 11400439825139180766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
DATA 200
OK truncated
/ Frame F618 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21264b113de1de0debc5e7f594a2055170a3c0c497e3fc71b6be876a8565918f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ Frame 0E90 294 KB
106 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

287b9c0b8d0a987622d844e908faf8294cb6326dbb486e9dae40b4768055042f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108467
x-xss-protection: 0
server: cafe
etag: 13933622852827831080
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:55 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1FF0 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvGWAdfq6d7j53Tu1FaXkf9SgtAjrNkzEQKPsHNrB-aNevT8k8OiyK5UHIY9WNsIimBgRbk_UWRtDxLyfU2uwORWGZCCCSWGPyqWAIrzRFE8skE6AIQRp625DxZi9flYJEYRTY6qE5tCYmcKEUmAs1ehA9rpgB2TnSYkN4ietcT564u9X0t2Dzn8K5pvQCiNDGSm7niccfFuI1T0_DZzK7sx5m_1vxW7pQvGpbUNkAeZU0UpbOS9DlZlMXnqxYRiB8XHLFp8f6GCx73Gja3jE45WCFH6r1HEMeAzkRBmfMkVIcMr39j48LTIJbeBtpkcw&sig=Cg0ArKJSzBwzluyZ1TBlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 0E90 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6000da83091bc67027a9b6e6ddf854920ddb8f5b349f2625c54e814c3886f3e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0255 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstOCJnna8sLsjqrgr5hBx2LY62NLYHB0ZGLIguikm1ATO3LymuxBMRJqt0u5WX9C80v9Hn0ht4rMiIHejCdjvBwvdIZs2z76vQ-2W6itA8G9cYaxlIigUD1Ze10_ggQjfXMvzErtFMYOVYbubZdNWGJTok5S_KKzdDG5W9_8cUiOGKmb-hz1EDwqnrmE9lIn_VAVGYllqOciMIhLwNNbUO4TXIaWMzMz4lNVE2gzJ2dwwlwOsXXQWgc28z8oj0Xl92wsC0kt9xKFnWZOAoi5zTBnVeQTivV5MP2ARBuJQcEjJ8lJvjjtuF2va1P8ylTQw&sig=Cg0ArKJSzMNKZQmzYefYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 165ms
164ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=4377985709764389&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmqPVpDmqEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921156267&lmt=1646921156&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=hgjyizxwifp9&adks=719928629&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H9yjKVdQMpeBWo8mCKIhspEmf46MzmBPjRtQcvy2tW5ZFtM3u-4T-E2uROGDOPD_usRfjdZSvzg3q0KLuaAKTe8RoOo%2CAGkb-H8X6dekBXYmV6F27X5Issm-JZ2ZEGm_uF0uDnbg_fnPPkJan8AIGqu5if1KvGN4_gv5pmQ_WMMHAKf0t1Sj8RUOX_4z%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R%2CAGkb-H9mvF1fxV-_8mUVqw33e14T_BXXsx3x6ZtShafJqldoZgSSkApHyJ6UChms1qQ7OWfrSEZVXFTRJCAUiB8NSIw4taKz%2CAGkb-H_Vzj-sRifZPEf4UO_BLKhlXzaLVW57r_0zErN5rxap3McSnDHI-uvYn2pR2vk3dcVWEzLxhAzsXoJ0uBm3PZ2fmhb-%2CAGkb-H8FZ0uWbhMr27EWlJ_qt8EJn5IhKtf7yBAa25kmM2gUMROZGoknss20qBF0GWcRoLy86bv3UF4uSaP6AECS6IfzcwCZ&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9291154d213b1cdec03d46aa4322cfe346c67b9d95bf13fbe46a1328c4f3cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8364
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608854
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 66ms
65ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=2598184089476711&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmqPVpDmqEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D232448be672b47e6%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D232448be672b47e6%26hb_bidder%3Doftmedia&eri=1&cdm=trib.com&abxe=1&dt=1646921156273&lmt=1646921156&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=11g1456tovm5&adks=3366251554&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H9yjKVdQMpeBWo8mCKIhspEmf46MzmBPjRtQcvy2tW5ZFtM3u-4T-E2uROGDOPD_usRfjdZSvzg3q0KLuaAKTe8RoOo%2CAGkb-H8X6dekBXYmV6F27X5Issm-JZ2ZEGm_uF0uDnbg_fnPPkJan8AIGqu5if1KvGN4_gv5pmQ_WMMHAKf0t1Sj8RUOX_4z%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R%2CAGkb-H9mvF1fxV-_8mUVqw33e14T_BXXsx3x6ZtShafJqldoZgSSkApHyJ6UChms1qQ7OWfrSEZVXFTRJCAUiB8NSIw4taKz%2CAGkb-H_Vzj-sRifZPEf4UO_BLKhlXzaLVW57r_0zErN5rxap3McSnDHI-uvYn2pR2vk3dcVWEzLxhAzsXoJ0uBm3PZ2fmhb-%2CAGkb-H8FZ0uWbhMr27EWlJ_qt8EJn5IhKtf7yBAa25kmM2gUMROZGoknss20qBF0GWcRoLy86bv3UF4uSaP6AECS6IfzcwCZ&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8410afa5c78bbca797d4fdd48428dc977da18ae43a1545ac604ccc790210b8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8354
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608305
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 89BD 18 KB
8 KB 151ms
150ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1716881636074419&correlator=1277867252988562&eid=31064150%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&gdpr_consent=CPVpDmqPVpDmqEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&iu_parts=65889844%2Ctrib.com_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&sfv=1-0-38&ecs=20220310&fsapi=false&eri=1&cdm=trib.com&abxe=1&dt=1646921156280&lmt=1646921156&dlt=1646921153038&idt=871&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1120&ucis=i3kd1bnlp1z4&adks=4028002665&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Ftrib.com%2F&top=https%3A%2F%2Ftrib.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AGkb-H937Zu3H7KJJLVKqbzCxkxEEbqN70SKWMY7iypquoxMtqMPDFpobqwkj-O0PBeut-U22kZ8u5q4zsDuxdxIAxYL6pdk%2CAGkb-H9yjKVdQMpeBWo8mCKIhspEmf46MzmBPjRtQcvy2tW5ZFtM3u-4T-E2uROGDOPD_usRfjdZSvzg3q0KLuaAKTe8RoOo%2CAGkb-H8X6dekBXYmV6F27X5Issm-JZ2ZEGm_uF0uDnbg_fnPPkJan8AIGqu5if1KvGN4_gv5pmQ_WMMHAKf0t1Sj8RUOX_4z%2CAGkb-H_DqYF8Apj5mpxZKNWnyumx67vJNM2aw59K-9OGhByYrZoKkJy-cw7W2Z9Pewg-hYyynN2ZI8B-3RnndwXwiFFULG_R%2CAGkb-H9mvF1fxV-_8mUVqw33e14T_BXXsx3x6ZtShafJqldoZgSSkApHyJ6UChms1qQ7OWfrSEZVXFTRJCAUiB8NSIw4taKz%2CAGkb-H_Vzj-sRifZPEf4UO_BLKhlXzaLVW57r_0zErN5rxap3McSnDHI-uvYn2pR2vk3dcVWEzLxhAzsXoJ0uBm3PZ2fmhb-%2CAGkb-H8FZ0uWbhMr27EWlJ_qt8EJn5IhKtf7yBAa25kmM2gUMROZGoknss20qBF0GWcRoLy86bv3UF4uSaP6AECS6IfzcwCZ&ga_vid=737309210.1646921154&ga_sid=1646921155&ga_hid=290049490&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03996a64e64f7e2f44690c45024715a96e5b335f7ee3e4d0c9f60af8136116eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
google-lineitem-id: 5428139209
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317608335
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trib.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B5F2 0
0 42ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvR_hXJJYxHty6wBRcMLZCgXvrzqqQir-k13Tf67Ll43baZQAP1LrkTxtVn0x1QE9mwvuHdbCaXXGjsYzegdcmyCoigx5LhBdB-B9Lk3hf7wB5A89dhm1N-HZav2A-FYKt3kXhBRLmfKqyX6jp5rvgGoekeFWNd5Ny2Qr0g3W5GGUadkQrjAO_G3EiuXVAPckeWRPi0I3DDtJ-sbKmJooOl9xsAxgdAZf52nXYIr4oP7ZKD_WAQl8S1ZyYIDd_ABEXU_ai5z0zU4hbbgPLeusX0DDYbevDF9Y3fsJvAycTkKD8Xiqj-2lhk22e_UtbP&sig=Cg0ArKJSzKmYbirdnaJwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ Frame 57ED 294 KB
106 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5bb8b3a217ffae9a01543f6ca655af5dc4d01ccf05b2bdd3551558654ae5415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108377
x-xss-protection: 0
server: cafe
etag: 3123070418808643221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 7A86 292 KB
105 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0953933381f78baba64e98cb1565cf7b4db9d756d03af849653bb8dffea1804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107538
x-xss-protection: 0
server: cafe
etag: 16506863920757236403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DD31 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvbGVvCLnGMEF6K4hwHov0TCiUbjw1Z3hAUVjq5sbsAAvz5JG4ZKMuCLQarnamMbiEpVjr79CSjcL_49x6aAU-DHK_GI8N7Apu1M90VDD1Hkfxy_liGSqtWAsdP2C3CkbU7ApLwqwyLVAoNAClVi2Y6loe4i3mcF69gZdwAbBk-6z5gw_AFwP8k3UbLGU4ojUHgZGiyTNP4PR-FtO5sodUI3bcFPC_cFfnjTHyTmXzsnd8sAvZRJ_j946RfipQ3N5q3DShPvNFOgYvIUfxA-mmfrlulDwEjixeH_t5Lggw4g1Q6x6BuMYucajtwL1g&sig=Cg0ArKJSzFRvQ7TDtevsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DD31 113 KB
39 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57465cd855e95ab73f93f465a2d9f0da5b9fdc6b24670a9d708686ff6e604a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40105
x-xss-protection: 0
server: cafe
etag: 4425135614773343966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD31 117 KB
36 KB 49ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
DATA 200
OK truncated
/ Frame 57ED 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 244b25df22cbaca5a1989be7b92b080000fabee139ceb4f32ed4fc9ea2ea062a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7A86 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e741c70dbda40821f64160090ab5b26aa40c9a832f4369e7153c1f55cd8bd97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1D64 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvdkt1yco_kSgB--pO0nl6NS1xCDFm16mvMLnB6ozcxerd9pl_ObHtX7MUddytio0AjgJGvJBovuG_dVPlrTYvPsXsIIyssrxuPiHZurjZrLbb_gRNHRLl4ua3XGxWQ_zr-Q65EQU0v5bQP1zBSTi3-qXftnVefsNvxYrPM12RjUCvfP6R3cvYQrDZbIetaTIyM4GPc3oxHS_w_yHFT7zlhycZku3GxAzzGggGqUW4u3iKQuqnFn_MX_hhlFjjt9w9hjdDEh1VjS2GhHz_cW45ZNGlMV36G-LFScQRSgmPBX5PCk98qiQtI9IBqTdc&sig=Cg0ArKJSzG4hvtc1nUe9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1D64 113 KB
39 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b40515f179f174aca68a3411ccd989cff2fee0b9a5b897483da509d65e0c37c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40119
x-xss-protection: 0
server: cafe
etag: 8055325326984519804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D64 117 KB
36 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4F53 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvayG9lUkLVr6-pcb85ALawFJrzKgh7v40lBOP_cJIQshBHp9ybUpMtknMwsp9StnusnTRYjITPQS7u5vMmeof6W_cheYSS0nUUHjZHOqYracVSaSnOsjSgFmTvplE2lEw8Ebre2Nps4rmQwW6kc7pXdB3P7ObsEh0MhBy9Z56WeTU3tvELDSMQnk_cozdZv4wHuVMJN7jZzGbejDPat65mF6swwLgh7s9RWYr-5uxYUfYtO7axsyzQT5wv0I_CrvBxbBQRxaCTvBCsMXyModJeelgbOWeXpPZpWZXxt5VPemphJfVqx1CpchC0Ddw&sig=Cg0ArKJSzG-ONQuUSrknEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trib.com
URL: https://trib.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4F53 113 KB
39 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e3a614a8989051e38ee838cf8bdbfbc3ccab6d8de23f17c78a0f72037815b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39984
x-xss-protection: 0
server: cafe
etag: 10839426704061353683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F53 117 KB
36 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F618 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsub9Vb6jRmHfSWc6YopaGmndaAnvchIaupSX47AsBlvo1cFLnx5mj_-VY1yxWZm7XWTLlZmw5B_jZK1Nr5no7grfdPbkaorktiP2X5iapG6PjlJlwzMt1YHDHtBrMRC96qQhJsFII9vNsncGO4HLR-TtyQWEdczyhZUsk1KURDkVY-awKB1zjW6fEULFyHYRJ2fPz_0F7TjUciCyvK4WcqzA6PQVVNgRBiPAPIwn1oFj_QHRYsqk6sbDTRGMb8F-Cy_USi5uqZM2YM9YHtHvb2Jgw7mUFjcnc48i1oKGt_7QzZOMJNhvRigMjs3PqCp7w&sig=Cg0ArKJSzBKSe4D8vSp9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ Frame DD31 294 KB
106 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065574

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59f87480ecc4abdaf8258e2bc6e10b25a04e02967d1a4f4890b931bef6f334ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108450
x-xss-protection: 0
server: cafe
etag: 16269122359692939420
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0E90 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv9-tMFoTlPm74j5CqEu6drYWRUqWC3hBqgrW_erhPKzpu-ZoRtIStGf-uT_3CjqOlQLlFHEtif7lHuqS0iqWrlB8jsrGWRDuiR_c36LGtoMqdCXumt_nqZpL8YmW2IRSt2g-JDAxeTNjyv67h1VP5DsLLrct0mRptjRhh1uo57GHEAa8hSx0wLziTlBrtl7K_fTKItRFhOrvAgP4-dOzOko7iCvsUZTYupcBodROhaMKdroswbJ7unB4QAw5pZdDts1Fda3XrjvGxvFkwdxU7ZpHlWCgPXTykfQ9W7NHTjV5cKHNP5vrxxNG_mNC2twQ&sig=Cg0ArKJSzEXrH8pGtssPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ Frame 1D64 292 KB
105 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0953933381f78baba64e98cb1565cf7b4db9d756d03af849653bb8dffea1804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107538
x-xss-protection: 0
server: cafe
etag: 16506863920757236403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/ Frame 4F53 293 KB
106 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6552175488733768&plah=trib.com&bust=31065596

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f981e41d6d11b8262240ef72a4f6616f64dd091d293f53ad05e79b96d4050ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108327
x-xss-protection: 0
server: cafe
etag: 16641643636793502790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 14:05:56 GMT

GET
DATA 200
OK truncated
/ Frame DD31 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4689c127ad7cffe863c4f0e582d9b8830261d486a97a77fd8a9d1f69ff37da54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 57ED 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstQB4U8GxYq6UoJ0qtaVhAtnSDWGzoAuI8qiKvLXMlYA_jLjWynpbM3Ho0Ynm5wZhTvC-p550M0OWajSGBkWKBCnKr9xX51bmPe0A5bmWB5CUFW2SXVGlEkG2IqnWc4ascX15memm0vV5de7XXEgC87bIY7LDhE3jLFkJIh0-zWtuihbCz5OY6IXDYMiuzODqKWdfJ45cDJECrFBzP2792Atj6aG8mT6VSupa3q27YxmUxV6QiBdjsiNtNh96DlCvR4yZS5pukjm4gFC6qeL8EV8r5P4Q7IEdhiN9vC_6HTL6XVUitKE45sGN3-ygLUOg&sig=Cg0ArKJSzOtsSbnLtXKREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7A86 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssoeLahcXXjWLoVGRLRfmca4WptO2y8HlMKWcas2hcwS-IWsOgAtk1OTX733LW3Xp8C2nvWmo9zJTj0_R0lVXes9RsfcMYpIsGBz5xX6HBWXrBK-0S7zKZDSejqtlepLfdE-oChsZ7jFGjHyp6VeNXHnTbCc2cL5YaUodtXkD_1V0TUNP8nqF73mNgnESKFpD6PziJZMgAF8DEQbfuZUa-FDi6UUxg_kN4w3Gg0B8AMf5N2XJgkUNMvNFr3EaT1ZVF8WbF3UJxx4QU8kmcxhsnEju8aT6MkAKhb3KSxjGKZux5tHnW4IXa0AH_QIWogRw&sig=Cg0ArKJSzKVMiQi8wTlQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1D64 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce85f1e06809b0719956bf80e0ee1ed789be701c523b0a1655fd6e02290a2407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4F53 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e940474269bb3f106842a957ddfadb0ea6830c191de6a5147e3c6725bae6f670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 1D64 0
0 39ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu6Qj0LaBiud6AsPaUNMu4XoqljQ6jMcdE-oBZPbYZbhN65FKeEImI4HNxAbhz9jWQLax4twa13zxm360nEvllwRLeL9QesCBC2THbh79GjRL2SOlVk53QlnrMYHvh0RD0Hxo6VediWwjGY924MvsX91xwam4_EWPbL9VYRr2tQthj70RMtBZJOhClredg_k31WadrtUWjvqkNwJ4yXr_jZ6pzJ7i7wudpF4spgCZWIS4VVPr7-EXkrc1f6eZOAFIpggYW8o1ICJD2yi0mGFxnNEpBwNWEVhr0Qn054t59EfKT3LFeJUnuq9nV9XiyHhQ&sig=Cg0ArKJSzE-heRqeQRS7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DD31 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssXzOoXxDsegH2mj2GAJI9QKBdiL8q3E98DvSLfJfusv-Q-fl7AG2E6m50kveqTwMsrR4Dx-dP_EmQaCyexP0mUaIZLsz9LQ6KxiRFaQA3OrhXnF3loxkxrinOz_vwQ3naWMH-NgC0bE6H4kRAuK1Rq1-7sH1_ok8FotAtBHFmcG7AghDFwP-Kzx9OEsxvFDx4SSTEOjJbkrR4DCrh9GfMQmbGAhPkYlnW2PcP06ShvMyJGMtwVQYR_Ve5jwS1vZMg2UnQIV4lBETYE9YBTMbt-o7u_ndtSvGUznIQovnyrZE9djWhda9JXi7ZU5yPEgA&sig=Cg0ArKJSzAahzh7E5qKEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4F53 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuLWkKJ-mSJSbHIN46la4d0HvrFTi6J64G8L0p1BKPrCl1mtlvQ5H3QBzcetArcRFRxfd5QfkMc_CyRCZy9zQK1CtzCUp-PbWvubG89ULYAh7TLdTmP6NHPWM62-UV2Sqs9Vjk8l4Ssww616giTW8rRHzi6G4bz3md82JXwXQe4P6mkJBE8-KSearfhRb7ndZ2Oh22D8n_89qG3-0_S79brVSBivuPX2buXtoTJF4m4NOXKwGL15tp_GhWvpfHacw97IG8aoSnH40FQEtjk0xAMywKWFKddek0vSAqJNW4eHsc--_M5zHFKLjXikWHaGg&sig=Cg0ArKJSzFL2ZmM8xF70EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FF0 42 B
64 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss86qgUqU54RbJZOy4uTkxR87W94bc0EUZgYiZ-lo3d9tewdgZCKUAjJBIKYrLPwV67hGAgkPYkNcnepulPqKldGB5gGPWIgmGoURyKz5OgmCwXxlx0&sig=Cg0ArKJSzHiJg9p5TqqNEAE&id=lidar2&mcvt=1053&p=1120,436,1210,1164&mtos=0,1053,1053,1053,1053&tos=0,1053,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=3436911532&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155530&rpt=680&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5F2 42 B
64 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtVrseIS8C-joKh8HkWjTqkC2A-4GvCWZmwpIkLc3b6hyCiCYx6V0pHjGnd_miu0soM3Fa6BMgvV2R_WJvTU-zhXe50wI6b6riXe1yY0D9NdyBVG7Y&sig=Cg0ArKJSzIKQ2BGCnHotEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=889030988&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155571&rpt=721&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0255 42 B
64 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW-bbEGMTIpS9J6Dr_1uyI9kO_W03bYNGARLXPPtaG9c_hUn9k3jCx8ZJvSwPUYyasufFMwFvSRgTzF9Tm02Wwxpxio6BlX9OVMacIyibpt2UY9_MI&sig=Cg0ArKJSzH-BYvIYCY0OEAE&id=lidar2&mcvt=1003&p=1120,436,1210,1164&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2384033330&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155615&rpt=645&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F618 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHuQt9qeV4vn-lC5WC75PIM106xNppuyuBF1GE8GvMLG0fQx4IatngaT6pvBAZoqMH2j8DNS6yvtQb3pJRssfHa5fEY6et4BUW2lthV4nKcygCZ-Dm&sig=Cg0ArKJSzGrA59JkJ5ryEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2665021203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155634&rpt=911&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E90 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukW4QV15xXVntqTa4S3QX-D_PnpkhHYTERQM246RZnrZr_BxJzD0EpXnVzz5Sk-Ykkisz-hrnoNA22HLXvZj-piPFHopsODZezhK9N4-N0CC_YorGy&sig=Cg0ArKJSzGqr3VDU3H_EEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2920569117&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155739&rpt=880&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A86 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn0Y9NXywneKqevMnE-1KyhiDRAesuS_ZTqoNsXXXIc-GTQJPMTnfJOwKLKzRJc1XkMkcs92Uy81DMTXLUBzchi0Xc5qoEKifModv0Le_2lwU01_IH&sig=Cg0ArKJSzA6oeqah-4CREAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=2192087926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155790&rpt=1017&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57ED 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDz6yna7r3hRsSOLlmEanFh2RuRWIvW2QWQ8pFQWJO4icuC6QrYQozgo9z2fMufwxnIKRGZN0NzZaNJktfVGa4448pobBDWjSoY37PPq1KJSE88WnS&sig=Cg0ArKJSzKlB25FLefBjEAE&id=lidar2&mcvt=1003&p=1120,436,1210,1164&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=1326595308&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921155773&rpt=1020&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD31 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuioptM50tjrI0YahANtuBO5avWxOz478Ln4fWF4vBTUfIztoHqnRGxsofJ_P78kmca2kPQloq6WrXmQFSGkYVFx81xLHtSzyzLo7zFLbuiAZt1GKiz&sig=Cg0ArKJSzM1ZwNAKp-AIEAE&id=lidar2&mcvt=1000&p=1120,436,1210,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=3366251554&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921156365&rpt=548&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D64 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxzi3fbZLvn8IK8So3au0YR1yekbzqCw8jjRwjm9NzVhLzafDE7Rz__GGh0gG66bYBIuYtRtLRb0CUlnOoQg0kURgYLiO3fnZmduPQlZhov-66eZ-E&sig=Cg0ArKJSzIPNS88KPKFVEAE&id=lidar2&mcvt=1001&p=1120,436,1210,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=719928629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921156493&rpt=413&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F53 42 B
64 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstK2aWzxbqrZ1_oGnAX8MxZx9ZcktAS0cHn_XFhQSrfc2L6498UbiLrZCIeAZH3T1xdrT-CsHB-IhvMv30P9axLHdXfDy6iB7cfbUInqxOF1tGZoYsE&sig=Cg0ArKJSzB2AMNRBG4_eEAE&id=lidar2&mcvt=1001&p=1120,436,1210,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=4028002665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646921156511&rpt=731&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 8130 0
0 29ms
26ms Document
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame B576 0
0 38ms
27ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9c9bb8acc99b1b-FRA

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 6EC7 0
0 30ms
28ms Document
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 88DB 0
0 27ms
24ms Document
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9E43 3 KB
2 KB 74ms
15ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:05:58 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CF59 15 KB
6 KB 135ms
29ms Document
text/html 104.102.28.254

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=156444
expires: Sat, 12 Mar 2022 09:33:22 GMT
date: Thu, 10 Mar 2022 14:05:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 27CC 926 B
1 KB 90ms
35ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2844
Expires: Thu, 10 Mar 2022 15:05:58 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9c9bb8ec1c5c02-FRA
Content-Encoding: gzip

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame DF80 0
0 594ms
120ms Document
text/plain 67.202.105.22

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 -, , ASN (),
Reverse DNS
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Thu, 10 Mar 2022 14:05:58 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame BAB6 0
0 25ms
24ms Document
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 1501 926 B
1 KB 85ms
30ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4620
Expires: Thu, 10 Mar 2022 15:05:58 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9c9bb8ec2a9ba7-FRA
Content-Encoding: gzip

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame BCCC 0
0 35ms
26ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9c9bb8accc9b1b-FRA

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5857 3 KB
2 KB 84ms
27ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:05:58 GMT
Connection: keep-alive

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame EB27 0
0 592ms
119ms Document
text/plain 67.202.105.22

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 -, , ASN (),
Reverse DNS
Software: 33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Thu, 10 Mar 2022 14:05:58 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 90D8 15 KB
6 KB 133ms
31ms Document
text/html 104.102.28.254

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=156444
expires: Sat, 12 Mar 2022 09:33:22 GMT
date: Thu, 10 Mar 2022 14:05:58 GMT
vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame D943 0
0 31ms
24ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9c9bb8acc39b1b-FRA

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 2AC4 926 B
1 KB 82ms
31ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2844
Expires: Thu, 10 Mar 2022 15:05:58 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9c9bb8ec1f5b62-FRA
Content-Encoding: gzip

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 72DC 0
0 31ms
26ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9c9bb8acc69b1b-FRA

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B630 15 KB
6 KB 133ms
33ms Document
text/html 104.102.28.254

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=156444
expires: Sat, 12 Mar 2022 09:33:22 GMT
date: Thu, 10 Mar 2022 14:05:58 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2DD9 15 KB
6 KB 143ms
44ms Document
text/html 104.102.28.254

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=156444
expires: Sat, 12 Mar 2022 09:33:22 GMT
date: Thu, 10 Mar 2022 14:05:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 8C0A 3 KB
2 KB 69ms
16ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:05:58 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 99E7 0
0 28ms
26ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e9c9bb8acca9b1b-FRA

GET /
ssc-cms.33across.com/ps/ Frame 89E6 0
0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 393F 3 KB
2 KB 65ms
15ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:05:58 GMT
Connection: keep-alive

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 26E9 926 B
1 KB 74ms
30ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2844
Expires: Thu, 10 Mar 2022 15:05:58 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9c9bb8eaa19a21-FRA
Content-Encoding: gzip

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 5A60 0
0 583ms
120ms Document
text/plain 67.202.105.22

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 -, , ASN (),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Thu, 10 Mar 2022 14:05:58 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame ADDD 0
0 37ms
24ms Document
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame F0EA 926 B
1 KB 84ms
42ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2844
Expires: Thu, 10 Mar 2022 15:05:58 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e9c9bb8edef9944-FRA
Content-Encoding: gzip

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2F99 15 KB
6 KB 147ms
58ms Document
text/html 104.102.28.254

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=156444
expires: Sat, 12 Mar 2022 09:33:22 GMT
date: Thu, 10 Mar 2022 14:05:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 11FB 3 KB
2 KB 69ms
25ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Thu, 10 Mar 2022 14:05:58 GMT
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1350 54 B
326 B 304ms
68ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 3F4A 54 B
326 B 298ms
67ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame AA7A 54 B
326 B 245ms
21ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 695D 54 B
326 B 243ms
20ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Length: 54
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 93F4 54 B
326 B 242ms
24ms Document
text/html 23.218.208.246

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPVpDnDPVpDnDEXABBDEBgCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Ftrib.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Expires: Thu, 10 Mar 2022 14:05:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:58 GMT
Content-Length: 54
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CF59 6 KB
6 KB 499ms
163ms Script
text/html 192.82.242.209

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25554406&p=156917&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.82.242.209 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66bead2c2700e54504d2dc9cd672266d964ba763115b90d567c3ac97bd68f597

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame AAAD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2

35 B
468 B

38ms
36ms

Document
image/gif

37.157.6.252

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 10 Mar 2022 14:05:59 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A28E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioFxwAMHQwwOgBH&gdpr=0&gdpr_consent=&_test=YioFxwAMHQwwOgBH

1 B
237 B

23ms
22ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioFxwAMHQwwOgBH&gdpr=0&gdpr_consent=&_test=YioFxwAMHQwwOgBH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:58 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug009:0:400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YioFxwAMHQwwOgBH&gdpr=0&gdpr_consent=&_test=YioFxwAMHQwwOgBH
accept-ranges: bytes
date: Thu, 10 Mar 2022 14:05:59 GMT
via: 1.1 varnish
x-served-by: cache-hhn4050-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1646921159.496921,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3DFD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6340622a-05c7-4400-af0e-ef0cc4ba2ff4&gdpr=0&gdpr_consent=

42 B
494 B

90ms
31ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6340622a-05c7-4400-af0e-ef0cc4ba2ff4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:57 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug018:0:388
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Thu, 10 Mar 2022 14:05:59 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4256 109297d master zrh-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6340622a-05c7-4400-af0e-ef0cc4ba2ff4&gdpr=0&gdpr_consent=
Expires: Thu, 10 Mar 2022 14:05:58 GMT

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 1262
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUFFFN0VWQXdBQUNvUG1wNVNodw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

39ms
38ms

Document
image/gif

52.213.253.251

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.253.251 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 10 Mar 2022 14:05:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 10 Mar 2022 14:05:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 5C60 43 B
408 B 585ms
173ms Document
image/gif 216.52.31.59

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.52.31.59 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 10 Mar 2022 14:05:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: sjc-delivery-9
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2A46 43 B
362 B 240ms
29ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 10 Mar 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 544476
strict-transport-security: max-age=31536000; preload;

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 6603 0
44 B 325ms
105ms Document
text/plain 169.197.150.8

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 -, , ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 10 Mar 2022 14:05:59 GMT
server: b

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 57A2
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=653811070499

42 B
361 B

62ms
27ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=653811070499
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 08:12:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0028:0:464
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

content-length: 0
access-control-allow-origin: *
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=653811070499

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C442
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
415 B

189ms
171ms

Document
image/gif

2606:4700::6812:c05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9c9bbf5bd79088-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 133
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9c9bbe2aa89088-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2066
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CmU2Q04t1Nsjqv5&gdpr=0&gdpr_consent=

42 B
367 B

32ms
31ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CmU2Q04t1Nsjqv5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug016:0:345
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 10 Mar 2022 14:05:59 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CmU2Q04t1Nsjqv5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame A1A0
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

16ms
16ms

Document
image/gif

104.89.45.32

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.89.45.32 -, , ASN (),
Reverse DNS
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 0
Content-Type: image/gif
Date: Thu, 10 Mar 2022 14:05:59 GMT
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 10 Mar 2022 14:05:59 GMT
Connection: keep-alive

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F4F1
Redirect Chain

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7fb48720-0a64-4918-afd3-1aa25d12b763

1 B
271 B

24ms
23ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7fb48720-0a64-4918-afd3-1aa25d12b763
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:58 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug006:0:445
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7fb48720-0a64-4918-afd3-1aa25d12b763
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame D6C8 0
114 B 330ms
104ms Document
text/plain 38.27.122.101

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 10 Mar 2022 14:05:59 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8D22
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

42ms
30ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Mar 2022 14:05:58 GMT
content-type: text/html; charset=utf-8
x-lat: amspug015:2:334
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Thu, 10 Mar 2022 14:05:59 GMT
server: _

GET
H2

200

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 2F1A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=4ad53413-5f31-42d7-9481-435a2a5c6a09&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2

42 B
353 B

104ms
104ms

Document
image/gif

34.192.179.231

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.179.231 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-type: image/gif
content-length: 42
server: Kestrel

Redirect headers

server: nginx
date: Thu, 10 Mar 2022 14:05:58 GMT
x-lat: amspug002:0:619
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CF59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fZJur_gwSPyU929buj9U0g%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fZJur_gwSPyU929buj9U0g%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

49ms
48ms

Image
text/html

104.102.28.254

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Server: 104.102.28.254 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=156443
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 12 Mar 2022 09:33:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame CF59 0
66 B 84ms
25ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f432622a-05c7-4700-8fa5-df76fc0fd968

0
260 B

227ms
29ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f432622a-05c7-4700-8fa5-df76fc0fd968
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Mar 2022 14:05:59 GMT
Server: MT3 4256 109297d master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f432622a-05c7-4700-8fa5-df76fc0fd968
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Mar 2022 14:05:58 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q5MjZFQUYtRjgzMC00OEZDLTk0RjctNkY1QkJBM0Y1NEQy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q5MjZFQUYtRjgzMC00OEZDLTk0RjctNkY1QkJBM0Y1NEQy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

51ms
25ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 10:37:09 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0025:0:290
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELepU96VL9EK8uISv_7b8Hc&google_cver=1

42 B
361 B

44ms
25ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELepU96VL9EK8uISv_7b8Hc&google_cver=1
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:404
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELepU96VL9EK8uISv_7b8Hc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CF59 43 B
611 B 87ms
27ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Mar 2022 14:05:59 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3710950861622885667&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

31ms
30ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3710950861622885667&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:00:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0026:0:410
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3710950861622885667&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edeab01f-b08c-4745-999b-f38e86e23715

42 B
603 B

85ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edeab01f-b08c-4745-999b-f38e86e23715
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:447
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=edeab01f-b08c-4745-999b-f38e86e23715
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 7D926EAF-F830-48FC-94F7-6F5BBA3F54D2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CF59 43 B
990 B 139ms
46ms Image
image/gif 2a05:d018:d29:3605:9290:fe02:2ee8:2378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/7D926EAF-F830-48FC-94F7-6F5BBA3F54D2?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:9290:fe02:2ee8:2378 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hmZkQoxE2uUFfbrvqLYnwV06Xh3eObA-~A&gdpr=0&gdpr_consent=

0
128 B

233ms
29ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hmZkQoxE2uUFfbrvqLYnwV06Xh3eObA-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hmZkQoxE2uUFfbrvqLYnwV06Xh3eObA-~A&gdpr=0&gdpr_consent=
date: Thu, 10 Mar 2022 14:05:59 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1179363741045328308&gdpr=0&gdpr_consent=

42 B
543 B

76ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1179363741045328308&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:490
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:59 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d5fbe242-ece0-4fa5-9a71-f20887cdc1bc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1179363741045328308&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=368107c7-a07b-11ec-885d-330e64547fde&gdpr=0&gdpr_consent=

1 B
251 B

23ms
22ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=368107c7-a07b-11ec-885d-330e64547fde&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:59 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:568
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=368107c7-a07b-11ec-885d-330e64547fde&gdpr=0&gdpr_consent=
Date: Thu, 10 Mar 2022 14:05:59 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 368107c8-a07b-11ec-885d-330e64547fde

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame CF59 0
104 B 156ms
41ms Image
text/plain 2a02:fa8:8806:16::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame CF59
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7a9f0190-5aae-4528-b764-de9023ac80d4&ssp=pubmatic&gdpr=0&gdpr_consent=

43 B
324 B

62ms
24ms

Image
image/gif

34.98.67.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7a9f0190-5aae-4528-b764-de9023ac80d4&ssp=pubmatic&gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.67.61 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7a9f0190-5aae-4528-b764-de9023ac80d4&ssp=pubmatic&gdpr=0&gdpr_consent=
Date: Thu, 10 Mar 2022 14:05:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

26ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:2673
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bQ5DHGsJEkp2BEVKalpcTWMLRUx2CkgfbF55ibiL

42 B
469 B

24ms
23ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bQ5DHGsJEkp2BEVKalpcTWMLRUx2CkgfbF55ibiL
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:09:28 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:415
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bQ5DHGsJEkp2BEVKalpcTWMLRUx2CkgfbF55ibiL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4962106319940471131

42 B
233 B

26ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4962106319940471131
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:552
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 14:05:59 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4962106319940471131
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EC847F29_14A5A3C2&r=https://pmp.mxptint.net/sn.ashx?ak=1

0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CF59
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1179363741045328308

42 B
110 B

24ms
22ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1179363741045328308
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:58 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:304
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 14:05:59 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58a8e1e3-e043-4116-9637-127e1b96f181
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1179363741045328308
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 728x90_ukraine_soldier_v1.png
saambaa-static.azureedge.net/sidestage/ Frame 89BD 23 KB
24 KB 17ms
17ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/728x90_ukraine_soldier_v1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF6) /
Resource Hash: 7aa6433cac545fe1bb663361c0090d6fea4b4f07b36d9cd8621ec24b1d710652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 10 Mar 2022 14:05:59 GMT
last-modified: Wed, 09 Mar 2022 18:04:48 GMT
server: ECAcc (frc/8FF6)
content-md5: m1CFc0IaDoYn2lA61stOxg==
age: 71728
etag: 0x8DA01F74D0302A8
x-cache: HIT
content-type: image/png
x-ms-request-id: 84aa44f8-f01e-0059-17e0-33e884000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 23921

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trib.com
URL: https://trib.com/tncms/messaging/service-worker/

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Ftrib.com

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ci_cScBpur6AiCaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EC847F29_14A5A3C2&r=https://pmp.mxptint.net/sn.ashx?ak=1

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trib.com/	1970-01-23 11:51:10	Name: TNNoMobile Value: 1
.trib.com/	1970-01-20 01:28:44	Name: AMP_TOKEN Value: %24NOT_FOUND
.trib.com/	1970-01-20 01:28:42	Name: spses.48b6 Value: *
trib.com/	1970-01-20 14:55:05	Name: tms_VisitorID Value: 4km1v2bz65
am.freshrelevance.com/	1970-01-20 14:55:05	Name: tms_SessionID Value: 0PJ7H2BZ99
trib.com/	1970-01-20 14:55:05	Name: tms_SessionID Value: 0PJ7H2BZ99
trib.com/	1970-01-20 01:28:42	Name: tms_wsip Value: 1
.leetemplates.com/	1970-01-20 10:14:17	Name: sp Value: a9ef2131-c8af-474a-97a1-9a1219790d37
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.go.sonobi.com/	1970-01-20 01:28:41	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56128\|YioFx
prebid.a-mo.net/	1970-01-20 10:14:17	Name: __amc Value: 3_1646921155_1646921155
.adnxs.com/	1970-01-20 03:38:17	Name: icu Value: ChgIxfVWEAoYASABKAEww4uokQY4AUABSAEQw4uokQYYAA..
.adnxs.com/	1970-01-20 03:38:17	Name: uuid2 Value: 1179363741045328308

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://trib.com/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Ftrib.com' from origin 'https://trib.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Ftrib.com Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=7D926EAF-F830-48FC-94F7-6F5BBA3F54D2 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
a.leetemplates.com
a.tribalfusion.com
a45eb8dd5ea8bf66bd110c0f8be6f725.safeframe.googlesyndication.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
biddr.brealtime.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn.districtm.io
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
confiant-integrations.global.ssl.fastly.net
csync.loopme.me
d1eoo1tco6rr5e.cloudfront.net
d81mfvml8p5ml.cloudfront.net
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dmx.districtm.io
dn1i8v75r669j.cloudfront.net
e31993dd77af45af11a0bf5551c18fa7.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
mweb.ck.inmobi.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantcount.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.owneriq.net
rules.quantcount.com
s.tribalfusion.com
saambaa-static.azureedge.net
saambaa.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
storage.googleapis.com
survey.survicate.com
surveys-static.survicate.com
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trib.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
c.amazon-adsystem.com
prebid.a-mo.net
simage2.pubmatic.com
ssc-cms.33across.com
trib.com
104.102.28.254
104.16.190.66
104.17.119.107
104.18.131.43
104.45.178.220
104.89.45.32
107.23.10.176
108.157.4.60
13.248.245.213
142.250.185.130
142.250.185.162
143.204.95.188
143.204.97.29
143.204.98.111
147.75.38.124
151.101.193.194
151.101.66.49
154.59.122.79
161.47.17.28
169.197.150.8
169.50.137.182
178.162.133.150
178.250.2.151
18.159.83.65
18.184.212.115
184.31.84.150
185.29.132.241
185.33.220.240
185.33.223.38
185.64.189.110
185.64.189.112
185.64.190.81
192.104.182.209
192.82.242.209
2001:678:cb4:bbbb::11
213.19.147.42
216.52.2.30
216.52.31.59
23.218.208.246
23.88.75.189
2600:9000:20eb:9e00:e:98bf:5f00:21
2600:9000:2156:6e00:7:5031:dc0:21
2600:9000:2156:e600:6:44e3:f8c0:93a1
2600:9000:224a:3600:3:b7e:8940:93a1
2600:9000:224a:7c00:2:36a1:2f40:21
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:135e
2606:4700::6812:c05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2008
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2010
2a00:1450:4001:810::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:9290:fe02:2ee8:2378
2a0b:4d07:102::1
2a0b:4d07:1::1
3.126.56.137
34.102.205.239
34.102.253.54
34.149.20.76
34.192.179.231
34.231.128.63
34.98.67.61
35.157.98.225
35.244.174.68
35.71.131.137
37.157.6.252
38.27.122.101
52.212.62.46
52.213.253.251
52.30.14.23
54.93.106.38
66.155.71.25
67.202.105.22
00c7b3910663b00a093fffc89a4a9ee9826fdcf155e697ab6d10c655657ae22c
01ba889c779c757c773ee1143971d84ba8a0f510cd9d5ca5891c9a751ef935b3
03996a64e64f7e2f44690c45024715a96e5b335f7ee3e4d0c9f60af8136116eb
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
047515d3b75bbac790bc8692f5fb9878b82b542eb0b7ac11a55e401b473b06c4
0645c89f02a94e3e0bd4ed5257486f135a1e34a0ec6d477d438b041cb282b111
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070271b9bffc4a3e02409037b41d36681695c47c4ee812cf8545f8bdf9a869d8
0819c26fec68702f8ff7a0973a41662d9c8626364b112b5eec9d5451308bc446
09b853989d60d314cd3f6d2f051929f1b3170b04d75c9ab9b0ede1b712586fa3
0aa781c4874091135645fca175b7e605ee1ca8d44ae76afeb9541cbfad61a90b
0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d2df297341174be85027bbd8afc4dc4f34917eed27cfbc02b3fd37c57f67340
0e017695837f6bbb6a4e4f86e0c1289f191ec006d819102ca5bcf3b3a6eb944e
0e2c6061885137b3affadb7857959e28768c51ba8a535f1d6f2dbc58e5becd19
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
14c8d3baa27c4ef07c352df2edeb5e30ebf8315d7ffbc8365c65dbcecfaded5f
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
16abfcd446bbc34e0b3bb892c8bd795e9d1ee28ea6e3207d73f34ca3a07abf19
16d99d2df71528c1bf0308cd213e8e79c52e504afae0afaab8a97a1b32002bc4
171a331df56f887192d1264fc8cb721cbb2bdaa289efaed41c78809df43796eb
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
17b27b244541ce78890ad2f466b09c7ae29eda0774e8813bfc6b3240180ab9a7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1a751af56afc484774a251f070f5f2b0f6f9af727a3d767fb5be28fe8b2b9030
1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e
1db4a7945d3947cccdf920e32e589e604b931d879fb7684e58fa0dc6b12520a6
1e741c70dbda40821f64160090ab5b26aa40c9a832f4369e7153c1f55cd8bd97
1f5c32affe976b6cb4f952d6cebe1c491830737142c0d2f9ed38a395592e2b4c
20ec6b5f5ac6dfa4114e228dd920eef60d9a70eae24a137cdc12f43f01fc6b18
20fdf5112824d8572d4b88341fa4585f038e826290bf44d84331ffc3f3636906
21264b113de1de0debc5e7f594a2055170a3c0c497e3fc71b6be876a8565918f
232bf7998ebafda88a66a06d9c3b238b47df0ae62748a99df119038e965ed2f6
23990ef5c842f350e893aa5ffc294182a6d0fe926edea0b16c25969b5d24ab32
244b25df22cbaca5a1989be7b92b080000fabee139ceb4f32ed4fc9ea2ea062a
267a9525e3a0c8e65c911647bc8867c5421b5d7e75a6529ef6e1a3ab037dbd83
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b1d16d68033c1afee8fb44c9f446e50f751419b4d02ee38a83bbabf221764a
27737a746224f18f95c86e19bbfcb9d01a59f5f14d1a5c2fcf4ea982c4ce71a5
277efb12865b473f3046a93f2bee53394ee5e7cae843926cf958fd97877b2688
287b9c0b8d0a987622d844e908faf8294cb6326dbb486e9dae40b4768055042f
2c0a28a87b0b94e1164b84e70692b630fb1e941e1171f64b1f9daa0a84d11a8c
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448
31be57c3a736dad620d0bc011314f0de3e17e05027cfdf67f00047371ebf18dd
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
322b20c53e3f913ffd5f63070bfa8711606b962797d9d7a12cbe389c3cf09b18
3344ae3afde05c9b109a93724331732b06f08056013b2e96d543fddd25c278c5
33580f66420b0a9c07cc7ba580f294d21bdb9a45fd1aef9ec1ec573a1619485e
34b2fe5455590ee6f78ac6e9de9a75cf4e08268b97bd9e7811e5739ee94c0b1b
35a71c41c763978beb32e4cf69e3b7fdc567ae69fe352fae1c47520309386051
36a1cdd53ef58e3e55b0209de42e93b31e5efcd2e010b7cce62255f0883a0ad2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871
3c840e9e745e975754a8a466f58d4800bc0501f61631c967c88599dbc605bab2
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3dcc0031075366e0a3d31749b6409b52acc1acf3b6400578d7539c9ff967c497
3e07c0ca6f0a2a8b2db8dcfe88721eeb9531625ab1b4c87b54eefba27e3aa68b
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
43733381c7dc3759f543e0970352a5457ff9f50f53b976b0f53d887906ec2b6d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
449b82a5c12e1cd152503114da60771bd0ca6fdea2cc9ff25fecadfd4b825edd
4689c127ad7cffe863c4f0e582d9b8830261d486a97a77fd8a9d1f69ff37da54
4814069f22d9d51362e0629e097095853dbd851f213275f402a84c85d1f0e098
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e12626df494f4598866b8de37f0e453fba255fcb18a0c86dcea52780024580d
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
55b2d3a6c1e73324dd504475718352d54ec66b66e8a5f16b3492a49de31d88f7
55edb91740ad6742aa03b040fc75d633310b60c069584020e510c21460f0353b
57465cd855e95ab73f93f465a2d9f0da5b9fdc6b24670a9d708686ff6e604a05
5770f72d26f8dd6f6d49e97f86f512cf2550105ff36c1ba1781d2757bc9e31bf
590126ccd2aef65920d3d31ea44ae95c495cb2c1b98eed645ac67b708b9c2328
59f87480ecc4abdaf8258e2bc6e10b25a04e02967d1a4f4890b931bef6f334ee
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5b635363357517bbe1fe516cb3e627921dc4c4ca77873265842e2ddb537414cc
6000da83091bc67027a9b6e6ddf854920ddb8f5b349f2625c54e814c3886f3e2
60ec3708d7073681e872f3a4d012d6594c682863e7e2970330abfe52b701d808
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
656a62e7cfbd270352bfa0ccf580e3b84cb18ff2256277c699a9144edae5db21
65f626af7c6ceb0be4d01854190ce8ef617d4f3e5d7b8054975ec622884b61da
66bead2c2700e54504d2dc9cd672266d964ba763115b90d567c3ac97bd68f597
68d0edbcc9baefe699f18679a3a702457852078534611fe0924d4011aca6fd91
6a69669a5a840a3b88c0a6a09d414800480e4869b86caa62b2cadf630ef7e478
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6d69434d10f3b284edb24e748769b43d4f667026dfc91a347958f3d299d14a8a
6e910a91ab32b0c0020d2a755c8de1e9984d89ed44f641e93ed78d752ce73117
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
754c0c5c601794d13d7fae6c43e2bd7618190a1abd358bacdb1275b8c84b8fc7
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
759843add8c11b6292dc0164df3616da44dfcf6ab67d24b863d5c27539818614
765993382391a24ef0125db4beef96ddf420873f20534f2ecf4173586186d0b2
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
79083466e54242df079c1f8a26f06a76ad40272869bed59d1d4af12f50b60ac0
7a58e7d118df27f86479b9e7a8ee3819e60b7012787ce02caedbfa1d66d822d8
7a94477c41748171efbae9e3d9391a7dc9c249ee66d9d9deb5020bd67cd65f3b
7aa6433cac545fe1bb663361c0090d6fea4b4f07b36d9cd8621ec24b1d710652
7aaca292221d94693d7393d6d84e9cd350483358fccd88c048c9706e002c8400
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8410afa5c78bbca797d4fdd48428dc977da18ae43a1545ac604ccc790210b8f4
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87a6266c72bd0c1cfd50b1725c7e3f7a1e87773f0df81d50c4d1d404d9fe7ebf
8cd5e55161823cf463c786c0190e8f2544d7106f55aeb11c59f35b039fcf7404
8d06adaa121f8fc25b69e714ec69d738a029e13a7733753b6dbee752854b601b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f416a18e6e6218ce78aa4454b40707104504fbaa1ac3e95568a15aa1610b91b
8f981e41d6d11b8262240ef72a4f6616f64dd091d293f53ad05e79b96d4050ef
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90f333e57c53aa7d89fa392096099546e141b03d7ab18bcdbc6a84aca2db5e39
91b0a925039c3faf332de31415e0c41c6fe85d5bf50302c68f3ad882d74bc962
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94c3a3f828e4ec6bc25c2f4315c5098102d5747fb4b5c3924d62aff8174112e0
9551e6cfc2068d1c0217c5edb034ee92051f2d7551f547ee7db33c7f3e295c82
964d3be9b2d73e7d75bb3eaee3359afd681d240dbbcb945c082f5c0a6b45df1e
96fab4cb05d555b2d0e10938849a6bc03dc1fee68b59214187fd54dffcd5fe5c
97ded2a432e64f4e5086f03ae1238d87e1e2ffdd63216d068996c566aa55882b
98ca1b58f51144561a8b520521a36e0f8cce7f966e19f8765b249e0edf1dc2e3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99f6216f99124117e9a49b232e90d7d1715964c013cd8926a716813d93583fc3
9c5e8d6705bc784966f37616b27cfb2f8164247f6731f53fd67a5e86f7fbe063
9db18b95776a5a8659133d4513c90a009f3aef773658a631e088f6bc6e5158c4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e3a614a8989051e38ee838cf8bdbfbc3ccab6d8de23f17c78a0f72037815b7
a40f5e0d27b8ea46bf201abaf0142672f50aeb7ea6a15fa92487781831da3b02
a454a0dab553d1f230f7897f15864b4c9ae6e1c1ddfb5a4d1b9751b6e324fe76
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84a41585f9f50d3a48f8fe348fa2fdaa461e5e797d40c143320d90f8ad86f12
a8ff920fd471e781177603056215924bcad19c510759f55fdc18c5f7cd00c9df
a98b97fb99fd446ea808a00c7bb660986666031870f79956ab098099cca0f236
a999a573e106937a2f47a15e81521244c146e507a3f594ebeb7c050093e00cc4
ad42b1b4a33db5424147299fbca7cbe6d598f26020233e60b22aac0906411f67
add064aeb1d63fb8d2b6191f00e7399eb10c4295ef9097be09a2616e03c35189
ae8620cc7478cbd189cb5818df1d723a5d1eb98864d827693068f9d80874fa30
aec6f5ad4a7f0614b46c435fbe8818b359bab6032eca4e91b960c5cb6a0fa7d3
af8005399aeee00ed566ef5050f46bd30f0be401efc34e293e9d1625d033fda9
b0824285ab642b362c0d255978a157f91aaea39966ab417326018a1d1c8ecb0a
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b11c92140f7985d13085eacbfdb314c66eb3726037e662128ca9aa310dab2c56
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b37cff1ece8f2ba1dca1217408e8b7b17a7ddf1692628773c7ad429338cdd7b7
b3834bc943a706105cd6696a28ab8bd8fcd2f5bd68eae19722840de30ed5445a
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b40515f179f174aca68a3411ccd989cff2fee0b9a5b897483da509d65e0c37c6
b7812716e8c785e9974a1b5668da57326ce2081a1af37b0c1391a1315ee5936d
b7cdbaaf76f67c977f3b4a6906e9f82104a643002c1b73b13f4610be89ba4fc7
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c2387af7359cfa4f8acf87287f35cd9763a4807ed0ea637c7c1cfda9a14dae54
c23a080940234d03b10c1a20bf0987deeb2023407e167c29054e808eb355e8f2
c284f93c368a318a3a30132edd6c2c4320dc9529521678b46c39d93be538c9a9
c6c08a49b2a2c62d0c646cc86104f430c7db291d2c716f74f050819a565212f1
c890ccaefb37450e0dd87d54a39c457e663b2428a04e62557b29879204f5d5fc
c9291154d213b1cdec03d46aa4322cfe346c67b9d95bf13fbe46a1328c4f3cc8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce5a6694bbe905248ec43c80f05829d635f176e74742d9143687d108781691b1
ce85f1e06809b0719956bf80e0ee1ed789be701c523b0a1655fd6e02290a2407
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d3cb37847ef5252ad9c61519a098c4fbeff1267b899cf493c23f25600a44c411
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d81c539d71b3214f7dcae8d432e9cad2bcc4a4fddb40cdcddc94469499fe0817
d9b4f9c567fd97e843fe4ca8f041966e03bc0ecd1b053ab8c32f3a58b1424359
d9d885ecc8b3105513e98d4c38306184a15613f3e60984651c8b0cccea1b2f15
db408facd00cbc891ed09905faff504c60b5973e9307ff66c381136ef92c92cd
dbc6604ca3b2cba8f35170dd15c368e2243143f10789ea5ddba0b806090c69e6
dbdf0744a013dc2465064690955405988582190840f3f3b8d79b230f1bab2f04
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e0953933381f78baba64e98cb1565cf7b4db9d756d03af849653bb8dffea1804
e2723d836f454ee6ff14fd559b479fbf8566c46af66422b6e31b48076446de92
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ccd91915655443f0694161cc9ca923a929c56b58fac5796e93f9a1a0daafb5
e4cdf2c0cda0c4168affd0d48822952c8534dfcb328d901d55756d7a900c30e2
e5bb8b3a217ffae9a01543f6ca655af5dc4d01ccf05b2bdd3551558654ae5415
e5c6097e158405b67e845e0c1a5da83be7e26f4bb42d982ad1a60ff689f88ff1
e71d8518e840211677103e45de5d233245463ad84edc82d4434bbfe64169f586
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
e940474269bb3f106842a957ddfadb0ea6830c191de6a5147e3c6725bae6f670
ea6c57fe9b01473a4740c2e85902eae3a1898abed24c849bcc381849fd068832
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec37472a7272005528083fc9f09fc3df446595edcbacbcaac2dcd0d2793e424c
ed164f1d5d34a2dc860128e1ca51debfbe834ce74845f75137edd3a7cfb79ac4
ee0900e843e2647636742d9ffb71b05586f00f5b6a980c70baab3759fd5e87a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46e87c2064eddde2ec2d1c1c463ad831cd54f2fd1f440d6f7fb5428538ddd1
f07b1942eeb578d414fb5637647fe6dc82d1d8fd4635443a5554d65ae86c4559
f3595eeb69a00323ae65e5c65341a78e71b3f4dfa4a913e7c20fdca1abc0e399
f55bd6bea1ac25e303f65c4dae0c1d9537696bb536691f55fa4cc5903177e989
f5d057bbea92b1151a5f2b15e28ce3b50952173fd9bd016e3e03c22d11b5a1e4
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f70fce2eaebc89b82eb5c2b18deb21e0c787d37ecade18354d9770d8b6364c30
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fa707ee33c01d09d80365b33f0eb6edf0439ca14a7113d9c30ebc54a7da9610b
fc9cc9d519a531cf13e3c6b32a1f80d8c27f3eec4ea17410d65aae7cbe70516d
fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130
fe25948c39b70de9cb3fedf7dff8845f3ca6571cd4e3d44c17ebd17d40069011
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
ff7cfb9cb22470507879580b814385fe0165be2cf797b43b370a1be72d9ebfb3

trib.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

417 Requests

90 %HTTPS

31 %IPv6

63 Domains

92 Subdomains

70 IPs

7 Countries

5085 kBTransfer

13226 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trib.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

90 %
HTTPS

31 %
IPv6

63
Domains

92
Subdomains

70
IPs

7
Countries

5085 kB
Transfer

13226 kB
Size

14
Cookies

417 HTTP transactions
15 data transactions