Submitted URL: http://tmz.com/
Effective URL: https://www.tmz.com/
Submission: On May 17 via manual from CA — Scanned from CA

Summary

This website contacted 126 IPs in 9 countries across 117 domains to perform 635 HTTP transactions. The main IP is 2600:9000:24f7:ca00:b:ee9a:1d00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.tmz.com. The Cisco Umbrella rank of the primary domain is 19227.
TLS certificate: Issued by Amazon ECDSA 256 M02 on December 7th 2022. Valid for: a year.
This is the only time www.tmz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:24f... 16509 (AMAZON-02)
2 2600:9000:24f... 16509 (AMAZON-02)
7 2600:9000:24f... 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 2607:f8b0:400... 15169 (GOOGLE)
7 151.101.194.132 54113 (FASTLY)
11 2a04:4e42:200... 54113 (FASTLY)
3 151.101.130.137 54113 (FASTLY)
10 108.156.172.95 16509 (AMAZON-02)
1 3 108.156.184.119 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 172.64.154.204 13335 (CLOUDFLAR...)
22 2607:f8b0:400... 15169 (GOOGLE)
1 2 2a03:2880:f25... 32934 (FACEBOOK)
20 2606:2800:220... 15133 (EDGECAST)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 13.58.139.71 16509 (AMAZON-02)
24 2607:f8b0:400... 15169 (GOOGLE)
1 3 35.81.229.26 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.216.93.162 16509 (AMAZON-02)
2 63.140.36.104 16509 (AMAZON-02)
1 1 34.239.204.15 14618 (AMAZON-AES)
9 2607:f8b0:400... 15169 (GOOGLE)
7 34.72.38.16 396982 (GOOGLE-CL...)
2 104.244.42.72 13414 (TWITTER)
10 108.156.172.74 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
2 44.237.13.56 16509 (AMAZON-02)
2 2600:9000:24f... 16509 (AMAZON-02)
1 108.156.172.12 16509 (AMAZON-02)
1 151.101.2.217 54113 (FASTLY)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 108.156.164.236 16509 (AMAZON-02)
2 108.156.172.76 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
4 35.82.203.206 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
14 54.187.159.182 16509 (AMAZON-02)
1 2a04:4e42:78:... 54113 (FASTLY)
5 5 107.23.199.142 14618 (AMAZON-AES)
13 40 173.194.215.157 15169 (GOOGLE)
12 12 3.33.220.150 16509 (AMAZON-02)
2 2 52.57.206.241 16509 (AMAZON-02)
15 15 3.225.218.10 14618 (AMAZON-AES)
1 3.69.181.173 16509 (AMAZON-02)
1 108.156.180.227 16509 (AMAZON-02)
22 52.4.33.45 14618 (AMAZON-AES)
4 7 68.67.161.182 29990 (ASN-APPNEX)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 35.173.167.165 14618 (AMAZON-AES)
1 104.18.25.185 13335 (CLOUDFLAR...)
11 2602:803:c002... 26667 (RUBICONPR...)
1 34.238.47.251 14618 (AMAZON-AES)
1 35.211.165.199 19527 (GOOGLE-2)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
1 2620:100:a001... 19750 (AS-CRITEO)
11 34.149.20.76 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 74.125.196.149 15169 (GOOGLE)
12 151.101.66.137 54113 (FASTLY)
2 52.202.176.32 14618 (AMAZON-AES)
2 44.228.125.220 16509 (AMAZON-02)
2 15 209.54.182.161 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
4 4 199.127.204.171 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 1 23.205.72.21 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 54.167.135.175 14618 (AMAZON-AES)
2 17 192.40.39.223 27381 (CASALE-MEDIA)
4 9 54.205.236.63 14618 (AMAZON-AES)
2 2600:1f13:e36... 16509 (AMAZON-02)
2 52.4.93.7 14618 (AMAZON-AES)
5 5 68.67.179.166 29990 (ASN-APPNEX)
1 20 52.207.45.55 14618 (AMAZON-AES)
26 27 35.211.178.172 15169 (GOOGLE)
2 2 188.42.34.64 7979 (SERVERS-COM)
3 3 3.215.81.226 14618 (AMAZON-AES)
7 7 50.31.142.127 23352 (SERVERCEN...)
3 3 173.223.57.84 16625 (AKAMAI-AS)
2 2 198.148.27.140 19189 (PULSEPOINT)
3 3 70.42.32.63 22075 (AS-OUTBRAIN)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
6 10 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 54.147.162.32 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 2 169.197.150.8 398989 (DEEPINTENT)
3 3 18.205.37.229 14618 (AMAZON-AES)
1 1 199.187.193.182 47043 (SMARTADSE...)
9 12 69.173.151.100 26667 (RUBICONPR...)
3 3 207.198.113.93 13768 (COGECO-PEER1)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
22 22 2606:ae80:147... 25751 (VALUECLICK)
3 3 199.38.167.131 54312 (ROCKETFUEL)
1 35.163.153.0 16509 (AMAZON-02)
18 2607:f8b0:400... 15169 (GOOGLE)
13 23.41.169.149 16625 (AKAMAI-AS)
2 2620:100:a001::4 19750 (AS-CRITEO)
55 55 67.202.105.23 32748 (STEADFAST)
9 18 67.202.105.34 32748 (STEADFAST)
3 23.41.168.202 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
10 32 23.3.115.102 16625 (AKAMAI-AS)
1 104.18.10.47 13335 (CLOUDFLAR...)
12 21 52.223.22.214 16509 (AMAZON-02)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 8.2.111.13 46636 (NATCOWEB)
3 44.197.95.124 14618 (AMAZON-AES)
3 3 8.28.7.82 62713 (AS-PUBMATIC)
2 18 162.248.18.37 62713 (AS-PUBMATIC)
1 4 162.248.18.34 62713 (AS-PUBMATIC)
2 2 8.43.72.97 26667 (RUBICONPR...)
3 4 151.101.2.49 54113 (FASTLY)
4 35.244.159.8 15169 (GOOGLE)
11 11 74.121.140.211 30419 (MEDIAMATH...)
2 2620:1ec:21::14 8068 (MICROSOFT...)
5 5 35.207.24.140 15169 (GOOGLE)
2 20 35.208.249.213 15169 (GOOGLE)
3 108.156.172.38 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
1 1 124.146.215.45 2514 (INFOSPHER...)
46 34.117.239.71 396982 (GOOGLE-CL...)
1 1 204.62.13.72 46636 (NATCOWEB)
1 1 35.190.90.30 15169 (GOOGLE)
1 1 80.77.87.163 46636 (NATCOWEB)
6 151.101.194.133 54113 (FASTLY)
2 52.2.185.167 14618 (AMAZON-AES)
2 8.28.7.81 62713 (AS-PUBMATIC)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 52.94.223.37 16509 (AMAZON-02)
1 119.63.198.180 38627 (BAIDUJP B...)
9 2607:f8b0:400... 15169 (GOOGLE)
5 162.247.241.14 23467 (NEWRELIC-...)
9 9 100.25.231.115 14618 (AMAZON-AES)
2 3.229.184.207 14618 (AMAZON-AES)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 104.18.11.47 13335 (CLOUDFLAR...)
4 192.229.173.16 15133 (EDGECAST)
2 54.69.60.90 16509 (AMAZON-02)
1 1 199.187.193.177 47043 (SMARTADSE...)
2 2 173.231.178.115 32475 (SINGLEHOP...)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 34.206.190.140 14618 (AMAZON-AES)
2 2 34.171.234.26 396982 (GOOGLE-CL...)
1 3 74.119.119.150 19750 (AS-CRITEO)
2 2 54.205.21.165 14618 (AMAZON-AES)
2 2 3.135.132.32 16509 (AMAZON-02)
2 2 69.166.1.12 27630 (AS-XFERNET)
1 2 51.222.39.187 16276 (OVH)
8 2606:2800:21f... 15133 (EDGECAST)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 54.209.96.54 14618 (AMAZON-AES)
1 107.21.227.211 14618 (AMAZON-AES)
1 54.171.62.25 16509 (AMAZON-02)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.70.216.151 16509 (AMAZON-02)
1 2 38.68.201.140 174 (COGENT-174)
635 126
Apex Domain
Subdomains
Transfer
112 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2859
ssc-cms.33across.com — Cisco Umbrella Rank: 1068
events-ssc.33across.com — Cisco Umbrella Rank: 2165
38 KB
68 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
ad.doubleclick.net — Cisco Umbrella Rank: 173
242 KB
57 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
token.rubiconproject.com — Cisco Umbrella Rank: 600
132 KB
47 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
11 KB
31 googlesyndication.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
283 KB
31 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
ads.pubmatic.com — Cisco Umbrella Rank: 514
image8.pubmatic.com — Cisco Umbrella Rank: 694
image2.pubmatic.com — Cisco Umbrella Rank: 958
image4.pubmatic.com — Cisco Umbrella Rank: 1104
image6.pubmatic.com — Cisco Umbrella Rank: 746
simage2.pubmatic.com — Cisco Umbrella Rank: 707
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
40 KB
28 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 972
x.bidswitch.net — Cisco Umbrella Rank: 324
12 KB
23 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1215
cdn.mediago.io — Cisco Umbrella Rank: 7038
10 KB
23 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1202
q.stripe.com — Cisco Umbrella Rank: 7069
r.stripe.com — Cisco Umbrella Rank: 4272
m.stripe.com — Cisco Umbrella Rank: 1158
339 KB
23 tmz.com
tmz.com — Cisco Umbrella Rank: 15877
www.tmz.com — Cisco Umbrella Rank: 19227
static.tmz.com — Cisco Umbrella Rank: 29768
imagez.tmz.com — Cisco Umbrella Rank: 25389
smetrics.tmz.com — Cisco Umbrella Rank: 28550
2 MB
22 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3126
33across-match.dotomi.com — Cisco Umbrella Rank: 3810
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3491
7 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
eb2.3lift.com — Cisco Umbrella Rank: 389
9 KB
22 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 916
syndication.twitter.com — Cisco Umbrella Rank: 1167
649 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1537
usersync.gumgum.com — Cisco Umbrella Rank: 1933
7 KB
20 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
73 KB
20 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3852
2 MB
18 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1722
26 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
dsum.casalemedia.com — Cisco Umbrella Rank: 1344
15 KB
15 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
geo.moatads.com — Cisco Umbrella Rank: 797
px.moatads.com — Cisco Umbrella Rank: 544
356 KB
14 versusgame.com
minigames.versusgame.com — Cisco Umbrella Rank: 40450
api.versusgame.com — Cisco Umbrella Rank: 46161
cdn.versusgame.com — Cisco Umbrella Rank: 43096
852 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
acdn.adnxs.com — Cisco Umbrella Rank: 611
29 KB
12 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2948
pbs.twimg.com — Cisco Umbrella Rank: 840
video.twimg.com — Cisco Umbrella Rank: 1390
406 KB
12 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 449
40 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
7 KB
11 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
6 KB
11 google.com
analytics.google.com — Cisco Umbrella Rank: 278
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 83
2 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
5 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 540
6 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
119 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
jnn-pa.googleapis.com — Cisco Umbrella Rank: 233
63 KB
8 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5433
fox.tagger.opecloud.com — Cisco Umbrella Rank: 8848
tagger.opecloud.com — Cisco Umbrella Rank: 4246
16 KB
8 megaphone.fm
playlist.megaphone.fm — Cisco Umbrella Rank: 23114
player.megaphone.fm — Cisco Umbrella Rank: 23339
714 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 562
4 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
dis.criteo.com — Cisco Umbrella Rank: 674
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
9 KB
7 openx.net
foxnews-d.openx.net — Cisco Umbrella Rank: 8683
us-u.openx.net — Cisco Umbrella Rank: 472
2 KB
7 ketchcdn.com
global.ketchcdn.com — Cisco Umbrella Rank: 5114
7 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
341 KB
6 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 2493
11 KB
6 atp.fox
prod.fennec.atp.fox — Cisco Umbrella Rank: 7932
prod.xid.atp.fox — Cisco Umbrella Rank: 7924
prod.pyxis.atp.fox — Cisco Umbrella Rank: 7665
194 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 220
fox.demdex.net — Cisco Umbrella Rank: 22965
foxnews.demdex.net — Cisco Umbrella Rank: 8893
8 KB
5 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 266
2 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1106
2 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5712
ads.yieldmo.com — Cisco Umbrella Rank: 661
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 6443
4 KB
5 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1174
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
1 KB
4 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1463
572 B
4 google.ca
www.google.ca — Cisco Umbrella Rank: 8406
adservice.google.ca — Cisco Umbrella Rank: 14240
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
271 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 471
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
match.360yield.com — Cisco Umbrella Rank: 2410
951 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 765
1023 B
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 548
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 967
api.btloader.com — Cisco Umbrella Rank: 1078
7 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
3 KB
3 ketchjs.com
cdn.ketchjs.com — Cisco Umbrella Rank: 5273
163 KB
3 fox.com
strike.fox.com — Cisco Umbrella Rank: 17024
268 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5066
965 B
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 8093
528 B
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3729
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
489 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 984
2 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2657
793 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1473
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1317
684 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1397
1011 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1183
69 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
701 B
2 cloudfront.net
d2cli4kgl5uxre.cloudfront.net
197 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
874 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 671
cdn.indexww.com — Cisco Umbrella Rank: 1563
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
57 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 776
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
833 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1098
594 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1433
4 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 974
1019 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 254
841 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1702
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
952 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1274
18 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
459 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1056
1 KB
2 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2386
crb.kargo.com — Cisco Umbrella Rank: 1659
1 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 762
140 B
2 foxnews.com
static.foxnews.com — Cisco Umbrella Rank: 6530
15 KB
2 imrworldwide.com
secure-us.imrworldwide.com — Cisco Umbrella Rank: 2252
1 KB
2 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1302
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
59 KB
2 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3222
cds.connatix.com — Cisco Umbrella Rank: 3314
276 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2520
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1625
425 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
594 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 881
352 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1781
424 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 991
310 B
1 popin.cc
imageaws.popin.cc — Cisco Umbrella Rank: 40855
107 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1076
660 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1220
641 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2379
586 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1080
830 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
83 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
2 KB
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 3548
175 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1096
191 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1696
351 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1560
665 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
600 B
1 fwmrm.net
7bd92.v.fwmrm.net — Cisco Umbrella Rank: 33402
411 B
1 imgix.net
megaphone.imgix.net — Cisco Umbrella Rank: 26927
48 KB
1 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 5026
211 B
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4458
40 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
635 117
Domain Requested by
55 ssc-cms.33across.com 55 redirects
46 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
40 cm.g.doubleclick.net 13 redirects sync-amz.ads.yieldmo.com
us-u.openx.net
eb2.3lift.com
rtb.gumgum.com
eus.rubiconproject.com
www.tmz.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
27 x.bidswitch.net 26 redirects www.tmz.com
24 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.tmz.com
22 eus.rubiconproject.com strike.fox.com
eus.rubiconproject.com
de.tynt.com
rtb.gumgum.com
22 c2shb.pubgw.yahoo.com strike.fox.com
21 eb2.3lift.com 12 redirects strike.fox.com
eb2.3lift.com
www.tmz.com
20 trace.mediago.io 2 redirects www.tmz.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
20 www.youtube-nocookie.com www.youtube.com
www.youtube-nocookie.com
20 platform.twitter.com static.tmz.com
platform.twitter.com
18 33across-match.dotomi.com 18 redirects
18 de.tynt.com 9 redirects strike.fox.com
18 tpc.googlesyndication.com scripts.webcontentassessor.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
15 s.amazon-adsystem.com 2 redirects scripts.webcontentassessor.com
s.amazon-adsystem.com
rtb.gumgum.com
match.sharethrough.com
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
us-u.openx.net
eus.rubiconproject.com
ads.pubmatic.com
15 ups.analytics.yahoo.com 15 redirects
12 js-agent.newrelic.com playlist.megaphone.fm
12 match.adsrvr.org 12 redirects
11 sync.mathtag.com 11 redirects
11 ssc.33across.com strike.fox.com
11 fastlane.rubiconproject.com strike.fox.com
11 imagez.tmz.com www.tmz.com
10 simage2.pubmatic.com 1 redirects ads.pubmatic.com
www.tmz.com
10 px.moatads.com www.tmz.com
10 secure-assets.rubiconproject.com 10 redirects
10 pr-bh.ybp.yahoo.com 6 redirects us-u.openx.net
ssum-sec.casalemedia.com
www.tmz.com
10 r.stripe.com js.stripe.com
10 minigames.versusgame.com www.tmz.com
minigames.versusgame.com
9 match.prod.bidr.io 9 redirects
9 pagead2.googlesyndication.com 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 video.twimg.com platform.twitter.com
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
www.tmz.com
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 jnn-pa.googleapis.com www.youtube-nocookie.com
8 www.google.com www.tmz.com
scripts.webcontentassessor.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
8 js.stripe.com minigames.versusgame.com
js.stripe.com
7 b1sync.zemanta.com 7 redirects
7 ib.adnxs.com 4 redirects strike.fox.com
acdn.adnxs.com
7 playlist.megaphone.fm www.tmz.com
playlist.megaphone.fm
7 global.ketchcdn.com www.tmz.com
cdn.ketchjs.com
7 www.googletagservices.com www.tmz.com
scripts.webcontentassessor.com
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
7 static.tmz.com www.tmz.com
static.tmz.com
6 cdn.krxd.net z.moatads.com
scripts.webcontentassessor.com
6 us-u.openx.net 1 redirects strike.fox.com
us-u.openx.net
5 bam.nr-data.net playlist.megaphone.fm
5 rtb.mfadsrvr.com 5 redirects
5 secure.adnxs.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
js-sec.indexww.com
5 fox.tagger.opecloud.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
www.youtube-nocookie.com
4 token.rubiconproject.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 dsum.casalemedia.com ssum-sec.casalemedia.com
4 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
scripts.webcontentassessor.com
4 www.gstatic.com www.youtube-nocookie.com
www.gstatic.com
4 q.stripe.com www.tmz.com
4 api2.amplitude.com minigames.versusgame.com
4 www.googletagmanager.com www.tmz.com
www.googletagmanager.com
3 pbs.twimg.com www.tmz.com
platform.twitter.com
3 dis.criteo.com 1 redirects 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
3 pixel.tapad.com 2 redirects www.tmz.com
3 cdn.mediago.io 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
3 image8.pubmatic.com 3 redirects
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 ads.pubmatic.com strike.fox.com
rtb.gumgum.com
www.tmz.com
3 z.moatads.com scripts.webcontentassessor.com
3 p.rfihub.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 sync.outbrain.com 3 redirects
3 stags.bluekai.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 sync.1rx.io 3 redirects
3 c.amazon-adsystem.com strike.fox.com
c.amazon-adsystem.com
3 dpm.demdex.net 1 redirects www.tmz.com
3 www.google.ca www.tmz.com
3 sb.scorecardresearch.com 1 redirects www.tmz.com
3 cdn.ketchjs.com global.ketchcdn.com
3 strike.fox.com www.tmz.com
strike.fox.com
2 pmp.mxptint.net 1 redirects
2 a.usbrowserspeed.com 2 redirects
2 a.clickcertain.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 gum.criteo.com 1 redirects scripts.webcontentassessor.com
2 onetag-sys.com 1 redirects www.tmz.com
2 sync.go.sonobi.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 um.simpli.fi 2 redirects
2 thrtle.com 1 redirects www.tmz.com
2 cm.adgrx.com 2 redirects
2 foxnews.demdex.net www.tmz.com
2 rtb.adentifi.com ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 geo.moatads.com z.moatads.com
2 d2cli4kgl5uxre.cloudfront.net 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
2 px.ads.linkedin.com eb2.3lift.com
eus.rubiconproject.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 image4.pubmatic.com 1 redirects www.tmz.com
2 static.criteo.net strike.fox.com
static.criteo.net
2 casale-match.dotomi.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 c.bing.com rtb.gumgum.com
eb2.3lift.com
2 bh.contextweb.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 prod.pyxis.atp.fox prod.fennec.atp.fox
2 ad.turn.com 2 redirects
2 api.btloader.com c.aaxads.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 prod.xid.atp.fox prod.fennec.atp.fox
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 ad-delivery.net www.tmz.com
2 tagger.opecloud.com 2 redirects
2 sessions.bugsnag.com playlist.megaphone.fm
2 cdn.versusgame.com minigames.versusgame.com
2 prod.fennec.atp.fox strike.fox.com
prod.fennec.atp.fox
2 api.versusgame.com minigames.versusgame.com
2 syndication.twitter.com platform.twitter.com
www.tmz.com
2 smetrics.tmz.com www.tmz.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 static.foxnews.com strike.fox.com
2 secure-us.imrworldwide.com 1 redirects www.tmz.com
2 www.instagram.com 1 redirects www.tmz.com
2 www.youtube.com static.tmz.com
www.youtube.com
2 analytics.google.com www.googletagmanager.com
2 www.tmz.com static.tmz.com
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 cms.quantserve.com 1 redirects
1 mug.criteo.com
1 match.360yield.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cdn.syndication.twimg.com platform.twitter.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 s.company-target.com 1 redirects
1 sync.taboola.com 1 redirects
1 imageaws.popin.cc 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 cs.admanmedia.com 1 redirects
1 odr.mookie1.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 tg.socdm.com 1 redirects
1 i.ytimg.com www.tmz.com
1 yt3.ggpht.com www.tmz.com
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 cs.iqzone.com rtb.gumgum.com
1 sync.adkernel.com rtb.gumgum.com
1 js-sec.indexww.com strike.fox.com
1 acdn.adnxs.com strike.fox.com
1 m.stripe.com m.stripe.network
1 dmp.brand-display.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 adservice.google.com scripts.webcontentassessor.com
1 adservice.google.ca scripts.webcontentassessor.com
1 cs.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.doubleclick.net www.tmz.com
1 bidder.criteo.com strike.fox.com
1 foxnews-d.openx.net strike.fox.com
1 grid.bidswitch.net strike.fox.com
1 tlx.3lift.com strike.fox.com
1 htlb.casalemedia.com strike.fox.com
1 krk.kargo.com strike.fox.com
1 hbopenbid.pubmatic.com strike.fox.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 7bd92.v.fwmrm.net www.tmz.com
1 megaphone.imgix.net playlist.megaphone.fm
1 player.megaphone.fm playlist.megaphone.fm
1 btloader.com www.tmz.com
1 c.aaxads.com 1 redirects
1 scripts.webcontentassessor.com strike.fox.com
1 cdn.opecloud.com strike.fox.com
1 cm.everesttech.net 1 redirects
1 fox.demdex.net www.tmz.com
1 fonts.googleapis.com minigames.versusgame.com
1 cds.connatix.com www.tmz.com
1 cd.connatix.com 1 redirects
1 www.google-analytics.com www.tmz.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 tmz.com 1 redirects
0 api.rlcdn.com Failed strike.fox.com
635 192
Subject Issuer Validity Valid
tmz.com
Amazon ECDSA 256 M02
2022-12-07 -
2024-01-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
strike.fox.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2024-01-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
global.ketchcdn.com
R3
2023-04-06 -
2023-07-05
3 months crt.sh
*.tmz.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
cdn.ketchjs.com
R3
2023-04-27 -
2023-07-26
3 months crt.sh
minigames.versusgame.com
Amazon RSA 2048 M01
2022-11-21 -
2023-12-20
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-06 -
2023-11-06
a year crt.sh
*.google.ca
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
wildcard.foxnews.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-15 -
2024-05-15
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
smetrics.tmz.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-13 -
2023-09-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.megaphone.fm
Sectigo RSA Domain Validation Secure Server CA
2022-05-31 -
2023-05-31
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-31 -
2024-01-30
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-05-12 -
2023-08-13
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
versusgame.com
Amazon RSA 2048 M02
2023-03-24 -
2024-04-21
a year crt.sh
prod.fennec.atp.fox
Amazon RSA 2048 M01
2022-11-18 -
2023-12-17
a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02
2023-02-23 -
2024-02-13
a year crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-05-08 -
2024-06-08
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
cdn.versusgame.com
Amazon RSA 2048 M02
2023-03-01 -
2023-08-19
6 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-04-12
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2023-01-23 -
2024-02-14
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-14 -
2023-06-13
4 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1
2023-03-05 -
2024-04-05
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-12-27 -
2023-06-21
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02
2023-02-21 -
2024-01-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-22 -
2023-06-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
ssc.33across.com
GTS CA 1D4
2023-05-05 -
2023-08-03
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
prod.xid.atp.fox
Amazon RSA 2048 M01
2022-11-21 -
2023-12-20
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-04-14 -
2023-07-13
3 months crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-17 -
2023-08-05
6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-03-01 -
2023-08-12
5 months crt.sh
prod.pyxis.atp.fox
Amazon RSA 2048 M01
2022-12-08 -
2024-01-06
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-03-26 -
2024-04-23
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-28 -
2023-07-26
4 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-07 -
2023-09-30
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2
2023-04-05 -
2024-05-06
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-09
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-03-07 -
2023-09-07
6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
*.mediago.io
GlobalSign GCC R3 DV TLS CA 2020
2023-01-13 -
2024-02-11
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-09
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3
2022-09-23 -
2023-10-24
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
adentifi.com
Amazon RSA 2048 M02
2023-02-22 -
2023-09-03
6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-02-09 -
2024-02-13
a year crt.sh

This page contains 80 frames:

Primary Page: https://www.tmz.com/
Frame ID: 58177CF159ED8449E39BFA6638BF072C
Requests: 173 HTTP requests in this frame

Frame: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Frame ID: 54533D7B7246FF8751BEAA2921651790
Requests: 19 HTTP requests in this frame

Frame: https://cds.connatix.com/p/269882/connatix.playspace.js?tier=1
Frame ID: 5FA5A9DFD4FA81E71BC18C30D5369994
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tmz.com
Frame ID: C4F6746E39DBF201A4C5431D502F0969
Requests: 2 HTTP requests in this frame

Frame: https://fox.demdex.net/dest5.html?d_nsid=0
Frame ID: 1E306254DCB75B2DECE581A36C22999E
Requests: 1 HTTP requests in this frame

Frame: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Frame ID: 0C684BFE2121E8B5995E5626AC4A2912
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Frame ID: E6F65AF6F31630EB9B3E16EB4940E72B
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Frame ID: 136877ED004A55B77786E00767AEA7F8
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
Frame ID: 31ED235BFBA67055591A0F158249029B
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: 2268FA7E708A03C3EF81F55FC10386AD
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 3EAFAF5C8204780E6F4FFA7A0B8C8BAE
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Frame ID: A12DA2A4AD4DEBA0EAB72793A5E4A992
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 89C0A131ED2F71A39FAEB457C026FFF7
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 2BE939F926A60B643B5AA04216A6C794
Requests: 3 HTTP requests in this frame

Frame: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6C694D990842620B88FC36848A203596
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 65F5E9E522D35A2CC6FD2A3614F4B02F
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 94C07F1DFE39C85270AFF285F3A86A14
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: CBCDFF7E558D1EE82CCB3B37D8D911E6
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 22B26DB275FD6D30E92E6FA4163394AA
Requests: 7 HTTP requests in this frame

Frame: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD327ED6B490F78B3A47EC7545F314C6
Requests: 19 HTTP requests in this frame

Frame: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CA0509F107101A6D50225F33C3A71B2
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstma5F3pyQ339VRzeRXU4U0_piUTze42sg_7K9pi0vJwRbLqf-Aj1rK5qIYq1MrVWMXf3xPCzWLNaawKeRZ5neIPi8Ay0_q9EIe56Qtnu1vJXzTer-qWeOUnkH6Go8mCvn_euzn2FF-_oOkoJaP24szAvojILJFWVljJjR2O2_F76_9VCOcMOTAKILr9tYLHZM0xZKwh3H_n2Xk6WSM5p3RBzJ-5NwiMwwjoP5N-Ye7sy_oNz7OdKpvAUKYsy4whY_8ankEQY5IV4m6NH9NpRG6SnAPrSrQMi8LNYvNdpJYgeqHnmpZGpIMvzTQzjk&sai=AMfl-YSYIBSJbJ1Fxnwb5wEgc7EfNUloGxHIgteyg498DQb0eeQxsafl819WtDStR-3i8Q2tao3gn3uYddx0gS5tVJ9LMSAZrPKJxfcEiNAdOTGR7_8hHzqzRuOE4HCEzvJm3d8sJ2G1CVxJRU3ndkEVyH0&sig=Cg0ArKJSzAq9XkiNIR5-EAE&uach_m=[UACH]&adurl=
Frame ID: 9B254F3E613E3EBD8ABE7489C4BAF234
Requests: 10 HTTP requests in this frame

Frame: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7DE644DBF878C0B05DB0750F9BEABA38
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1sbHREZmdsRTJ1THBCQkxsZ2pJYlBJamp3T09VanhiQX5B
Frame ID: 97F2C8A55495F5378DF793580C07FC0F
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Frame ID: A12AA998901499359CE9B2E6B75DE8C2
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 08A81D0FBF95B018B6893A29052E9174
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Frame ID: 9F01B0BA60FB178A18201C7359F85CA5
Requests: 13 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: F382B2BB623A0B0BF6D97B4C7C0D6AD4
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 18BD914485A5D7687774D84087F4DFF1
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 6ABCC1B6AB46A9358C176A26D1F15859
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 54917FE3BFA2AB88DD90E8A2A17B51F8
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 3A596793354A06D704D6359AC86C0DF6
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 11A26CD3B07E1C8C60D835FE1943DE77
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6326C28E7FF3ACD7E6F94FAA809B5393
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 0CD9D7EB9EBFCD382E279036F88CB447
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 800772E2F9A144A81EE5028E5E41CD7E
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 4AEF8A6FD7511300FF46D3691C50BFED
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 60F1A0235B106AAC85B27A1BAB1CDB91
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: D43455F6DB1D90264B6463BF1A10E04B
Requests: 6 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 12E7B085D53048CAF8088C0358A26909
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: AACC5F96A6DF61492FCF0D03E2042316
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUmNW5GNrOjTLsrbbSUaluNhokfpobSE-XbsfsSmwDZHJJ0Qcofh3vxtiRKwXAoSPFMzs4icczqo76xwDA5mdTtn32ddkt1IOXeqOC06FJxQ8buePo-svYwystxzoBVROFM6T-vh8fmfgp3C9lghPQiLndds_wI7ZxTwwTw1hEb_v7JRmib2CZisCRv_2CvULuArPGpAMkhPSOj_51YBv75sPsBDBLD7m3srqwOkajMJ8k1245buCHrvvHcZ4fW1o1eIdOcWd4bge_aTSROf9Y6Ux9mhxeITgge8DCJz8DGT9ULoYWAA3ypXwkBdo&sai=AMfl-YS5rC_BKhY9T3kTkIFcwgW9dTBf4OiWfl_k7AsOzuPWOAfPa3tFL5V7fvKOOD39HmHq99-q36gXuSi_N9yXWtwly_2mgSpOcf9_80NHGWzVezzLmRVgBcdvkBanZjo_HOjkkSqGfkail1ErhdABdQ&sig=Cg0ArKJSzORvsWC4j_awEAE&uach_m=[UACH]&adurl=
Frame ID: 41F7C0BDD481EC765E1782461318D41E
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 8C6C55818BAAB3748B6EB1C93A45EA2B
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=2d909864-2418-4a60-9ec8-c961d3e14a63
Frame ID: 87AEB450A9DF8F9A17906ECEA666BE8A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=&gdpr_consent=
Frame ID: 7BC8C863E86C1122EE78B37C74CA26BF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFf7fj7S4U67yHQ0oIA8OwFHZlkv3W_bnIwdDWvYGlc50FZayBdgfq8PW_WW7PH4l_V0e_6r2DxBE2gHbEzk_jV6rxMw0v6posbFDPguiZWBnIFb2-OKFx507zpDqfpc3OkndQbfyE0pL79tpDTP2m4O4dqgOnt_jizDP0WNuqseeT6hPrTLMiioNpcBO5qeaiQRjflMK9nxH9k3BX10XrT0SdA7vLzNpJm7wiWtNLmwbvRbYywC377fXdTFOqCX8uqoUe0Y-gJgW4flL8j9TiXBNtx4954JoGxA4WeRjmC6KUxcuR_OQ07lNz17g&sai=AMfl-YQrjyS8q1Tc0lhaH3r8FxTnnCsKjwU4rgTAd99U87_qadyQFaE8wZXSSbmdrI8spoN5tYzAWxu8J0q2htHsr7aLGG16zlJhT4qKd9OpQrkDl51ukD0xSENchjoc0mdBwM9hd1WijfPpB2yyIgwZjQ&sig=Cg0ArKJSzDRh3DwDJG4EEAE&uach_m=[UACH]&adurl=
Frame ID: 0D6CE60FAE119FCC83AFFA0D27C5AE0F
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZGStAwAAAHemOANP&gdpr=&gdpr_consent=
Frame ID: 06BA1FF93977A07FF7417B8FAE890279
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9mZGUyZTM1Yi1kMWU4LTQ4NTctYTkzNS04ZGUxMmJkM2IwODY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 530B95247106532BCBD00A38D898B396
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZGStDsCo8XYAAPDDDTUAAAAA
Frame ID: 03461D29185AA234B95C5A4601A42539
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 8C608137698CAC2814373A36B3797922
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 7267992F044E1822EAFC35E226300733
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 8A38E87A33F7848A688017BAE0F16C14
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 28E6B531EDE0A4A0482891CDCDE867DC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 06D1F563FEDB489458EACD25999E5C6B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: FA63B6D9AF97061285FC5BF49868B8B5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: CF1375414CB4BB7182066FCD724BE14D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 2FA6CADE22C45A7A7BA5885B73DD91F0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: D7DB7A3901C3B20C0628F857825C6F2B
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=e342b450-66b4-41f0-b1ca-6c8829ec479b
Frame ID: CD83E6653B81294541910B0F47CB6F5D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: E4ECAD3A1F69474926C4DCB4FA8FAF3A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=esAM4jFeGNWGRUSs7Kls&pi=gumgum&tc=1
Frame ID: 42A961C42979ADE8F7D261F9461A9943
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C6A42F0351EE6A55970A0CE5A3F1C14B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6663B462D404858BBB71F012E4A9AD46
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B47DCD29837098E6F35D2C302B167E17
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C019E78F75BD9DF754F8FA1F9CF03605
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 283C621EC55DDC5346497B72E5D5D0DA
Requests: 9 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 1430B6B499078ED0A86D6F109C511AB3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625787502750739
Frame ID: 02F50CFAEDCF1F027559C06ECDC13B22
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C429709A-AE22-4304-9627-F4BC0246331D&redir=true&gdpr=0&gdpr_consent=
Frame ID: D757583B39EE2E4D2BFF10DEA400F175
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESDE7IyVoAACBaUprklg&gdpr=0&gdpr_consent=
Frame ID: C9DEA9B704F7CD826DD657984F8BC924
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
Frame ID: F3EB1487EDFE5AF834F71F42D419C988
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=057fa382-f49e-11ed-af2f-ea49dfcb416c
Frame ID: 4F55E0887D94CC709F8192AB50827E53
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tmz.com
Frame ID: 1E638F840B1CC5DA6A2A688EC9319024
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E00392193547AE9B83BCA87DBAB8D29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AADEBEC59278CBF97E770E81F8338EC5
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2768803346163236077&gdpr=0&gdpr_consent=
Frame ID: E23829A56F1908255D4A094518028636
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
Frame ID: 7798037BD5A451D0F63F3E03A73DA581
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ec5053115f584c5fb6100
Frame ID: B5E64D872C9985AEB24443831C3C5F99
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: FBF4B2D1400F787BC12D98191EC4780E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C429709A-AE22-4304-9627-F4BC0246331D
Frame ID: A927C66C0F4D4207B791B78C7DDE1607
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

TMZFacebookTwitterYoutubeInstagramTMZSearchTurn on browser notificationsYou have notifications blockedGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGalleryGallery

Page URL History Show full URLs

  1. http://tmz.com/ HTTP 301
    https://www.tmz.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

635
Requests

78 %
HTTPS

28 %
IPv6

117
Domains

192
Subdomains

126
IPs

9
Countries

10780 kB
Transfer

28234 kB
Size

191
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tmz.com/ HTTP 301
    https://www.tmz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/269882/connatix.playspace.js?tier=1
Request Chain 48
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
Request Chain 53
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766&ja=1
Request Chain 61
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265
Request Chain 64
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9=
Request Chain 72
  • https://cm.everesttech.net/cm/dd?d_uuid=19187662051573948914210813287748594420 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGStAwAAAHemOANP
Request Chain 113
  • https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?o=5735828726743040&upapi=true
Request Chain 149
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?url=https%3A%2F%2Fwww.tmz.com%2F&ref=&tref=&tz=0&screen=1600x1200x24&cmpstatus=notrequired&e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&fpid=4de412b7-c8d3-4f1f-b536-e4ecd77fc2cf HTTP 302
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&tref=&url=https%3A%2F%2Fwww.tmz.com%2F&tz=0&trackability-redirect=true&ref=&fpid=4de412b7-c8d3-4f1f-b536-e4ecd77fc2cf&screen=1600x1200x24&cmpstatus=notrequired HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_hm=MmFjMGUyMTItNTczZS0zNTRjLTkzNjYtZDYzZmY3NzZjNmFi&google_redir=https%3A%2F%2Ffox.tagger.opecloud.com%2Fdbmhm%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-uZMNWWC2o44X2yB%252Bt1xwiZMb3WCSWy0VmjXwSEw%253D&puid=2ac0e212-573e-354c-9366-d63ff776c6ab HTTP 302
  • https://fox.tagger.opecloud.com/dbmhm/pbfs.gif?source=fox&state=2-uZMNWWC2o44X2yB%2Bt1xwiZMb3WCSWy0VmjXwSEw%3D&puid=2ac0e212-573e-354c-9366-d63ff776c6ab HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%253D%26source%3Dfox&puid=%25%25TDID%25%25 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%253D%26source%3Dfox&puid=%25%25TDID%25%25 HTTP 302
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=2d909864-2418-4a60-9ec8-c961d3e14a63&state=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%3D&source=fox HTTP 302
  • https://fox.tagger.opecloud.com/tradedesk/pbfs.gif?puid=2d909864-2418-4a60-9ec8-c961d3e14a63&state=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%3D&source=fox HTTP 302
  • https://ups.analytics.yahoo.com/ups/58723/cms?partner_id=ONEPX&gdpr=false&state=2-e%252FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%252FtWs%253D&source=fox HTTP 302
  • https://tagger.opecloud.com/yahoo/pbfs.gif?yahoo_id=y-aF7fBJlE2p.rs_THe9PPaQ51NyxsPF403ww-~A&gdpr=0&source=fox&state=2-e%2FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%2FtWs%3D HTTP 302
  • https://fox.tagger.opecloud.com/yahoo/pbfs.gif?yahoo_id=y-aF7fBJlE2p.rs_THe9PPaQ51NyxsPF403ww-~A&gdpr=0&source=fox&state=2-e%2FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%2FtWs%3D HTTP 302
  • https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-AmCMXl40bkLkuKR0TdBplx%252FIoD4K0033KigZ6jY%253D%26puid%3D%23%7Buser.id%7D
Request Chain 224
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Request Chain 249
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1684319497939 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=340716730 HTTP 302
  • https://sync.1rx.io/usersync/turn/7773351280725958108?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005
Request Chain 250
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273210971454852000V10
Request Chain 272
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 277
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2768803346163236077
Request Chain 278
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2da9d31c-026b-5289-b8aa-17d9dccebad4&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 279
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4dc4839d-c658-578e-70ac-1dd3650e544d$ip$149.56.153.180
Request Chain 280
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBEE6TGLFGDQQ2DNBBDKVTLIR3UCNKNLE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBEE6TGLFGDQQ2DNBBDKVTLIR3UCNKNLE HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=BBzfYL8CChB5VkDwA5MY
Request Chain 281
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=uKJJ4yyMvqXI&ev=1&pid=558355
Request Chain 282
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fSf3QD8JiKI5LQB5JSA9XICagk_XfYDQGGILNItZZx4Hl_idINsAmEprhejWD2tm%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28fSf3QD8JiKI5LQB5JSA9XICagk_XfYDQGGILNItZZx4Hl_idINsAmEprhejWD2tm%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&obuid=ENC(fSf3QD8JiKI5LQB5JSA9XICagk_XfYDQGGILNItZZx4Hl_idINsAmEprhejWD2tm) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Request Chain 283
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=bfe0eb02-8959-051c-1500-f2197414a8a9
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-27Ho2LZE2peYArp3LtAuJWyIOpip2ux1T153~A
Request Chain 285
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=0d06390d-c3cf-4217-afc3-9de254b71b0f
Request Chain 286
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Request Chain 288
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=99fa6124-c2d7-4941-bfb0-9e715c45c9ad
Request Chain 289
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2248550271948191650
Request Chain 292
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHRKCA12-D-DA9B&gdpr=0
Request Chain 293
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2768803346163236077
Request Chain 294
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2QSCPJTFSTBYINBWQQRVKZVUI52BGVGVS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2QSCPJTFSTBYINBWQQRVKZVUI52BGVGVS HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=BBzfYL8CChB5VkDwA5MY
Request Chain 295
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKmA0Kk_S5CxWybu_YNY4bY&google_cver=1
Request Chain 297
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expiration=1686911499&gdpr=0&gdpr_consent=
Request Chain 299
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGStCqTjy5FfWw6nXPYvfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIICL6zwFoG4ipjI5K6AW-U&google_cver=1
Request Chain 300
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2768803346163236077
Request Chain 301
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=63038ceb-6793-83ba-5b73f849
Request Chain 302
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=14682feb2c950534&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAB2T8arRypEwN12JurAAAAAAA&expiration=1684405901&is_secure=true
Request Chain 303
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625787502750739
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1sbHREZmdsRTJ1THBCQkxsZ2pJYlBJamp3T09VanhiQX5B
Request Chain 329
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 331
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 333
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 334
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 336
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 338
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 339
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 340
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 341
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 342
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g61a31454be8ab0bb78e HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=2d909864-2418-4a60-9ec8-c961d3e14a63
Request Chain 349
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyOTcwOUEtQUUyMi00MzA0LTk2MjctRjRCQzAyNDYzMzFE&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC429709A-AE22-4304-9627-F4BC0246331D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Request Chain 350
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=2768803346163236077&pn_id=an
Request Chain 351
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LHRKCA12-D-DA9B
Request Chain 356
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGStAwAAAHemOANP
Request Chain 359
  • https://match.adsrvr.org/track/cmf/openx?oxid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOR41eXqk6aibKotVtgPKqQ&google_cver=1
Request Chain 370
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=2d909864-2418-4a60-9ec8-c961d3e14a63
Request Chain 371
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=&gdpr_consent=
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2d909864-2418-4a60-9ec8-c961d3e14a63&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 374
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKJ5cGoR9-mN0Pk52Z8bmJA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 376
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=675502416478013597641&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=triplelift&gdpr=0 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1d7de830-109e-4a27-a34e-b84b8c56fe0b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 380
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/675502416478013597641?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-wEcUBn1E2oTnni2aD8wqZrvKbOKNfPvoqhCOmGHK6w--~A&dongle=0883
Request Chain 381
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJBHUZSZJQ4EGQ3III2VM22EO5ATKTKZ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJBHUZSZJQ4EGQ3III2VM22EO5ATKTKZ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BBzfYL8CChB5VkDwA5MY
Request Chain 382
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2768803346163236077&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 419
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGStAwAAAHemOANP&gdpr=&gdpr_consent=
Request Chain 421
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGStDsCo8XYAAPDDDTUAAAAA
Request Chain 422
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 423
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=the33across&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1---&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 424
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500517.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 426
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=77d430de3e6e1a08&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl1ANE0JIRAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1ANE0JIRAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 427
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 428
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 429
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625787502750739&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 430
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500517.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 431
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 432
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=45aa2714cd040534&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABpsxHilBfqAMp3K1TAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfqAMp3K1TAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 433
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 434
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 435
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TcSDncZYV45wrB3TZQ5UTZU4mbQ&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 436
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 437
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=11bdf70db7da0534&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl1gMUvt6oAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1gMUvt6oAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 438
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 439
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 440
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 442
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 443
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 444
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4b1e7ede3ca51a08&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACAFOLwWctLQMlKCmEAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctLQMlKCmEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 445
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 446
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 447
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TcSDncZYV45wrB3TZQ5UTZU4mbQ&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 448
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 449
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=62d8246e9e141a08&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB2T8arRypKwMxC30RAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8arRypKwMxC30RAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 450
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 451
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500520.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 452
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 453
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3D1d7de830-109e-4a27-a34e-b84b8c56fe0b%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79365997055a4b3e9c451f56caf64d4b&ssp=the33across&bsw_param=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 454
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500520.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 455
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 456
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=11878d02f55605a2&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACAFOLwWctMgNQ3YwnAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctMgNQ3YwnAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 457
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 458
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 459
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 460
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 461
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 462
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=45104b45211b04a6&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl2QMHjICEAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2QMHjICEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 463
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 464
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=the33across&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1---&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 466
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 467
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 468
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=64a5b7ca285805a2&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABpsxHilBfrAM5urK0AAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfrAM5urK0AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 469
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 470
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 471
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10599080989859845205&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 472
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 473
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=316aa0dfcbe21a08&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl2gM-zWD2AAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2gM-zWD2AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 474
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 475
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500555.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Request Chain 477
  • https://cs.admanmedia.com/sync/gumgum?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=e342b450-66b4-41f0-b1ca-6c8829ec479b
Request Chain 495
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=esAM4jFeGNWGRUSs7Kls&pi=gumgum&tc=1
Request Chain 496
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 499
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RNWFok9QSxyH76tc4FlVUw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RNWFok9QSxyH76tc4FlVUw
Request Chain 500
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhSS0NBMTItRC1EQTlC&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWycZ8ZxyVUGotTF37vHCc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=
Request Chain 501
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJLaDDxiyGGKAOAZdziqSD0&google_cver=1
Request Chain 502
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YYxUrguAPLpcGfLmve7V5Q?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oYG28oFE2oKddIqUaSiavErt7A2Aqv7LKPlqyw--~A
Request Chain 503
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHRKCA12-D-DA9B&us_privacy=1---
Request Chain 504
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzIyYjgyNjAyZTQyNzkwNzlmMDZhMGI4NDNkMzMxOGYwNzJkYzIyOA&us_privacy=1---
Request Chain 505
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=&expires=30
Request Chain 517
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2768803346163236077
Request Chain 519
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
Request Chain 520
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAESDE7IyVoAACBaUprklg&expiration=1685529105
Request Chain 522
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGStCqTjy5FfWw6nXPYvfwAA%26044&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3ab11f22-a2d0-4fb2-ad84-7d99fae7fc11-tuctb5e3290
Request Chain 523
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700217104&external_user_id=25bd24ee-d3c6-4448-9d53-2ea0d5cbf1c3
Request Chain 524
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=845fe41f-9da7-4443-86f2-ca777bb1dddc
Request Chain 526
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LHRKCA12-D-DA9B HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LHRKCA12-D-DA9B&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LHRKCA12-D-DA9B&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 543
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625787502750739
Request Chain 545
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFU0RFN0l5Vm9BQUNCYVVwcmtsZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAESDE7IyVoAACBaUprklg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAESDE7IyVoAACBaUprklg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2248550271948191650&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAESDE7IyVoAACBaUprklg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248550271948191650%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2248550271948191650&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAESDE7IyVoAACBaUprklg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESDE7IyVoAACBaUprklg&gdpr=0&gdpr_consent=
Request Chain 546
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
Request Chain 547
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=057fa382-f49e-11ed-af2f-ea49dfcb416c
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xClwmq4iQwSWJ_S8AkYzHQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 549
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C429709A-AE22-4304-9627-F4BC0246331D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C429709A-AE22-4304-9627-F4BC0246331D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%2C%2C
Request Chain 551
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ac7c2029-7792-440a-9fd2-ac1e4c3975c5
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDtkwlN1FicPwlSbHVqqS5M&google_cver=1
Request Chain 553
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:26D4858F38B64E928F9E607F1CDB92C6
Request Chain 554
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7773351280725958108&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 555
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=
Request Chain 556
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C429709A-AE22-4304-9627-F4BC0246331D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CNNjmXxE2uX0KBGv6gqKJ1avtvPcAdk-~A&gdpr=0
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDP6YW1ytGq3EtpV54_Pa_k&google_cver=1&google_push=ATf1kGO9UQYfcS-sat9qtOQQASKtksx4i9AKqPP1_dGz4yLUS1mIU1h5dtbq6Trn4m5mqYYa_wKXQevttQ9gDp_ewy8YLvUssKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdTdEF3QUFBSGVtT0FOUA==&google_gid=CAESEDP6YW1ytGq3EtpV54_Pa_k&google_cver=1&google_push=ATf1kGO9UQYfcS-sat9qtOQQASKtksx4i9AKqPP1_dGz4yLUS1mIU1h5dtbq6Trn4m5mqYYa_wKXQevttQ9gDp_ewy8YLvUssKI
Request Chain 567
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRntBMblLFbbhbN7diAkOA&google_cver=1&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3PdIj0VADmvK0r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26D4858F38B64E928F9E607F1CDB92C6&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3PdIj0VADmvK0r
Request Chain 568
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4fegL1Kg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4fegL1Kg&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Request Chain 570
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJUJAQEpkzOTkwndylhFKRU&google_cver=1&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0EbQuF7fSZrSG6WYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0EbQuF7fSZrSG6WYw
Request Chain 571
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKSnspD0JDAD-6gxtvSdqug&google_cver=1&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9jt_2FA HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKSnspD0JDAD-6gxtvSdqug&google_cver=1&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9jt_2FA&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MmU5YjVkN2NjZTgwMzUzZQ&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9jt_2FA
Request Chain 572
  • https://trace.mediago.io/cs/google?google_gid=CAESEAybDft5DEAKDEFiE3vWZNU&google_cver=1&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp7HvDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp7HvDQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
Request Chain 575
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LHRKCA12-D-DA9B HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LHRKCA12-D-DA9B
Request Chain 576
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnIksQb2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnIksQb2&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Request Chain 577
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWycZ8ZxyVUGotTF37vHCc&google_cver=1&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86r2Bp-uTqNxa-3yaD8kvUxXqfi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86r2Bp-uTqNxa-3yaD8kvUxXqfi
Request Chain 578
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJjvqT2DqibVTiG2PiXa%26google_hm%3D%5BUID%5D&google_gid=CAESEBJi-ana1ud3hTBKadzibXs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJjvqT2DqibVTiG2PiXa&google_hm=b9ae10b0-6be5-44ab-9130-94d45094e9f1
Request Chain 579
  • https://match.360yield.com/match/ebda?google_gid=CAESEAcdkyVFH5euM0VzHNdkTyw&google_cver=1&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu3jZb_lJTC0LE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mfphJMLXSUG_sJ5xXEXJrQ&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu3jZb_lJTC0LE
Request Chain 580
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAUL9CntcqnjZ6OZw37WYSI&google_cver=1&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJNVCnnruv9H3Abv1Vl3VE7_bD3C6BtN6aAQxbT60I1mNpYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iVDU0ZzVSRTJ1SDFjd2xyc25HZS5XTm5XZ09mUnRRY35B&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJNVCnnruv9H3Abv1Vl3VE7_bD3C6BtN6aAQxbT60I1mNpYg
Request Chain 581
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDfNftSkyxkqSuqvel_R5SQ&google_cver=1&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMjZgF9L3T3qdFXW8OHx_OGkn1Fw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMjZgF9L3T3qdFXW8OHx_OGkn1Fw&google_hm=QkJ6ZllMOENDaEI1VmtEd0E1TVk=
Request Chain 582
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ1htOrLzvKw0zvH3DxuNNQ54KhsqjZqORatEZxaOLz63PoLZzXd5bbUuMUVDgq-IRTk1NMvdW8mhb5uEX3BZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjc2ODgwMzM0NjE2MzIzNjA3Nw%3D%3D&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ1htOrLzvKw0zvH3DxuNNQ54KhsqjZqORatEZxaOLz63PoLZzXd5bbUuMUVDgq-IRTk1NMvdW8mhb5uEX3BZ
Request Chain 584
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0joPaaahgIUEiE7mDc8Yg&google_cver=1&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX&google_hm=HX3oMBCeSiejTrhLjFb-Cw==
Request Chain 585
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS74BM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS74BM&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Request Chain 587
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkPy8ezRKoavVaYKUTWlr%26google_hm%3D%5BUID%5D&google_gid=CAESEBJi-ana1ud3hTBKadzibXs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkPy8ezRKoavVaYKUTWlr&google_hm=31f6ea04-1b19-43f2-a7db-1973cb4bcea4
Request Chain 588
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJUJAQEpkzOTkwndylhFKRU&google_cver=1&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e72J_uk9umZytcNQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e72J_uk9umZytcNQw
Request Chain 589
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECt4Rx5AvSQpwhBvDTlr_i8&google_cver=1&google_push=ATf1kGP_-NOzrKYbkM4AqnJycZcjjOON4siq0oX3ns_rlgHr1R1YhXW5J5xc7d5rxCRrmv1h88udVW-bYDm-D-t085F_nfLr4tmhgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP_-NOzrKYbkM4AqnJycZcjjOON4siq0oX3ns_rlgHr1R1YhXW5J5xc7d5rxCRrmv1h88udVW-bYDm-D-t085F_nfLr4tmhgA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 590
  • https://trace.mediago.io/cs/google?google_gid=CAESEAybDft5DEAKDEFiE3vWZNU&google_cver=1&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpcbJUMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpcbJUMQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
Request Chain 622
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tmz.com&sn=ChromeSyncframe&so=0&topUrl=www.tmz.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yBdbzHx6NzU0UGorVDRXS2ZWWU5INHN0Vnl1TGVOWUtsZ290N1lSemcyM3pwWkFCZWFVREV5dTVISjVYVVk2OVZaZkRadWI3OGQ5RlcvaVhWY1IrQmJHOXdodzV4UUdaU0c5L3E3c0lvSEQ2b1Fha3A3R1c4Z0luc0FvY1lUdDZkekRaWGpZK3kySWFUR0p3RFBXZmI4d05JYXlRZEtSaWk5NUNLV0IwaTVocmF2WUNkMldnODlER1FpcnJLZTlDSEJ0aHJaaGZ4dERxSng0VXlzZy9uejEvVlp0cnJjMVpyQkFyQlVueFh0c0N2cVpkbFVGL25zRUx6aEg5SllpNUNIaGRKaDhjV3ZSY2UwUUgweXg1TThCZGFwdz09fA&cppv=2
Request Chain 628
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2768803346163236077&gdpr=0&gdpr_consent=
Request Chain 629
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
Request Chain 630
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ec5053115f584c5fb6100
Request Chain 631
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 637
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=47aabcab9a201a08&is_secure=true&networkId=17100&version=1&nuid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB2T8arRyptgMfdzzTAAAAAAA&expiration=1684405907&nuid=C429709A-AE22-4304-9627-F4BC0246331D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 638
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0d06390d-c3cf-4217-afc3-9de254b71b0f&gdpr=0&gdpr_consent=
Request Chain 639
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=1d7de830-109e-4a27-a34e-b84b8c56fe0b HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=d5289711-ec3e-56ff-88bd-9eb4e8fa1215&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526bidswitch_ssp_id%253dpubmatic HTTP 302
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 303
  • https://a.usbrowserspeed.com/cs?pid=beeswax&puid=AAESDE7IyVoAACBaUprklg&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=38dca57a-3441-4c33-bbfa-e07f746a36b7&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 640
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102CF081B_E5C2B01&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 641
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=

635 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tmz.com/
Redirect Chain
  • http://tmz.com/
  • https://www.tmz.com/
823 KB
825 KB
Document
General
Full URL
https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:ca00:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
cf4c65dd8c31e4530cb7bdc7698e8b9e16480561a7bb3ae75e8e6d738bce6835
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
35
alt-svc
h3=":443"; ma=86400
cache-control
max-age=30, public, s-maxage=60
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:21 GMT
link
<https://imagez.tmz.com>; rel="preconnect"; crossorigin="anonymous",<https://static.tmz.com>; rel="preconnect"; crossorigin="anonymous"
referrer-policy
unsafe-url
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
CloudFront-Viewer-Country
via
1.1 ade0cadf195b634f1ce60fe31eb474a2.cloudfront.net (CloudFront)
x-amz-cf-id
V3dktfm7Lj3zQblaA27Fly0Mx16iPzKyLTlRAc9mWqb0tNLF97PBsw==
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-fpc
hit
x-fpc-key
40d5148e93b18b6f685f58c83b4c33d455f1a6b37fe67d501a4f958c3e7a308b
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Age
450
Alt-Svc
h3=":443"; ma=86400
Connection
keep-alive
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 17 May 2023 10:23:57 GMT
Location
https://www.tmz.com/
Server
Apache
Via
1.1 788c5a18883f334d0b09e6cda9d22c86.cloudfront.net (CloudFront)
X-Amz-Cf-Id
9fmLOCdJU2RpEuILWfkmv_MN756WS73BjwYCdeykDQNOVXGUdWRkzA==
X-Amz-Cf-Pop
CMH68-P1
X-Cache
Hit from cloudfront
main.desktop.f4ae7f7d52eefe50c09b.css
static.tmz.com/tmz-web/client/v3.8/
781 KB
273 KB
Stylesheet
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9af1419f08c7ad01ad81db54080b13c61de5f99b81a2336d4a84226ca724f404

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 23:45:37 GMT
x-amz-version-id
hmkX.r_rm5u7WIaxlhO4hJBYLyuvG2LV
content-encoding
gzip
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
age
1680351
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.1
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Thu, 27 Apr 2023 23:40:34 GMT
server
AmazonS3
etag
W/"f9798c427cd2039c4e6556c8d43c6edb"
vary
Accept-Encoding
content-type
text/css
x-amz-meta-app-build
19915e5
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
JBj85z3WmMUGoLDHQnqOI2vPo10hD4xKKz_ouPS3mSbytKiptBg6dA==
main.desktop.f21c0445.js
static.tmz.com/tmz-web/client/v3.8/
532 KB
160 KB
Script
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f21c0445.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795c8c5fa7697544f1c5447b371f3c7306cfb3842fce3eb13ca582e173c65c52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 23:45:38 GMT
x-amz-version-id
V4MpVKeMGic1O8rSthUGxUS3pmpbGgHL
content-encoding
gzip
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
age
1680350
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.1
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Thu, 27 Apr 2023 23:40:34 GMT
server
AmazonS3
etag
W/"66544486bbd2db746220e716a0c62c16"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-app-build
19915e5
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
YcBDpnW8dEWDieQG7Jho1dFVWpORygirNJ-Mow-qGb2XMVlqquhmpA==
gpt.js
www.googletagservices.com/tag/js/
75 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc38bb9634af1075fbf8a9684f88f08e7792df4e983d3c97ade1749234057929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25263
x-xss-protection
0
server
cafe
etag
909 / 19494 / m202305110101 / config-hash: 13518105858856467337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:28 GMT
loader.js
strike.fox.com/static/tmz/display/
26 KB
3 KB
Script
General
Full URL
https://strike.fox.com/static/tmz/display/loader.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8258 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c216d22bee295ae90eed1f144fa624d315a1455c67b5d479856d31bc66cc61cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
5nNC1gHEdUvKrBoYUjhXCCtJAovF3BlG
content-encoding
gzip
date
Wed, 17 May 2023 10:31:28 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
VVACBWBQEPV1HJ6P
x-amz-server-side-encryption
AES256
content-length
2466
x-amz-id-2
wW7xlWb+ju7Xo7h209IAtnoGxZD7Qv665cR+CV+VZ9toXurj4ftsqn5MzLloaFoFH4rUgaTdF+8=
last-modified
Thu, 11 May 2023 20:39:52 GMT
server
AmazonS3
etag
"da4e584094ff5ca0f2b8312fe743ce32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Wed, 17 May 2023 10:41:28 GMT
js
www.googletagmanager.com/gtag/
226 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bbe14620cc51ebfb2bea7cfb7b8476b5114063d955a2cf8e04324b4152ecc86a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80994
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 May 2023 10:31:28 GMT
boot.js
global.ketchcdn.com/web/v2/config/tmz/tmz_web/
2 KB
1 KB
Script
General
Full URL
https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15f92dd1206d1ce49f9b0553e900b7c5e9cd426fb2ae941a435e560925f9812b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
261
x-cache
HIT, HIT
request-id
4f1d0182-6828-442d-9816-970ed27dc186
content-length
797
x-xss-protection
1; mode=block
x-served-by
cache-pdx12328-PDX, cache-yyz4544-YYZ
x-timer
S1684319489.510704,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3, 7
gtm.js
www.googletagmanager.com/
272 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTN543J&gtm_cookies_win=x
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e4ea35adb398a60d969426bf14b40d252e4cc87803c123f8d6ce6f89030f520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89991
x-xss-protection
0
last-modified
Wed, 17 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 May 2023 10:31:28 GMT
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/jpeg
SourceSansPro-Regular.woff2
static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/
13 KB
13 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/SourceSansPro-Regular.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Origin
https://www.tmz.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:51:40 GMT
x-amz-version-id
yZw0KMX7aF7ImQMOnaoo.R4ZpDEmhoL.
via
1.1 ff5c2826d5a2f8583802a5c36e2a8060.cloudfront.net (CloudFront)
age
3083989
x-amz-cf-pop
CMH68-P2
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
12960
x-amz-meta-app-deployment-id
last-modified
Tue, 11 Apr 2023 17:45:53 GMT
server
AmazonS3
etag
"967c60da0742e7f2bdfbde13accaf519"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
f978b11
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
ZZz92HEMKFGRTcivEoudLKco0H5S1P76Pmk-nFZi5rlgkyuSaAlrIw==
black-webfont.woff2
static.tmz.com/tmz-web/client/v3.8/fonts/proxima-nova-extra-condensed/
17 KB
18 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/fonts/proxima-nova-extra-condensed/black-webfont.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Origin
https://www.tmz.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:51:21 GMT
x-amz-version-id
96v6Z0q.GiiuLA9oiOBvj7AffA9v83F_
via
1.1 ff5c2826d5a2f8583802a5c36e2a8060.cloudfront.net (CloudFront)
age
3084008
x-amz-cf-pop
CMH68-P2
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
17880
x-amz-meta-app-deployment-id
last-modified
Tue, 11 Apr 2023 17:45:53 GMT
server
AmazonS3
etag
"66e7b6660a29694e64c02561f9e14490"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
f978b11
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
xmm7QOJAMYjjFjOyLVL9xvSLqBNCQ-EuVt4nIy04zMkNgM_JBXxPxQ==
Cousine-Regular.woff2
static.tmz.com/tmz-web/client/v3.8/fonts/cousine/
9 KB
9 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/fonts/cousine/Cousine-Regular.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Origin
https://www.tmz.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:51:21 GMT
x-amz-version-id
2OPeIjJh4KzzhofuHRqu87p549zknWNu
via
1.1 ff5c2826d5a2f8583802a5c36e2a8060.cloudfront.net (CloudFront)
age
3084008
x-amz-cf-pop
CMH68-P2
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
8748
x-amz-meta-app-deployment-id
last-modified
Tue, 11 Apr 2023 17:45:53 GMT
server
AmazonS3
etag
"c417ddf1b447836f9e8274339f6dfaeb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
f978b11
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
yK2tfCYUKG-ARKf9GdHSHSBOYdyl4cjoDm3wDD5E-Xv9XjvgFZULEg==
SourceSansPro-Bold.woff2
static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/
12 KB
13 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/SourceSansPro-Bold.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Origin
https://www.tmz.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:51:40 GMT
x-amz-version-id
CyneNJRpAMEshuxLj6QhjQLIyR8wSv_P
via
1.1 ff5c2826d5a2f8583802a5c36e2a8060.cloudfront.net (CloudFront)
age
3083989
x-amz-cf-pop
CMH68-P2
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
12600
x-amz-meta-app-deployment-id
last-modified
Tue, 11 Apr 2023 17:45:53 GMT
server
AmazonS3
etag
"35c8f8dfc61f476426607c74422b7d17"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
f978b11
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
DVZNWaMU5LUMhIU1lsvCUDvapKQxWpGpCV6G_G_pWXL6elL5uEwerA==
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
968 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
604 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
309 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
SourceSansPro-Semibold.woff2
static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/
11 KB
12 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.8/fonts/sourcesanspro/SourceSansPro-Semibold.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:4c00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f4ae7f7d52eefe50c09b.css
Origin
https://www.tmz.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:51:40 GMT
x-amz-version-id
x.uamdFUAFCFJ80gy3i1ANjNGzL5XVhZ
via
1.1 ff5c2826d5a2f8583802a5c36e2a8060.cloudfront.net (CloudFront)
age
3083989
x-amz-cf-pop
CMH68-P2
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.8.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
11256
x-amz-meta-app-deployment-id
last-modified
Tue, 11 Apr 2023 17:45:53 GMT
server
AmazonS3
etag
"e80eefb2e693f982ade7d2f9c41c59ea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
f978b11
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
frbdqtWbTBubmwxfRQk1wbkIXULWOC-7UPfJI6bEzy6TBerfmG0OuQ==
633769acfbb5409fbca6585a20bf84e8_xs.jpg
imagez.tmz.com/image/63/16by9/2023/05/17/
9 KB
10 KB
Image
General
Full URL
https://imagez.tmz.com/image/63/16by9/2023/05/17/633769acfbb5409fbca6585a20bf84e8_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f99bd20323a5c0d2fc57ff9c6c9c504d6dbdd2ed37d4a90ca103095ea71e5f92
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
37089
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=706786 idim=1200x900 ifmt=jpeg ofsz=9250 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
9250
x-served-by
cache-iad-kiad7000154-IAD, cache-yul12820-YUL
x-timer
S1684319489.978375,VS0,VE0
etag
"GPfVVh2GLIixqfok8rvj+vIy/QsZSmEWO0iqxJ+PiqQ"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
79, 47
a9c2fa5b28344b0086f65bc455bcce46_xs.jpg
imagez.tmz.com/image/a9/16by9/2023/05/16/
13 KB
14 KB
Image
General
Full URL
https://imagez.tmz.com/image/a9/16by9/2023/05/16/a9c2fa5b28344b0086f65bc455bcce46_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e06aa8032fa2e9fd4495643853fa91c3598940f8b45986cb4ae4300e8a2b136c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
58361
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=136513 idim=700x397 ifmt=jpeg ofsz=13742 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
13742
x-served-by
cache-iad-kiad7000053-IAD, cache-yul12820-YUL
x-timer
S1684319489.978527,VS0,VE0
etag
"fYEsexkQbj71M3TR0ftoeoT0SNvp/Z3LoGEYQRE7q1Y"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
11, 43
8bdd9f965c0e44d2ae0d0e5f98bc3f0e_xs.png
imagez.tmz.com/image/8b/16by9/2023/05/16/
58 KB
58 KB
Image
General
Full URL
https://imagez.tmz.com/image/8b/16by9/2023/05/16/8bdd9f965c0e44d2ae0d0e5f98bc3f0e_xs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea85d02ded9e4426ae38a608862a739cd2d7806e6a355fdff53654e35fe7c1ee
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
41668
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=1542148 idim=1200x900 ifmt=png ofsz=59156 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
59156
x-served-by
cache-iad-kjyo7100149-IAD, cache-yul12820-YUL
x-timer
S1684319489.978520,VS0,VE0
etag
"T7hd+XKiGJDJ0l3xnOJmWxA7NQiZ5nU1PF6hoIbJ0d0"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
17, 56
2f9c12e6c72e4737b8e993ea45a6b386_xs.jpg
imagez.tmz.com/image/2f/16by9/2023/05/16/
14 KB
14 KB
Image
General
Full URL
https://imagez.tmz.com/image/2f/16by9/2023/05/16/2f9c12e6c72e4737b8e993ea45a6b386_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb3d86ef05695fbe5bc4932e7dc4556634618a7eb342cec108854c72cf3f332f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
58268
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=141568 idim=700x397 ifmt=jpeg ofsz=13916 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
13916
x-served-by
cache-iad-kiad7000035-IAD, cache-yul12820-YUL
x-timer
S1684319489.979213,VS0,VE0
etag
"1C+OVokb8pMilM1pQ6gkQK1mYkjCiN4Ous4waUYV9gE"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
30, 44
fb204f2de7cd44ba8423cd56b07b3e2f_xs.png
imagez.tmz.com/image/fb/16by9/2023/05/16/
21 KB
22 KB
Image
General
Full URL
https://imagez.tmz.com/image/fb/16by9/2023/05/16/fb204f2de7cd44ba8423cd56b07b3e2f_xs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27386392f194a09d8dbe95ba20693b5d253b4b24630837b7e094c46d3d7ab2a4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
43984
x-cache
Hit from cloudfront, HIT, HIT
fastly-io-info
ifsz=404600 idim=1200x900 ifmt=png ofsz=21540 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
21540
x-served-by
cache-iad-kjyo7100142-IAD, cache-yul12820-YUL
x-timer
S1684319489.978679,VS0,VE0
etag
"YxKqgpOZJkjtPWNxtKLLKf/GtK8bzaLW/dMFjqU8D1A"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
54, 43
612dc68bb5c3459bb39b1ec066aada4c_md.jpg
imagez.tmz.com/image/61/4by3/2023/05/16/
60 KB
60 KB
Image
General
Full URL
https://imagez.tmz.com/image/61/4by3/2023/05/16/612dc68bb5c3459bb39b1ec066aada4c_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38ba8106b0b700260723b8adafa054a3636b20783bbbec3afef1aea97efe4dd7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
52706
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=592054 idim=1200x900 ifmt=jpeg ofsz=61374 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
61374
x-served-by
cache-iad-kcgs7200171-IAD, cache-yul12820-YUL
x-timer
S1684319489.979323,VS0,VE0
etag
"dShBsPqEipEh8qMLa9bxW3DsDAuOTwGt6sHANR1YJpk"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
56, 40
0f6951a84a354267a09512ddd8cf9190_md.jpg
imagez.tmz.com/image/0f/4by3/2023/05/16/
85 KB
85 KB
Image
General
Full URL
https://imagez.tmz.com/image/0f/4by3/2023/05/16/0f6951a84a354267a09512ddd8cf9190_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b16de86e6866109ec9241d8e3ccdafe95db05fe729ad41ca107477195a552bba
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
51283
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=913854 idim=1200x900 ifmt=jpeg ofsz=86704 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
86704
x-served-by
cache-iad-kjyo7100049-IAD, cache-yul12820-YUL
x-timer
S1684319489.993942,VS0,VE0
etag
"ChgOH7EMqRuJPGkrfBE/TCSOGiCouEy1s5I4HDQlkNY"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
50, 38
02ba4fd9cc9f4236a5131f567d79337a_md.jpg
imagez.tmz.com/image/02/4by3/2023/05/16/
97 KB
97 KB
Image
General
Full URL
https://imagez.tmz.com/image/02/4by3/2023/05/16/02ba4fd9cc9f4236a5131f567d79337a_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ccab3df7523561a8fc4799ac33ca83d6dd04c0bad69888c91201bb25bcfb6cd8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
51283
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=961148 idim=1200x900 ifmt=jpeg ofsz=99112 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
99112
x-served-by
cache-iad-kcgs7200096-IAD, cache-yul12820-YUL
x-timer
S1684319489.994106,VS0,VE0
etag
"HF0IVr1y5nCTwdV02M9bHSefRn9mdqRsCi/bdCodmFw"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
52, 35
42d44a3523ec4578990d3341fdde1cda_md.png
imagez.tmz.com/image/42/16by9/2023/05/09/
155 KB
156 KB
Image
General
Full URL
https://imagez.tmz.com/image/42/16by9/2023/05/09/42d44a3523ec4578990d3341fdde1cda_md.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3793c0ebf407cd243bf096d11cb2c88ca3a638f529d9898a28f39bfdbb6098ab
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
109652
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=2223873 idim=1920x1080 ifmt=png ofsz=158910 odim=728x410 ofmt=webp
fastly-stats
io=1
content-length
158910
x-served-by
cache-iad-kjyo7100119-IAD, cache-yul12820-YUL
x-timer
S1684319489.994098,VS0,VE0
etag
"icqwybrWvQEzDyFhM2gOLcMi5kKw+jqYbT7ASzeaq7g"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
43, 2
2a22cb155d7e4e9fbdccbdd092331dc1_md.jpg
imagez.tmz.com/image/2a/4by3/2023/05/16/
57 KB
57 KB
Image
General
Full URL
https://imagez.tmz.com/image/2a/4by3/2023/05/16/2a22cb155d7e4e9fbdccbdd092331dc1_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b765f29f5b849b7857bd65976f3e0580efdb986a26003a8dfe5cdca3f903332
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:28 GMT
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
51282
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=620617 idim=1200x900 ifmt=jpeg ofsz=58340 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
58340
x-served-by
cache-iad-kjyo7100110-IAD, cache-yul12820-YUL
x-timer
S1684319489.994086,VS0,VE0
etag
"SgDvCTUnHjKxkST4PeROR4yO0+SRUaVXBF9G6/fn66o"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
51, 36
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ded0bfd204406809b023171e23efc490eb3bef1c922a845414990490f3855db

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
lanyard.js
cdn.ketchjs.com/lanyard/v1/
466 KB
111 KB
Script
General
Full URL
https://cdn.ketchjs.com/lanyard/v1/lanyard.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192bde7b0c34aad42bfd3a66e1616c77674718a8d99950479e9a2537f67223c3
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
310
date
Wed, 17 May 2023 10:31:29 GMT
x-cache
HIT, HIT
request-id
eae3a519-fd4e-4b2a-bb30-838925a091bc
content-length
113349
x-xss-protection
1; mode=block
x-served-by
cache-pdx12329-PDX, cache-yul12823-YUL
last-modified
Thu, 11 May 2023 02:20:03 GMT
x-timer
S1684319489.166886,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
159619, 83
plugins.js
cdn.ketchjs.com/plugins/v1/
121 KB
28 KB
Script
General
Full URL
https://cdn.ketchjs.com/plugins/v1/plugins.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a958bb77f866ab4f4f5320302ddc64bcc7bf9649c3df3aa99449b9e1935e782
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
300
date
Wed, 17 May 2023 10:31:29 GMT
x-cache
HIT, HIT
request-id
1569ef36-2651-4c3c-bd02-5f4d9624ba9b
content-length
28953
x-xss-protection
1; mode=block
x-served-by
cache-pdx12326-PDX, cache-yul12823-YUL
last-modified
Thu, 11 May 2023 02:23:16 GMT
x-timer
S1684319489.166891,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
128440, 78
ketch.js
cdn.ketchjs.com/ketchtag/latest/v2.12/
93 KB
24 KB
Script
General
Full URL
https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
296f41b29964f21fe7fad561d86e9667578570190a6bc10bd33515372f0af138
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
292
date
Wed, 17 May 2023 10:31:29 GMT
x-cache
HIT, HIT
request-id
4cd10f7d-a824-4ea4-a305-e9bbaff2efc3
content-length
24003
x-xss-protection
1; mode=block
x-served-by
cache-pdx12320-PDX, cache-yul12823-YUL
last-modified
Thu, 11 May 2023 02:20:23 GMT
x-timer
S1684319489.167016,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
137603, 67
6d732902-d586-42ab-bcf1-db2a954b38cc
minigames.versusgame.com/widget/ Frame 5453
2 KB
1 KB
Document
General
Full URL
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
644ad7b6d992393e0483c585357e2f7e16f0a0ce6ddb616bd8ae321c8b934792

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2020
cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 17 May 2023 09:57:51 GMT
etag
W/"35cbfb2d6b4b5367cbe8e30b0492c69e"
last-modified
Thu, 11 May 2023 09:57:15 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
x-amz-cf-id
ivx11npJzyb6r2b4RYwNqPo1DXIeGnvgzgWpANLtcwRi8J0yE6Vn_Q==
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
truncated
/
127 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
468 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-119.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 12:00:07 GMT
content-encoding
gzip
via
1.1 fa84a65a8524de3d36ea32628a227200.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
81095
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
FCaE-5lG79W8K0F-qMU1hpKVuX61CRmaeyvPY0fksn7Ne49WWPjclg==
collect
analytics.google.com/g/
0
252 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=45je35a0&_p=1734746088&_gaz=1&cid=1084030298.1684319489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684319489&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmz.com%2F&dt=TMZ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0f::66 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
252 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NCN9V8PMQF&cid=1084030298.1684319489&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c32::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::71 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:34:03 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3446
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 17 May 2023 11:34:03 GMT
js
www.googletagmanager.com/gtag/
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-621195757&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd7f7c0eaed7cb376b1595847f7341b572eac89439b6b705d4e39b2ab0878d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53089
x-xss-protection
0
last-modified
Wed, 17 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 May 2023 10:31:29 GMT
connatix.playspace.js
cds.connatix.com/p/269882/ Frame 5FA5
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/269882/connatix.playspace.js?tier=1
1 MB
275 KB
Script
General
Full URL
https://cds.connatix.com/p/269882/connatix.playspace.js?tier=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26de5b2f18f9d451a3147d00dd26c7f91ec9b3f2d4e1a356d9887bdc32c674b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:30 GMT
x-amz-version-id
L44vvwsfZ1nYG_xXeDhO3F3sWeE3n027
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 May 2023 10:11:01 GMT
server
cloudflare
etag
W/"2778cb2bcbc08dfa890b676d0e2247d8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7c8b30eeaaaa54d9-YYZ
access-control-allow-headers
range
expires
Thu, 16 May 2024 10:31:30 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/269882/connatix.playspace.js?tier=1
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7c8b30eaaec654d9-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iframe_api
www.youtube.com/
1 KB
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f21c0445.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 17 May 2023 10:31:29 GMT
/
www.instagram.com/accounts/login/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
0
0
Script
General
Full URL
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
2a03:2880:f258:e0:face:b00c:0:4420 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.giphy.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:30 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug
FlUquXqaQGKosQEyGd0c5UKFaXgBcjOoO7wkEL/PhqZcVffYgYZLIXOs2H8ymIYYR0VuAub7KdxezUZGuW7qRA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/html; charset="utf-8"
location
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f21c0445.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:29 GMT
Content-Encoding
gzip
Age
492
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (nyb/1D1D)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-621195757
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c14::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e608b9da1a0304a165d06c483675ab0bfffce60cb40a37994450e3a8cf552945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53072
x-xss-protection
0
last-modified
Wed, 17 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 May 2023 10:31:29 GMT
sidebar.json
www.tmz.com/_/promotion/home-sidebar/
336 KB
337 KB
Fetch
General
Full URL
https://www.tmz.com/_/promotion/home-sidebar/sidebar.json
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.8/main.desktop.f21c0445.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:ca00:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
35e3b6a9918f6fae8023f5750e328863ec05f69850fe41fb739ed701bb849403
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:29:59 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 ade0cadf195b634f1ce60fe31eb474a2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
125
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
Apache
x-fpc-key
af18f8a4ad8e3066581d36bf60bb914233c30182ac29c94c78c3143c8655f4c0
x-frame-options
SAMEORIGIN
vary
CloudFront-Viewer-Country
content-type
application/json
cache-control
max-age=344, public, s-maxage=344
x-robots-tag
noindex
x-fpc
hit
x-amz-cf-id
IWX0Xxyj6xPQZDzPiyArRSlhGxslUxmpfC_YT8geUj_EulLygohKYA==
ga-audiences
www.google.ca/ads/
42 B
408 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NCN9V8PMQF&cid=1084030298.1684319489&gtm=45je35a0&aip=1&z=1097451469
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0f::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766&ja=1
44 B
596 B
Image
General
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766&ja=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
13.58.139.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-139-71.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:30 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:30 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/&rp=&ts=compact&rnd=1684319489766&ja=1
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/
406 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 19:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
55242
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128048
x-xss-protection
0
server
cafe
etag
352811828592807000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 15 May 2024 19:10:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
204 B
672 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tmz.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dceaac0d6a1ba768d8437c67b4d9a760a3376675110506b80c0a132e23d4d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
x-xss-protection
0
expires
Wed, 17 May 2023 10:31:30 GMT
app.v122.js
strike.fox.com/static/tmz/display/ver/
1 MB
158 KB
Script
General
Full URL
https://strike.fox.com/static/tmz/display/ver/app.v122.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8258 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdcb3c875b457a7ff992a0d874959df51acec37c8e61efb60ce9cc5e528528e0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
99QrT9ezzXjFmmnwQAFLzRNQp1ztBu1u
content-encoding
gzip
date
Wed, 17 May 2023 10:31:29 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
FW6XQ53RV1QHQ8PQ
x-amz-server-side-encryption
AES256
x-amz-id-2
VHE6KNJgAT4wIa4qsWpYY4jb1kWB6K2vw0OR1Q3mSAg3QMvk+69ld6BE6jPsxh+ECvakUKgY4mk=
last-modified
Thu, 11 May 2023 20:39:52 GMT
server
AmazonS3
etag
"3438f7ed3f48decb9f3666cfa64a3e3c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Wed, 17 May 2023 10:41:29 GMT
index.36b29039.js
minigames.versusgame.com/assets/ Frame 5453
326 KB
102 KB
Script
General
Full URL
https://minigames.versusgame.com/assets/index.36b29039.js
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f94ee55945ab1c6c2b41f61204099aa5582b27a38fd5cc39689cb2199cfd68ee

Request headers

Referer
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
gzip
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
W/"9661a449dc0d922061ae8770ddc8f886"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, immutable
x-amz-cf-id
pEV5KfG5GT0EfA4y7028qjnwFuxTp_BMBWzQxbOS2FoaBqGW4wvmWg==
vendor.13b24c47.js
minigames.versusgame.com/assets/ Frame 5453
1 MB
367 KB
Script
General
Full URL
https://minigames.versusgame.com/assets/vendor.13b24c47.js
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b46c796beda687303e48435d7cd49bef612835664ff8accb7a5cbd8a3c6da708

Request headers

Referer
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
gzip
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
W/"f2f092f1bde9ed886159ad23cee7725d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, immutable
x-amz-cf-id
Hzi-GZ0uEmoN4xiCwQRx39XiPyGZA3R7FUKe2I1bjf_uwWFWl9stnQ==
vendor.8c7d64db.css
minigames.versusgame.com/assets/ Frame 5453
553 KB
100 KB
Stylesheet
General
Full URL
https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c7d64db44f62b648f4e114668f4896040e4624b73a1c8e9f420739d2dc4eb2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
gzip
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
W/"cb82baa6cc335ac3a53dd7081ae98c23"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=31536000, immutable
x-amz-cf-id
MkkFdNoxxYywC75jIyUWebC2HrJvd2lqFIGyirVi3RLYG9euNwAojQ==
index.f3b69d8e.css
minigames.versusgame.com/assets/ Frame 5453
60 KB
13 KB
Stylesheet
General
Full URL
https://minigames.versusgame.com/assets/index.f3b69d8e.css
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3b69d8e55876400796e41ded306f3c224bbd6cddc81b168376100955551ca3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
gzip
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
W/"67e15dbdbad66a828078df6da3772459"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=31536000, immutable
x-amz-cf-id
StnB0-uvuOqutGECRPvrP-DNdS72Q6RtpGiw10CJduRgjH-xBUnxtQ==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265
362 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Server
35.81.229.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-229-26.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8b55102f7932ed8c54236786087e7981d699068f74e4b5356a85a20cde0a0219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v044-00ca67d08.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
RNVyewmWTM8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.tmz.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v044-020e3e31c.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ma+pV/E1QlM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.tmz.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1684319490265
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ip
global.ketchcdn.com/web/v2/
251 B
625 B
Fetch
General
Full URL
https://global.ketchcdn.com/web/v2/ip
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
409668da18b7f6a2591b5208a4c74f2dedf226fa4d536a0d9b8b98b0159d09cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Thu, 18 May 2023 10:31:30 GMT
content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:30 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
0
x-cache
MISS
request-id
ffcd405e-d5fa-4f27-90f7-65f196b41248
content-length
190
x-xss-protection
1; mode=block
x-served-by
cache-yyz4528-YYZ
x-timer
S1684319490.369269,VS0,VE264
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ Frame 5453
3 KB
887 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c16::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 May 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 May 2023 08:44:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 May 2023 10:31:30 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9=
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-119.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
via
1.1 fa84a65a8524de3d36ea32628a227200.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CMH68-P2
x-amz-cf-id
2yED-QowhPpmadZzXGzdgzqk5cTgGUrSobMskfpOfLMZcVLg0LsKFQ==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 17 May 2023 10:31:30 GMT
via
1.1 fa84a65a8524de3d36ea32628a227200.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3000013&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684319490820&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2F&c8=TMZ&c9=
content-length
0
x-amz-cf-id
-8UDdgeyVm3iFU5DW_To91aO2nmW7cqpEjs_YdSx22LaDqBMJMf9rg==
www-widgetapi.js
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/
185 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
136124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58043
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 May 2024 20:42:46 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame C4F6
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tmz.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D29) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1601952
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 10:31:30 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D29)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
geo.js
static.foxnews.com/static/orion/scripts/core/utils/
5 KB
2 KB
Script
General
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1684319491062&v=v122
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:681::2313 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ce77174eef0423016226ada18c4ff9dd4538c55688c67a4b3aa3b7297fa8dd0e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31557600
content-encoding
gzip
date
Wed, 17 May 2023 10:31:31 GMT
x-foxnews-time
1684319491
edge-cache-tag
geo
x-foxnews-geo
countryCode=CA ; regionCode=QC ; dmaCode=false ; zipRange=H1A+H1B+H1C+H1E+H1G+H1H+H1K+H1L+H1M+H1N+H1R+H1S+H1T+H1V+H1W+H1X+H1Y+H1Z+H2A+H2B+H2C+H2E+H2G+H2H+H2J+H2K+H2L+H2M+H2N+H2P+H2R+H2S+H2T+H2V+H2W+H2X+H2Y+H2Z+H3A+H3B+H3C+H3G+H3H+H3J+H3K+H3L+H3M+H3N+H3P+H3R+H3S+H3T+H3V+H3W+H3X+H3Y+H3Z+H4A+H4B+H4C+H4E+H4J+H4K+H4N+H4P+H4V+H4W+H4Z+H5A+H5B ; continent=NA
content-length
1499
x-served-by
cache-iad-kiad7000053-IAD
access-control-max-age
86400
access-control-allow-methods
GET, GET,POST,HEAD,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*, *
access-control-expose-headers
x-foxnews-geo, x-foxnews-time
vary
Accept-Encoding
access-control-allow-credentials
false
cache-control
max-age=4
access-control-allow-headers
x-foxnews-geo, x-foxnews-time, *
retry-after
0
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/?random=1684319491177&cv=11&fst=1684319491177&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&hn=www.googleadservices.com&frm=0&tiba=TMZ&us_privacy=1YNN&auid=2088206945.1684319491&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621195757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c12::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1702e752eeb0b4733f245ffb3aba22331b7208b0ff36335bf0100c5660ad4072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1181
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/?random=1684319491215&cv=11&fst=1684319491215&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&hn=www.googleadservices.com&frm=0&tiba=TMZ&value=replace%20with%20value&us_privacy=1YNN&auid=2088206945.1684319491&uamb=0&uaw=0&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621195757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c12::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb5e0631d216708f882244499f0bf79773495451a0a749fc04d6e22728465ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
fox.demdex.net/ Frame 1E30
7 KB
3 KB
Document
General
Full URL
https://fox.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.93.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-93-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v044-08d878314.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
TGOSiKw2Tlc=
content-encoding
gzip
date
Wed, 17 May 2023 10:31:31 GMT
last-modified
Wed, 10 May 2023 10:46:01 GMT
vary
accept-encoding
id
smetrics.tmz.com/
48 B
454 B
XHR
General
Full URL
https://smetrics.tmz.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&mid=14357699558290564263685038476820947093&ts=1684319491278
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
720f06e2003dd7e392ee507a2cbfa762746c30d2b26c1ca8c5eba0e236708092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.tmz.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZGStAwAAAHemOANP
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=19187662051573948914210813287748594420
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGStAwAAAHemOANP
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGStAwAAAHemOANP
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Server
35.81.229.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-229-26.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v044-01e348dc6.edge-usw2.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BdhA20PSTY0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGStAwAAAHemOANP
Date
Wed, 17 May 2023 10:31:31 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 5453
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 19:22:30 GMT
x-content-type-options
nosniff
age
400141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 19:22:30 GMT
config.json
global.ketchcdn.com/web/v2/config/tmz/tmz_web/production/7564812717999665976/default/en/
17 KB
5 KB
Fetch
General
Full URL
https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/production/7564812717999665976/default/en/config.json
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b0504f6864919c1297e34207fcd801763aee59bca5f0b6efea9409bd8ba2550
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:31 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
18265
x-cache
HIT, HIT
request-id
65396853-c694-4df9-ad91-800816b3581b
content-length
4988
x-xss-protection
1; mode=block
x-served-by
cache-pdx12331-PDX, cache-yyz4528-YYZ
x-timer
S1684319491.410741,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
9, 102
/
playlist.megaphone.fm/ Frame 0C68
54 KB
54 KB
Document
General
Full URL
https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
d817fa127084fff34b0b4222a594485fbaee6cb65bc5e616a0c55d3525d5a79a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:31 GMT
etag
W/"d817fa127084fff34b0b4222a594485f"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
399b63eb0c4089e4ae3f649c47597ea4
x-runtime
0.002240
x-xss-protection
1; mode=block
692bf47c178a48ec90b7e85869426afd.jpg
imagez.tmz.com/image/69/o/2023/02/23/
31 KB
31 KB
Image
General
Full URL
https://imagez.tmz.com/image/69/o/2023/02/23/692bf47c178a48ec90b7e85869426afd.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01cbe46de5be0b6a24a2028fd5c096b96ff0dc3917c5bfe4ff44ee6f5efe4c79
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:31 GMT
via
1.1 9acd372742573b89975d7dceea2dc950.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
1472775
x-cache
Hit from cloudfront, HIT, HIT
fastly-io-info
ifsz=268363 idim=900x384 ifmt=jpeg ofsz=31536 odim=900x384 ofmt=webp
fastly-stats
io=1
content-length
31536
x-served-by
cache-iad-kjyo7100040-IAD, cache-yul12820-YUL
x-timer
S1684319491.421622,VS0,VE0
etag
"juJ/GmoXEwSlY/Uj9SuWcEZK1B8O1NtX5pI+gQfMF6I"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
16481, 862
nunito-sans-latin-400-normal.97d5a594.woff2
minigames.versusgame.com/assets/ Frame 5453
17 KB
17 KB
Font
General
Full URL
https://minigames.versusgame.com/assets/nunito-sans-latin-400-normal.97d5a594.woff2
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/index.f3b69d8e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

Referer
https://minigames.versusgame.com/assets/index.f3b69d8e.css
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:32 GMT
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
"8a97f720d330e75ccdbda9ae0e9f5e90"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
16980
x-amz-cf-id
Wnt7EfYsg3ohsSag6UQoD8kJaT2VhU2AH9RQu3r3UuN44gAEj3LlEA==
/
www.youtube-nocookie.com/embed/ Frame E6F6
41 KB
12 KB
Document
General
Full URL
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
960a06caaa261e56d506638ba77348972051e5733c179ba2694f18c443d18721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
www.youtube-nocookie.com/embed/ Frame 1368
41 KB
12 KB
Document
General
Full URL
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7193a4f3549d7529eb028aa51b4533f2f2f54e908b01039e6370c89792bdea9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
settings
syndication.twitter.com/ Frame C4F6
870 B
658 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=515b177f5632dfd7c259b0b6f438d80805a50ccb
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tmz.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
5
date
Wed, 17 May 2023 10:31:31 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 17 May 2023 10:31:31 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
565dce999ac5e71a
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
468ae5f21d30a7b716a66a7e42b4e432829ff674df11d60132ecb99db05ad0b3
content-length
338
v3
js.stripe.com/ Frame 5453
472 KB
113 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.13b24c47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3ba0f53ba955a7e6d39a52bb0d654ed09c3aa67ef42cc1e9fae8e20cf8eee9fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:21 GMT
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
14
x-cache
Hit from cloudfront
last-modified
Wed, 17 May 2023 02:13:36 GMT
server
Cloudfront
etag
W/"e53cb1688b3eb19f9bbada92a222f509"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
yNZcnDNCzagRyiJN9l88kG7q0N1w0WMfjSEpBO_K-l272zu3w516kA==
s57509552933450
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.23.0/
43 B
334 B
Image
General
Full URL
https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.23.0/s57509552933450?AQB=1&ndh=1&pf=1&t=17%2F4%2F2023%2010%3A31%3A31%203%200&mid=14357699558290564263685038476820947093&aamlh=9&ce=UTF-8&cdp=3&pageName=TMZ&g=https%3A%2F%2Fwww.tmz.com%2F&cc=USD&events=event6&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tmz-web&v1=tmz-web&c3=home&v3=home&c4=news&v4=news&c15=3%3A00AM&v15=3%3A00AM&c16=Wednesday&v16=Wednesday&c17=Weekday&v17=Weekday&c18=https%3A%2F%2Fwww.tmz.com%2F&v18=https%3A%2F%2Fwww.tmz.com%2F&c27=New&v27=New&c34=desktop&v34=desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 10:31:32 GMT
server
jag
etag
3617048568056512512-4619600533146620133
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 10:31:32 GMT
lodash.js
static.foxnews.com/static/strike/scripts/libs/
37 KB
12 KB
Script
General
Full URL
https://static.foxnews.com/static/strike/scripts/libs/lodash.js?v=v122
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:681::2313 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31557600
content-encoding
br
date
Wed, 17 May 2023 10:31:32 GMT
x-amz-server-side-encryption
AES256
content-length
12195
x-served-by
cache-iad-kiad7000090-IAD
last-modified
Thu, 11 May 2023 21:26:18 GMT
server
Akamai Resource Optimizer
x-timer
S1683840377.195255,VS0,VE1
etag
"e5b73a0c7c56d44909a07f7f0cd37c3d"
access-control-max-age
86400
access-control-allow-methods
GET,POST,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
x-debug-path
/static/strike/scripts/libs/lodash.js
access-control-allow-headers
*
x-cache-hits
2
application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
playlist.megaphone.fm/assets/ Frame 0C68
14 KB
4 KB
Stylesheet
General
Full URL
https://playlist.megaphone.fm/assets/application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
7a753ac0cbdad0f2ba44fe864f858d90f6ef7d3020e8a4aa9cdd31543c6a9605
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:32 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
3626
vary
Accept-Encoding
content-type
text/css
application-9a984f3b9908fd4e44fb.js
playlist.megaphone.fm/packs/js/ Frame 0C68
1 MB
381 KB
Script
General
Full URL
https://playlist.megaphone.fm/packs/js/application-9a984f3b9908fd4e44fb.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
3622300d61bb487a844de818565f8e621ed226ce79176b54b6fbd3fd2d199d67
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:32 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
388892
vary
Accept-Encoding
content-type
application/javascript
/
www.google.com/pagead/1p-user-list/621195757/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/621195757/?random=1684319491215&cv=11&fst=1684317600000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&frm=0&tiba=TMZ&value=replace%20with%20value&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&fmt=3&is_vtc=1&random=2817466729&rmt_tld=0&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/621195757/
42 B
154 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/621195757/?random=1684319491215&cv=11&fst=1684317600000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&frm=0&tiba=TMZ&value=replace%20with%20value&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&fmt=3&is_vtc=1&random=2817466729&rmt_tld=1&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0f::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/621195757/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/621195757/?random=1684319491177&cv=11&fst=1684317600000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&frm=0&tiba=TMZ&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2042160049&rmt_tld=0&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/621195757/
42 B
108 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/621195757/?random=1684319491177&cv=11&fst=1684317600000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2F&frm=0&tiba=TMZ&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2042160049&rmt_tld=1&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0f::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube-nocookie.com/s/player/cfa9e7cb/ Frame E6F6
405 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
98983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48645
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 May 2024 07:01:49 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/ Frame E6F6
338 KB
95 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
477572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97217
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 10 May 2024 21:52:00 GMT
base.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame E6F6
2 MB
732 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d404457fb49f54e5f4c9c2026cd51aba286197bb419f0f6b271505bd41bebf3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
749181
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:33:57 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/cfa9e7cb/fetch-polyfill.vflset/ Frame E6F6
9 KB
3 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:33:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
575855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2604
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:33:57 GMT
www-player.css
www.youtube-nocookie.com/s/player/cfa9e7cb/ Frame 1368
405 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 07:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
98983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48645
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 May 2024 07:01:49 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/ Frame 1368
338 KB
95 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
477572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97217
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 10 May 2024 21:52:00 GMT
base.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame 1368
2 MB
732 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d404457fb49f54e5f4c9c2026cd51aba286197bb419f0f6b271505bd41bebf3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
749181
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:33:57 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/cfa9e7cb/fetch-polyfill.vflset/ Frame 1368
9 KB
3 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:33:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
575855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2604
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:33:57 GMT
6d732902-d586-42ab-bcf1-db2a954b38cc
api.versusgame.com/v2/widgets/ Frame
0
0
Preflight
General
Full URL
https://api.versusgame.com/v2/widgets/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.13.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-13-56.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app-version,authorization,tz,x-app-path
Access-Control-Request-Method
GET
Origin
https://minigames.versusgame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
app-version,authorization,tz,x-app-path
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://minigames.versusgame.com
date
Wed, 17 May 2023 10:31:32 GMT
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
version.json
minigames.versusgame.com/ Frame 5453
22 B
405 B
Fetch
General
Full URL
https://minigames.versusgame.com/version.json
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/index.36b29039.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8bad44fd1a3479dbf853ad32c297e1dd38ea1d74404173b25b3f43f9bf2f8ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 16:44:52 GMT
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:18 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
64001
x-amz-server-side-encryption
AES256
etag
"3982d22ba8fc5af26e24a503dbdb0c0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
no-cache
accept-ranges
bytes
content-length
22
x-amz-cf-id
XPNBJ_xG451J47EcKDw8EThLSKAZsPgKIMcw-5U-XfcdY2FqvpyJsw==
6d732902-d586-42ab-bcf1-db2a954b38cc
api.versusgame.com/v2/widgets/ Frame 5453
11 KB
11 KB
XHR
General
Full URL
https://api.versusgame.com/v2/widgets/6d732902-d586-42ab-bcf1-db2a954b38cc
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.13b24c47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.13.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-13-56.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
e492f075b6b8306d2f2cf89261baf6ef0905ba4f230a86ec8a7e5e9a0b069b2d

Request headers

x-app-path
/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
accept-language
en-CA,en;q=0.9
authorization
Bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
tz
Etc/Unknown
Accept
application/json, text/plain, */*
Referer
https://minigames.versusgame.com/
app-version
c6f2b1a8

Response headers

date
Wed, 17 May 2023 10:31:32 GMT
x-powered-by
Express
etag
W/"2cf2-mxv3UbD+Q9VEquFWDJLLAE7l79Q"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://minigames.versusgame.com
access-control-allow-credentials
true
content-length
11506
nunito-sans-latin-600-normal.c84423c3.woff2
minigames.versusgame.com/assets/ Frame 5453
17 KB
17 KB
Font
General
Full URL
https://minigames.versusgame.com/assets/nunito-sans-latin-600-normal.c84423c3.woff2
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Request headers

Referer
https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:33 GMT
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
"7e344afc10a492d516789f072fa6edfd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
17156
x-amz-cf-id
VWJXDhB2Ct8W0abrAJlmB_rN87tRayhtGAZsj7Xq9tr6P4THpYe2Zw==
nunito-sans-latin-700-normal.280aaa89.woff2
minigames.versusgame.com/assets/ Frame 5453
17 KB
17 KB
Font
General
Full URL
https://minigames.versusgame.com/assets/nunito-sans-latin-700-normal.280aaa89.woff2
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Request headers

Referer
https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:33 GMT
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
"bcf3a3fb620dfbee774f84e2c8e71530"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
17116
x-amz-cf-id
_IIq-3wcCxqnzdePWz3NP28n3rTJ_gPYWub_hlgeoGOz1f1H2a4iHQ==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E6F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:44:36 GMT
x-content-type-options
nosniff
age
402416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 18:44:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E6F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:47:54 GMT
x-content-type-options
nosniff
age
395018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 20:47:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1368
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:44:36 GMT
x-content-type-options
nosniff
age
402416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 18:44:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1368
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:47:54 GMT
x-content-type-options
nosniff
age
395018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 20:47:54 GMT
get
global.ketchcdn.com/web/v2/consent/tmz/ Frame
0
0
Preflight
General
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/get
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Authorization
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE
access-control-allow-origin
https://www.tmz.com
content-length
0
content-security-policy
default-src 'self'
date
Wed, 17 May 2023 10:31:32 GMT
request-id
9e49cd02-1731-4e92-a534-260be2e14ac5
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Origin
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
deny
x-served-by
cache-pdx12321-PDX, cache-yyz4528-YYZ
x-timer
S1684319493.696274,VS0,VE69
x-xss-protection
1; mode=block
get
global.ketchcdn.com/web/v2/consent/tmz/
155 B
430 B
Fetch
General
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/get
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c33d014b8590d1fb9677ac64a0fbd7b741c105bebc28153adfb352c9dbdda95
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:32 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-cache
MISS, MISS
request-id
970e9ed0-4402-4e20-880c-90ac945231a7
content-length
148
x-xss-protection
1; mode=block
x-served-by
cache-pdx12328-PDX, cache-yyz4528-YYZ
x-timer
S1684319493.785277,VS0,VE72
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
js.stripe.com/v3/ Frame 31ED
325 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f78c70e057c4847ca4a6237de0d00804aeda78cd158145184c9fb0b7c72e4de4
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://minigames.versusgame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:26 GMT
etag
"c9f2bad4b1d8fa3dc2b4a75ae2cd62e4"
last-modified
Wed, 17 May 2023 01:44:25 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-id
uQMEqwCuoaOYrQ6RMZdkgL9lX-68hgIxLQ_77CrMjJp2r-CjVBqvig==
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
fennec.js
prod.fennec.atp.fox/js/
834 KB
193 KB
Script
General
Full URL
https://prod.fennec.atp.fox/js/fennec.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:2400:1f:e7d6:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b07bceb5fdabfe6d09e7e8ca7dfc6f7395d33650aa5b1a68fa954284cc74247d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
JFeRMVi6sqOOvqIpTPNhVX6s2OThtG3V
content-encoding
br
via
1.1 1483680de6fc9b7c243bc0610362f42a.cloudfront.net (CloudFront)
date
Tue, 16 May 2023 21:11:11 GMT
last-modified
Mon, 15 May 2023 21:10:50 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
48023
x-amz-server-side-encryption
AES256
etag
W/"158b0fd773fc05276c392a486173d62d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
93HW-zcdUH5FAkSZmmSd75Pl2ZcMo01c6aN495-6Zj_c0qE_k-HQ5w==
ope-fox.js
cdn.opecloud.com/
66 KB
13 KB
Script
General
Full URL
https://cdn.opecloud.com/ope-fox.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-12.cmh68.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
4f2f62556894f7bf14fa3aa45feac2a49202e100ff35c944601d19051f417a91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:40:00 GMT
content-encoding
gzip
via
1.1 1aba603d822d5b3ffcc843f252edb6ea.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 14:54:44 GMT
server
nginx/1.24.0
x-amz-cf-pop
CMH68-P1
age
3093
etag
W/"64590d34-109ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
YwZJ7bvlBNk_Hi3jGB3gB2DJGjGlDbzFUDgnDoM6aJTr53OF9WSt6A==
expires
Wed, 24 May 2023 09:40:00 GMT
ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
scripts.webcontentassessor.com/scripts/
132 KB
40 KB
Script
General
Full URL
https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb7af12c359572f82f195baef33d545ca71dc04083f7cfd8ef7ee5d50c131bb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
MRR24jnZ2rgv3wv0etKiXpL3bB4oMDSK
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:33 GMT
x-amz-request-id
VP5PSG2Q8JXZ28YA
age
935
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
40209
x-amz-id-2
+CbHVjRm8kWR+CxJsUS+knf9vooaku1zgtQxkz12dKc8yQ0MeXUAiattH3JBxHNcJHs8zMYF5EY=
x-served-by
cache-yul12831-YUL
last-modified
Wed, 17 May 2023 10:04:57 GMT
server
AmazonS3
x-timer
S1684319493.262278,VS0,VE0
etag
"79e775502b6de86c57ced29bd1c4891e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
x-cache-hits
36
tag
btloader.com/
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
  • https://btloader.com/tag?o=5735828726743040&upapi=true
14 KB
7 KB
Script
General
Full URL
https://btloader.com/tag?o=5735828726743040&upapi=true
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5290602c25843c6e2e6905e8b77a648f8479d4d7fb0dc75dcc8e4197faa9e382

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 09:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1919
etag
W/"2ea732f6033dce565e2065ae64ad2038"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGc3DhRDzEkbe26Kx7buAuUEgC2Mj0%2BEGobIGluUfaXjBfJOQIcWLA%2FaurrDDMyJx8igkfJLBxgBxQL4G8HVRBNYOVakmT7MIbc5KBa17%2BVAIMKmEeDot1YbZL%2Ftfo13aA%2FkBHOAO4Cd%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7c8b310c2f1d54af-YYZ

Redirect headers

location
https://btloader.com/tag?o=5735828726743040&upapi=true
date
Wed, 17 May 2023 10:31:33 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
7c8b3100ecbda24c-YYZ
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
prebid.js
strike.fox.com/static/tmz/display/libs/
346 KB
106 KB
Script
General
Full URL
https://strike.fox.com/static/tmz/display/libs/prebid.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8258 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a505bc6f5c7c047e4bc61224e6cc94e391216462205d73ff8edd0f62663546
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
tw8mVorn8rKPOBAkhgPH1GdODkTT_Ufl
content-encoding
gzip
date
Wed, 17 May 2023 10:31:33 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
VVACBR1KY6YJCXPW
x-amz-server-side-encryption
AES256
x-amz-id-2
R6XmcqTtQ1qFZubUrxatrVvkEgp+op2q9Hrc8BDbW1dAX7MJ5CRMCsVziqVOxhD5Cixpf9batGQ=
last-modified
Thu, 11 May 2023 20:39:52 GMT
server
AmazonS3
etag
"c821e2b378b472d1b7ae1cdd03853431"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Wed, 17 May 2023 10:41:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/
230 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:08:16 GMT
content-encoding
gzip
via
1.1 788c5a18883f334d0b09e6cda9d22c86.cloudfront.net (CloudFront), 1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1, CMH68-P1
age
1398
x-amz-server-side-encryption
AES256
etag
W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
w0QqxqqPC_3xoPC6Au1tilM1nmYKmdLfJ3HD6Vl88YFFtJbTtYDibg==
prod-v3%2Fimage%2F99a33800-7652-11ed-97e3-b3bdaad93632-0wc3j1bb674tzqouwyttdjk6.jpg
cdn.versusgame.com/ Frame 5453
21 KB
21 KB
Image
General
Full URL
https://cdn.versusgame.com/prod-v3%2Fimage%2F99a33800-7652-11ed-97e3-b3bdaad93632-0wc3j1bb674tzqouwyttdjk6.jpg
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-76.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
508eabfe0b4b9ed312e4f18cae2c6ef6ca8ce512034f7861be4b68598ecaa3eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:13:04 GMT
via
1.1 6ddb0e63e125bdf021ed77a899eab8e6.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 17:14:26 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
790399
etag
"5f48a0e7aebe94788f7a6b6cd0fd1c46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
content-length
21353
x-amz-cf-id
7_anel1Eqr4YpMS-EIHIh-HKGXygLIJ6jLUhfbQu5TSfAvWgV6JuiA==
nunito-sans-latin-900-normal.00dd63b0.woff2
minigames.versusgame.com/assets/ Frame 5453
17 KB
17 KB
Font
General
Full URL
https://minigames.versusgame.com/assets/nunito-sans-latin-900-normal.00dd63b0.woff2
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-95.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e

Request headers

Referer
https://minigames.versusgame.com/assets/vendor.8c7d64db.css
Origin
https://minigames.versusgame.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
via
1.1 91dd8eacda47a6712fbf02ab7b41ecce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 09:57:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
x-amz-server-side-encryption
AES256
etag
"a8c24ee1c2db8b27eaec48b3d85b6e5a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
17364
x-amz-cf-id
TDWfplg21SFIMbckG4uyalSGyA44HYkClq6diA_eKbPG35B9r2i9Dw==
576757_43e8e790-f40e-11ed-970a-739473c5e71b-img_7796_vg.mp4_poster.jpg
cdn.versusgame.com/prod-v3/video/ Frame 5453
167 KB
168 KB
Image
General
Full URL
https://cdn.versusgame.com/prod-v3/video/576757_43e8e790-f40e-11ed-970a-739473c5e71b-img_7796_vg.mp4_poster.jpg
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/widget/6d732902-d586-42ab-bcf1-db2a954b38cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-76.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7938e3d899756731b4d21fb9f08d181f6f7b4c355026d050ae8afd11bd775006

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 17:32:34 GMT
via
1.1 6ddb0e63e125bdf021ed77a899eab8e6.cloudfront.net (CloudFront)
last-modified
Tue, 16 May 2023 17:23:14 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
61140
etag
"776ae3a7289bc0c0746bdb1cdd937d5b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpg
x-amz-meta-thumbnail
TRUE
accept-ranges
bytes
content-length
170981
x-amz-cf-id
wB272HF51dPHYlPoHa4-07-1HH6RC2-TLDFRJcHWyt5PagFGWbOGVg==
tweet.b81b6d7af2d75db873cff6099e4f433a.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:33 GMT
Content-Encoding
gzip
Age
1601955
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2700
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (nyb/1D1D)
Etag
"09ec5707a836b9e4f4427dcddd1d0c64+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
js.stripe.com/v3/fingerprinted/js/ Frame 31ED
450 KB
101 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
4a57cb34fa86e2ffeb09eb7cd10a1a5b175fed1d15a665af3d8a033a009d2878
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:46:10 GMT
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
2736
x-cache
Hit from cloudfront
last-modified
Wed, 17 May 2023 01:44:37 GMT
server
Cloudfront
etag
W/"235b262cf6b1936ec9add95263f1452e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mhAcqVhhrQ-rhsMfKyjnUeGiFwhOjbLzt16WlltXl-oio3JeM1QHQA==
controller-b9ee6888db941d2b72de03d1d559b204.js
js.stripe.com/v3/fingerprinted/js/ Frame 31ED
459 KB
113 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b9ee6888db941d2b72de03d1d559b204.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
fc71a238d72eb45640a601e15edc4bc6b8deff4ab0701311b61b95876e5f2589
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:48:01 GMT
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
2736
x-cache
Hit from cloudfront
last-modified
Wed, 17 May 2023 01:44:35 GMT
server
Cloudfront
etag
W/"313e7b5824ff97967257f34d9c58b15d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
U3rEMIcaO4sNs6Jo4D5kgcxaYD5nk8wIdtFxXq8NzMK1fmp9sUJ4Cg==
/
sessions.bugsnag.com/ Frame
0
0
Preflight
General
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://playlist.megaphone.fm
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 17 May 2023 10:31:34 GMT
via
1.1 google
/
sessions.bugsnag.com/ Frame 0C68
21 B
140 B
XHR
General
Full URL
https://sessions.bugsnag.com/
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://playlist.megaphone.fm/
Bugsnag-Sent-At
2023-05-17T10:31:33.978Z
accept-language
en-CA,en;q=0.9
Bugsnag-Api-Key
6d09b1fc6798436edfd0ffc39376ffb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:34 GMT
via
1.1 google
bugsnag-session-uuid
3e7a53a3-a3e3-4c20-9853-baf5631f94fb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
pnply-font-medium-a1cea68670c4e014901a22c81c785f58ff9f9b9632f3cddbf3486447f42b1aaa.woff
playlist.megaphone.fm/assets/fonts/ Frame 0C68
19 KB
20 KB
Font
General
Full URL
https://playlist.megaphone.fm/assets/fonts/pnply-font-medium-a1cea68670c4e014901a22c81c785f58ff9f9b9632f3cddbf3486447f42b1aaa.woff
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/assets/application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://playlist.megaphone.fm/assets/application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
Origin
https://playlist.megaphone.fm
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
19808
content-type
application/font-woff
pnply-icons-94567b58b439d33ac5bb282ecec90da242e4d9c2f6b8e021d2c67b78d550dbea.woff
playlist.megaphone.fm/assets/fonts/ Frame 0C68
5 KB
5 KB
Font
General
Full URL
https://playlist.megaphone.fm/assets/fonts/pnply-icons-94567b58b439d33ac5bb282ecec90da242e4d9c2f6b8e021d2c67b78d550dbea.woff
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/assets/application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
c19fa4d8a5e883107ebd3a1a327e436cb81fe45f44b44b017ca90320a4b59cfd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://playlist.megaphone.fm/assets/application-e83cf2b33eb9c9d89a8a9889747cc6149ec878805e356e59516e96402432f579.css
Origin
https://playlist.megaphone.fm
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
4816
content-type
application/font-woff
megaphone-logo-42baf1720cc98bb25c6fe221f0fc842d.svg
playlist.megaphone.fm/packs/media/assets/images/ Frame 0C68
246 KB
247 KB
Image
General
Full URL
https://playlist.megaphone.fm/packs/media/assets/images/megaphone-logo-42baf1720cc98bb25c6fe221f0fc842d.svg
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
a412151fea5de9da277d60303490d6ccf542befbc21df8ffedce861c84bfcc28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
251986
content-type
image/svg+xml
megaphone-play-743177e1440b0095caac460495480698.png
playlist.megaphone.fm/packs/media/assets/images/ Frame 0C68
1015 B
1 KB
Image
General
Full URL
https://playlist.megaphone.fm/packs/media/assets/images/megaphone-play-743177e1440b0095caac460495480698.png
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.72.38.16 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.38.72.34.bc.googleusercontent.com
Software
/
Resource Hash
5225bc3c3d88edd3ca118f3af317cdead6bddfb5ee1ab9aa2411387803831e04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
content-length
1015
content-type
image/png
FOXM2059868704
player.megaphone.fm/playlist/ Frame 0C68
6 KB
3 KB
XHR
General
Full URL
https://player.megaphone.fm/playlist/FOXM2059868704?episodes=3
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f34058e60af69ef73e774011954ba9d6232b4fa143930e3cec254c1db1722bcf

Request headers

Accept
application/json, text/plain, */*
Referer
https://playlist.megaphone.fm/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:34 GMT
Content-Encoding
gzip
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1684319494.dop185.dc2.t,1684319494.cds181.dc2.shn,1684319494.dop185.dc2.t,1684319494.cds223.dc2.c
Cache-Control
max-age=23
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Authorization, Token
Content-Length
2300
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.203.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-203-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://minigames.versusgame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15768000
httpapi
api2.amplitude.com/2/ Frame 5453
94 B
286 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.13b24c47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.203.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-203-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
23b728dc05e13d8f3c4c08fc033111642c200be31027d7f4b6b524bfbc9fbffb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://minigames.versusgame.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:34 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6464ad06-4a0ff26a0a1192d57c257b77
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 May 2023 10:31:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E6F6
68 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16130a09a6f8f8546e8ed3a9472b7759ef6f7565634436f02184f1930507a249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31816
x-xss-protection
0
remote.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame E6F6
116 KB
33 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17df988d2395b27fbc18ea60d519f69d0091f7c7d300fdfb95ec3f362d20c3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
575383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33468
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:41:51 GMT
embed.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame E6F6
29 KB
8 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89870adeb8d8ef78a9933261d341ae02671be9ebc88fd82d5c2984b97ba6008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 05:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
105991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8240
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 May 2024 05:05:03 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 May 2023 10:31:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1368
68 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6abcb1c6449bdb41da1368b8dd620f47e40b2d88fcde83e8042e1f455342dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 17 May 2023 10:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31645
x-xss-protection
0
remote.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame 1368
116 KB
33 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17df988d2395b27fbc18ea60d519f69d0091f7c7d300fdfb95ec3f362d20c3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
575383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33468
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 May 2024 18:41:51 GMT
embed.js
www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/ Frame 1368
29 KB
8 KB
Script
General
Full URL
https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89870adeb8d8ef78a9933261d341ae02671be9ebc88fd82d5c2984b97ba6008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 05:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
105991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8240
x-xss-protection
0
last-modified
Wed, 10 May 2023 01:29:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 May 2024 05:05:03 GMT
update
global.ketchcdn.com/web/v2/consent/tmz/ Frame
0
0
Preflight
General
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/update
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Authorization
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE
access-control-allow-origin
https://www.tmz.com
content-length
0
content-security-policy
default-src 'self'
date
Wed, 17 May 2023 10:31:35 GMT
request-id
57c353e0-21e2-4ab3-be08-1520e5e57a48
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Origin
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
deny
x-served-by
cache-pdx12323-PDX, cache-yyz4528-YYZ
x-timer
S1684319495.975604,VS0,VE67
x-xss-protection
1; mode=block
update
global.ketchcdn.com/web/v2/consent/tmz/
3 B
187 B
Fetch
General
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/update
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:35 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-cache
MISS, MISS
request-id
356c6235-9159-4cfe-a4ee-10c7662dec4f
content-length
27
x-xss-protection
1; mode=block
x-served-by
cache-pdx12327-PDX, cache-yyz4528-YYZ
x-timer
S1684319495.060456,VS0,VE87
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
csp-report
q.stripe.com/ Frame 31ED
0
718 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684319495309297
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684319495308969
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 May 2023 10:31:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E6F6
90 B
133 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7602aebd2f8a91fc47333db9ec42757478f6e95b5aa9a9a2930f654a81640a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 17 May 2023 10:31:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1368
90 B
133 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c15::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34329ed18454d0cd30ecb05f3a38db89d776123eb8e7a7e0e913fd75461baabe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
tmz.json
prod.fennec.atp.fox/config/
271 B
629 B
Fetch
General
Full URL
https://prod.fennec.atp.fox/config/tmz.json
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24fd:2400:1f:e7d6:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd92ff5bcb19ef025cef4f38b293db773544174e222c97c6bccd03fad085670b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
C2f4keGeSinfmedmb.yHdpKJCaTdYq6V
date
Tue, 16 May 2023 21:11:15 GMT
via
1.1 fa84a65a8524de3d36ea32628a227200.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
age
48022
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
271
last-modified
Tue, 25 Apr 2023 19:13:13 GMT
server
AmazonS3
etag
"22af60a1c7cc1593f60659672db50220"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
K2D4lpsWDAWYchAvQY8l1igS5fYi0bysQ_enWjr7_AKRwLxoLxCrmQ==
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame E6F6
28 B
50 B
XHR
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time
1684319495816
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
X-YouTube-Client-Version
1.20230509.02.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5TDR3NmVVeVFHcyiD2pKjBg%3D%3D
X-YouTube-Ad-Signals
dt=1684319493254&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C684%2C385&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
tmzpodcast_icon_3000x3000.jpg
megaphone.imgix.net/podcasts/3442044e-1ca5-11ec-85b5-ebef4c5fb6f6/image/ Frame 0C68
48 KB
48 KB
Image
General
Full URL
https://megaphone.imgix.net/podcasts/3442044e-1ca5-11ec-85b5-ebef4c5fb6f6/image/tmzpodcast_icon_3000x3000.jpg?ixlib=rails-4.3.1&w=400&h=400
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:78::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b2fc31bd1aaa1d9dfacd6c9b3664118c5f48cfd045b332b67a4f7d10cd14424a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
x-content-type-options
nosniff
age
688476
x-cache
HIT, HIT
x-imgix-id
756fc3ba242545c41992d77b35208d069e99dc2a
cross-origin-resource-policy
cross-origin
content-length
49157
x-served-by
cache-sjc1000097-SJC, cache-iad-kjyo7100076-IAD
x-imgix-render-farm
01.9288
last-modified
Tue, 09 May 2023 11:16:59 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Imgix-Bg-Remove-Failure-Reason
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
u
7bd92.v.fwmrm.net/ad/
Redirect Chain
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?url=https%3A%2F%2Fwww.tmz.com%2F&ref=&tref=&tz=0&screen=1600x1200x24&cmpstatus=notrequired&e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22...
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&tref=&url=https%3A%2F%2Fwww.tmz.com%2F&tz=0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_hm=MmFjMGUyMTItNTczZS0zNTRjLTkzNjYtZDYzZmY3NzZjNmFi&google_redir=https%3A%2F%2Ffox.tagger.opecloud.com%2Fdbmhm%2Fpbfs.gif%3Fsource%3D...
  • https://fox.tagger.opecloud.com/dbmhm/pbfs.gif?source=fox&state=2-uZMNWWC2o44X2yB%2Bt1xwiZMb3WCSWy0VmjXwSEw%3D&puid=2ac0e212-573e-354c-9366-d63ff776c6ab
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%253D%26source%3Dfox&puid=%25%25TDID%25%25
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%253D%26source%3Dfox&puid=%25%25TDID%25%25
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=2d909864-2418-4a60-9ec8-c961d3e14a63&state=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%3D&source=fox
  • https://fox.tagger.opecloud.com/tradedesk/pbfs.gif?puid=2d909864-2418-4a60-9ec8-c961d3e14a63&state=2-PIsttAclCsFrnkx0hzFi7FWV8DiUWSZJYE8RreY%3D&source=fox
  • https://ups.analytics.yahoo.com/ups/58723/cms?partner_id=ONEPX&gdpr=false&state=2-e%252FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%252FtWs%253D&source=fox
  • https://tagger.opecloud.com/yahoo/pbfs.gif?yahoo_id=y-aF7fBJlE2p.rs_THe9PPaQ51NyxsPF403ww-~A&gdpr=0&source=fox&state=2-e%2FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%2FtWs%3D
  • https://fox.tagger.opecloud.com/yahoo/pbfs.gif?yahoo_id=y-aF7fBJlE2p.rs_THe9PPaQ51NyxsPF403ww-~A&gdpr=0&source=fox&state=2-e%2FCOHhYMAKXW5WzIDZ7FO2bLCdevf6vzgaW%2FtWs%3D
  • https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-AmCMXl40bkLkuKR0TdBplx%252FIoD4K0033KigZ6jY%253D%26puid%3D%23%7Bu...
0
411 B
Image
General
Full URL
https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-AmCMXl40bkLkuKR0TdBplx%252FIoD4K0033KigZ6jY%253D%26puid%3D%23%7Buser.id%7D
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Server
3.69.181.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-181-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:44 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
location
https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-AmCMXl40bkLkuKR0TdBplx%252FIoD4K0033KigZ6jY%253D%26puid%3D%23%7Buser.id%7D
cache-control
no-cache, no-store, must-revalidate
content-length
20
expires
0
embedded_player
www.youtube-nocookie.com/youtubei/v1/ Frame E6F6
29 KB
18 KB
Fetch
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
8a5eff6b2a26d66b4be230af006f107d38fadf7db83fe68ab2cc2ad69dd80b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20230509.02.00
X-Goog-Visitor-Id
Cgt5TDR3NmVVeVFHcyiD2pKjBg%3D%3D

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18532
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/
180 B
536 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3023&u=https%3A%2F%2Fwww.tmz.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
4438b6abebba6f52dcb9092621bb4eed4e10e838f036e69e069511b3f97aa29e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 07:40:57 GMT
via
1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P1
age
10238
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
180
x-amz-cf-id
twdSYmyJHInqsnVlLKcn6F_XzMSEoKOoprxidIoq9hDSAqH2cajGQw==
bid
aax.amazon-adsystem.com/e/dtb/
143 B
582 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3023&u=https%3A%2F%2Fwww.tmz.com%2F&pid=PmuMEJ5LkMXHS&cb=0&ws=1600x1200&v=23.505.1627&t=1000&slots=%5B%7B%22sd%22%3A%22ad-header%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x66%22%2C%221010x150%22%2C%221010x250%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Flb1%22%7D%2C%7B%22sd%22%3A%22ad-blogroll5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x66%22%2C%221010x150%22%2C%221010x250%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Flb2%22%7D%2C%7B%22sd%22%3A%22ad-sidebar1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban1%22%7D%2C%7B%22sd%22%3A%22ad-sidebar2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban2%22%7D%2C%7B%22sd%22%3A%22ad-sidebar3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3%22%7D%2C%7B%22sd%22%3A%22ad-sidebar4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban4%22%7D%2C%7B%22sd%22%3A%22ad-sidebar5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban5%22%7D%2C%7B%22sd%22%3A%22ad-sidebar6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban6%22%7D%2C%7B%22sd%22%3A%22ad-sidebar7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban7%22%7D%2C%7B%22sd%22%3A%22ad-sidebar8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban8%22%7D%2C%7B%22sd%22%3A%22ad-sidebar9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban9%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.180.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-180-227.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
1b8e14fff614c2140fecb76b740fee60671920a051a330bfedccd7829415038e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P2
x-amz-rid
GYS8V1W1AZSKTZ7V6X6B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
143
x-amz-cf-id
v0DBfbpbk3k8pU_sert0ze3Zu6HUEnX64lwqnTsGwQlHLTEOCvEqUQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 a239c31f56936d8dde678cf491dbaa28.cloudfront.net (CloudFront)
date
Tue, 16 May 2023 21:16:52 GMT
x-amz-cf-pop
CMH68-P1
age
47687
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-JU70dkvjKDxpjrc_mc5LLv4WrjTVmQXwKM0cfXUlPzg4P44v6a9pw==
Tweet.html
platform.twitter.com/embed/ Frame 2268
345 B
919 B
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DD2) /
Resource Hash
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1158
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 10:31:36 GMT
Etag
"d2097f657a50da1069b7639b48992214"
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1DD2)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
.deploy_status_henson.json
js.stripe.com/v3/ Frame 31ED
474 B
866 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6689e6dec40999eb649c33ecd144b5676d7506e6bd7d8304bf59730bf3fcf120

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c9f2bad4b1d8fa3dc2b4a75ae2cd62e4.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 May 2023 10:31:16 GMT
via
1.1 7d7f7790ad8ab9e81e905351df020944.cloudfront.net (CloudFront)
last-modified
Wed, 17 May 2023 02:13:37 GMT
server
Cloudfront
x-amz-cf-pop
CMH68-P1
age
53
etag
"249760bec5cb6747c608df305509e3c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
Jb_pvo0313FMckqTTb4-wTTxxhJfnl9xDGtr18hb-dpZ5dQKKFMlHA==
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 3EAF
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://minigames.versusgame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3060
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 09:40:45 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Tue, 09 May 2023 20:13:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-id
k7AqYGYnCmikFbDBn23t-nvOHTpvG0VG69pp2Cxt_26mQiTNT3DjGA==
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 1368
28 B
50 B
XHR
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time
1684319496292
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
X-YouTube-Client-Version
1.20230509.02.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtlYU5ZYnZZbkxacyiD2pKjBg%3D%3D
X-YouTube-Ad-Signals
dt=1684319493266&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
embedded_player
www.youtube-nocookie.com/youtubei/v1/ Frame 1368
30 KB
18 KB
Fetch
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
4e0d5d9af58e061a36086c0ccd113fead838b7d3a9917f9181f7283503d6df2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20230509.02.00
X-Goog-Visitor-Id
CgtlYU5ZYnZZbkxacyiD2pKjBg%3D%3D

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18817
x-xss-protection
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
1
content-length
0
date
Wed, 17 May 2023 10:31:37 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 17 May 2023 10:31:36 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
835196b8ac50a5f02e607e616c16aed76a13de85e4b5f04273dea451af02692d

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
340 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
94ce9b8053ba0fd11deb00ec655d32645dac5aabd04ec4b651d2ea7f8ddb0553

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
fb1282c130fe1dd08d4c2695c1d68e07e93522aeed67ade84f20ec19aff81e55

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
114 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
b6fecee3f1f99509c0b110177d0c334469d6b483c6931a73fdab36853498db8d

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
0f3ca066c2204a39dffb4b4f7f2fbb5b36ce74efbcb28898c0e262345196a05d

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
2d4c80892f37aa6e8463f1af7c1c11d6195c4850418db794806541bd5fcd26d5

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
139 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
ea56b1ba0d9c48b98236204ab5a2da35e9a4b1bb06fa68bc65c64cd2f0642a12

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
11a70ce0e5488d6ffabd2e0ac9dd0af2e6d10a5c860556981079053333543745

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
78ad837e2fd773eeb062168736f7664cc765a083dc68470b64fd0e4fe4c7956e

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
3b680b75ccbecc2aefb872163cd487ed964f764c12d4f9b356683e4b4469ade3

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
3735518a38780f6ae00743e402d2552b44bdfb2f541dff8fc882dbbe830e1698

Request headers

Referer
https://www.tmz.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/
19 B
823 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:36 GMT
AN-X-Request-Uuid
c54332c6-7ecd-4e11-9316-a4db19dd6e2c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.tmz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
114 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tmz.com
date
Wed, 17 May 2023 10:31:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
krk.kargo.com/api/v2/
2 B
768 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2230a00955-a107-438d-9c27-6aa2ee81d1ec%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1684319496494%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%223838e93d4e3324%22%3A%22_g0bSSAzdZz%22%2C%2239362eee51e7458%22%3A%22_g0bSSAzdZz%22%2C%22408668e5115e62c%22%3A%22_mG8B4zQOab%22%2C%2241d31d0cc6b6bf%22%3A%22_mG8B4zQOab%22%2C%22427e141a56c3b21%22%3A%22_mG8B4zQOab%22%2C%22432214471e3a0e2%22%3A%22_mG8B4zQOab%22%2C%2244885335a8a68dd%22%3A%22_mG8B4zQOab%22%2C%224536f6ed3963951%22%3A%22_mG8B4zQOab%22%2C%22466e4b65a1ddc4d%22%3A%22_mG8B4zQOab%22%2C%2247a30c97f762665%22%3A%22_mG8B4zQOab%22%2C%2248c8cae00b1ae9a%22%3A%22_mG8B4zQOab%22%7D%2C%22bidSizes%22%3A%7B%223838e93d4e3324%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%2C%2239362eee51e7458%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%2C%22408668e5115e62c%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%2241d31d0cc6b6bf%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22427e141a56c3b21%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22432214471e3a0e2%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%2244885335a8a68dd%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%224536f6ed3963951%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22466e4b65a1ddc4d%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%2247a30c97f762665%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%2248c8cae00b1ae9a%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_g0bSSAzdZz%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-header%22%2C%22transactionId%22%3A%229aa8aba7-70b0-441d-a811-5f0acba9ddd0%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%2C%22bidId%22%3A%223838e93d4e3324%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_g0bSSAzdZz%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-blogroll5%22%2C%22transactionId%22%3A%22ee484119-cc43-4efc-aa3f-256461e1c06a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B1010%2C150%5D%2C%5B1010%2C250%5D%5D%2C%22bidId%22%3A%2239362eee51e7458%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar1%22%2C%22transactionId%22%3A%22e63081b9-1ee0-452c-a877-165c5127e4fc%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%22408668e5115e62c%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar2%22%2C%22transactionId%22%3A%226658a1b6-6451-4447-a7bc-0f6be9dfea86%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%2241d31d0cc6b6bf%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar3%22%2C%22transactionId%22%3A%22686d120a-fbc7-4bc2-ae7b-a2843019e99a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%22427e141a56c3b21%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar4%22%2C%22transactionId%22%3A%22c160c96d-01ee-480e-98ad-d6e66374d3d1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%22432214471e3a0e2%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar5%22%2C%22transactionId%22%3A%226f99ac0a-646a-4d95-92b7-db59901a91e8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%2244885335a8a68dd%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar6%22%2C%22transactionId%22%3A%22742019bf-bffb-4b01-892d-73e8959d7a83%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%224536f6ed3963951%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar7%22%2C%22transactionId%22%3A%223c6ac75e-f8ca-4827-93c2-c8ee3f348e50%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%22466e4b65a1ddc4d%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar8%22%2C%22transactionId%22%3A%22ec9e4e5e-8f34-472c-af6f-80f1b6624424%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%2247a30c97f762665%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mG8B4zQOab%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-sidebar9%22%2C%22transactionId%22%3A%22f538f82d-614b-4de7-a8f1-c43495320798%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C300%5D%5D%2C%22bidId%22%3A%2248c8cae00b1ae9a%22%2C%22bidderRequestId%22%3A%223726347ebb9be44%22%2C%22auctionId%22%3A%22271d10ab-61c0-455f-b292-a590bc082b12%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.tmz.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.167.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-167-165.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:36 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.tmz.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/
37 B
562 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=785515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22492ebe128af0a14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.tmz.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A11%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A11%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.tmz.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22502ee04b9129944%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1010%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%221010x150%22%7D%7D%2C%7B%22w%22%3A1010%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%221010x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22549ca81096f931f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1010%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%221010x150%22%7D%7D%2C%7B%22w%22%3A1010%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%221010x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2258d54fe9c50e122%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785516%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785516%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785516%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22616ad27cc42cda2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785517%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785517%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785517%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22640b4cc1a32e019%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785518%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785518%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785518%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2267eb1a901112707%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785519%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785519%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785519%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22701258955a9c663%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785520%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785520%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785520%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22737aeb34b7948d3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785521%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785521%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785521%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2276cb2a9d44f3428%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785522%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785522%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785522%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22796658b32f114c9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2282646866df560aa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22785523%22%2C%22sid%22%3A%22300x300%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281904c2a3c974cb159213635a29d65e04457f7ecd0f46c50fb9482ef7ba884e

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxfuBMRWkMsjLlI68aRn9vNGWdt3I4i5VBg39FRuL59HM0gc5aKLGb5sqvd%2FjZujZM%2BSH4WIpetXomLQt8l8xnepCnuV8qm3T4%2Ft1pkAcgLqgXF6yBnAtgT1KJV8c4Y9KNTXYh3U"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c8b3115b851ca94-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
582 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330128&size_id=2&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=9aa8aba7-70b0-441d-a811-5f0acba9ddd0&l_pb_bid_id=861a9e5d0a85102&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1859493089377675
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d09c134d32af36bc0a0d548c97c280cbab1bdc65f50501726d878413bf48166d

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
808 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330128&size_id=2&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=ee484119-cc43-4efc-aa3f-256461e1c06a&l_pb_bid_id=877528cee7067c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7067204426695328
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3e645d7b9dd12ed071e03671d191f188fb2330af3b1a0deb458c48b886fbad86

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
588 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330130&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=e63081b9-1ee0-452c-a877-165c5127e4fc&l_pb_bid_id=8811c22c6ac9bc5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5640220693648226
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd03be2652a58d958488470060225e44c146f7a696933391c355eeee19b7b890

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
587 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330132&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=6658a1b6-6451-4447-a7bc-0f6be9dfea86&l_pb_bid_id=89412494592b6e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5278601216444136
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
72a418acbd35a013ad51278ee6c258d293bcff425ec5edc8407cc43712853d3e

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
588 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330134&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=686d120a-fbc7-4bc2-ae7b-a2843019e99a&l_pb_bid_id=9093d5bf86665fa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7221339566746787
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
37edcafbce3ae9b6ed4e6a5f4516726f7d45d200efa2e3628dcc3aac4e3ebcda

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
587 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330136&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=c160c96d-01ee-480e-98ad-d6e66374d3d1&l_pb_bid_id=9147a4cd2aab1f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.094604153091435
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41f9d9cd89fdd83a94b89761c25ab2af7650fb2815e294594ba3da6b697a5edd

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
588 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330138&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=6f99ac0a-646a-4d95-92b7-db59901a91e8&l_pb_bid_id=92ce924035c6b16&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7626060712214668
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd3918687e421e37364d1fc0699288a40608f880dffc76764da0e191facfa0d1

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
610 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330140&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=742019bf-bffb-4b01-892d-73e8959d7a83&l_pb_bid_id=9328eebb43b0e5e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9910624207622436
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e38e5cc21222c8d9011f7bfb4fca3cd03da7ce3e45863ef35d1f65eed7867542

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
588 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330142&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=3c6ac75e-f8ca-4827-93c2-c8ee3f348e50&l_pb_bid_id=941041e5ec7adb5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5963319121606838
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93f5992488eebd57fbca877984cefa95ca91385fed675fe35fcdb091c145a8b0

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
587 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330144&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=ec9e4e5e-8f34-472c-af6f-80f1b6624424&l_pb_bid_id=953a055e055439f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08228986713164432
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2cb44dc38d8f6c71dd66b07955f87d7d7517858966aa329bf1baddc69026168c

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
264 B
587 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330144&size_id=15&alt_size_ids=10%2C48&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=f538f82d-614b-4de7-a8f1-c43495320798&l_pb_bid_id=96bc59452c3bd7d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3468930523167362
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35e6d809eecb9e8425a2ea4247aafa3e0c8e4d8b33fc4e69b81ff75e2068d044

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/
19 B
681 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.0&referrer=https%3A%2F%2Fwww.tmz.com%2F&tmax=2000&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.47.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-47-251.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:37 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
363 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e351ed427314575ebfbfe4e095649b28093e13fc979a6c1d62df1fd6a628659

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 17 May 2023 10:31:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
arj
foxnews-d.openx.net/w/1.0/
190 B
598 B
XHR
General
Full URL
https://foxnews-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.tmz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9aa8aba7-70b0-441d-a811-5f0acba9ddd0%2Cee484119-cc43-4efc-aa3f-256461e1c06a%2Ce63081b9-1ee0-452c-a877-165c5127e4fc%2C6658a1b6-6451-4447-a7bc-0f6be9dfea86%2C686d120a-fbc7-4bc2-ae7b-a2843019e99a%2Cc160c96d-01ee-480e-98ad-d6e66374d3d1%2C6f99ac0a-646a-4d95-92b7-db59901a91e8%2C742019bf-bffb-4b01-892d-73e8959d7a83%2C3c6ac75e-f8ca-4827-93c2-c8ee3f348e50%2Cec9e4e5e-8f34-472c-af6f-80f1b6624424%2Cf538f82d-614b-4de7-a8f1-c43495320798&nocache=1684319496547&us_privacy=1---&aus=728x90%2C970x250%2C1010x150%2C1010x250%7C728x90%2C970x250%2C1010x150%2C1010x250%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300%7C300x250%2C300x600%2C300x300&divids=ad-header%2Cad-blogroll5%2Cad-sidebar1%2Cad-sidebar2%2Cad-sidebar3%2Cad-sidebar4%2Cad-sidebar5%2Cad-sidebar6%2Cad-sidebar7%2Cad-sidebar8%2Cad-sidebar9&aucs=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&auid=557084240%2C557084240%2C557084241%2C557084242%2C557084243%2C557084244%2C557084245%2C557084246%2C557084247%2C557084248%2C557084248
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ab2e41bc82336e77a895982ee30b23aaf8829646ae9dbce4c113adfbd4d59dc3

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.tmz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/
18 B
309 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.0&cb=68732021848
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=ddBfB28VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
210 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=ddBfB28VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
210 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dnRK7q8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dubQuw8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
380 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dBsx0M8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dG2Dbc8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
210 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPO5ye8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dWnlLe8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
210 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=d2k7PU8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=d8lMJq8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
139 B
219 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=d8lMJq8VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
embed.runtime.232343e99e6d76cfc54c.js
platform.twitter.com/embed/ Frame 2268
9 KB
5 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D06) /
Resource Hash
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:36 GMT
Content-Encoding
gzip
Age
1601958
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
4270
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D06)
Etag
"e01f8ab700f24c66fe2636ef6d898fe2+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.7796.bcf3cda3b2793b041a6f.js
platform.twitter.com/embed/ Frame 2268
541 KB
175 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0A) /
Resource Hash
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:36 GMT
Content-Encoding
gzip
Age
316534
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
178589
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D0A)
Etag
"181758f65a236af2b7df8253478be162+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.Tweet.54eb639af55e6d874411.js
platform.twitter.com/embed/ Frame 2268
16 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.Tweet.54eb639af55e6d874411.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:36 GMT
Content-Encoding
gzip
Age
1601958
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6411
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1DCD)
Etag
"61f75b72f1cc66571c698582adc626d8+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 3EAF
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 17 May 2023 10:18:35 GMT
x-content-type-options
nosniff
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
784
x-cache
Hit from cloudfront
content-length
631
last-modified
Thu, 04 May 2023 20:01:43 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QBso3iuniH2376-jJwwpMeHqhgmj9OD3Q5WDUxT6_pa4LHcNIOKGzw==
px.gif
ad-delivery.net/
43 B
343 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1358364
x-guploader-uploadid
ADPycdtXf3p7BEUcy1y5SWj7OAAhVCjuFfaiJGIpUMyUuzbCUx6UHIPRyC8U0GHDo4LbsVb8kofKn8cik2NF8j0iUXmYGGX8rfOP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOw529j0D%2Fp8e7zy8xl9PveE%2BMzmMufhLr2by72mDprqOqZRC4zXuOndah0N%2BzS7M9zj4MW11NgbzUImpxi93CN5kxa9B1OYoWCVS4tcT%2FFJNHyUQ4KHKHG%2BZvVNwJmN%2FAy9V6Dq5wVV5FWe9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c8b31177dbba204-YYZ
expires
Mon, 01 May 2023 17:42:44 GMT
favicon.ico
ad.doubleclick.net/
1 KB
573 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.196.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
uk-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 May 2023 18:59:35 GMT
px.gif
ad-delivery.net/
43 B
938 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.0026000698923254184
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1358364
x-guploader-uploadid
ADPycdtXf3p7BEUcy1y5SWj7OAAhVCjuFfaiJGIpUMyUuzbCUx6UHIPRyC8U0GHDo4LbsVb8kofKn8cik2NF8j0iUXmYGGX8rfOP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UPIVE%2FQA2Mt%2BdmNiruK6LknikFTbIQhyhvPdmFawpMl%2FUM2LUCRG1rIjlpDs011iIM4XqgiCltp%2BNidXhf%2FgKdr9qaj0McKw5nRLzyoaiDGByfSrhQOvZNTgfa6w5d6j%2F9ZTPKidh5TYakY9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c8b31177dbda204-YYZ
expires
Mon, 01 May 2023 17:42:44 GMT
async-api.ad3273bd-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
3 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:36 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45KKGDY53CM0X4A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1353
x-amz-id-2
k+gL/aSRL51J3F0Orvbr4ahbzXhmSc3Raaeusenvl/EJUGYCvoJgS0FPEvxhU3N5Q8gHgFKM3zY=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319497.981524,VS0,VE0
etag
"d7011e3a3501d54c9be8929572a18598"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2733
session-manager.2a8d47d1-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
15 KB
6 KB
Script
General
Full URL
https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:36 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45Z8MGW2G1J0JVC
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5781
x-amz-id-2
5ETQNnBIytwgKU/SdKHl7WDd6frguj4On3pvYX24VhOgtsU5tVIhKTk/ZHUebUvrpPhBSOj3+G0=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319497.981613,VS0,VE0
etag
"e42e9b9282d7865427c32ad60eea44b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2018443
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
459 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.176.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-176-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:37 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.176.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-176-32.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 17 May 2023 10:31:37 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
xid
prod.xid.atp.fox/v2/
47 B
271 B
Fetch
General
Full URL
https://prod.xid.atp.fox/v2/xid
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.125.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-125-220.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
5defc00512db59bfe7b8d0c4e5701966a8a6be6de119e93a5e8b4d2ed8001f4c

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;

Response headers

access-control-allow-origin
https://www.tmz.com
date
Wed, 17 May 2023 10:31:37 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
47
vary
Origin
content-type
application/json
xid
prod.xid.atp.fox/v2/ Frame
0
0
Preflight
General
Full URL
https://prod.xid.atp.fox/v2/xid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.125.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-125-220.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.tmz.com
date
Wed, 17 May 2023 10:31:37 GMT
server
awselb/2.0
iu3
s.amazon-adsystem.com/ Frame A12D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
313 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
955c9900f91960383fb075846176206ea0807157b53c9404696aa8e630545d4d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
313
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 17 May 2023 10:31:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VSCVTQCPG7HVY10YHWXA

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 17 May 2023 10:31:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VCR6N8E8AJ2XC8HCE025
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367095
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497366785
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367002
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497366831
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367552
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1684319497367046
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367879
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367429
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367242
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367070
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367268
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497366925
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367610
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367388
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367167
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367255
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367370
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367115
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 31ED
0
273 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-aa0dbdca0a71bac4589db0a72bbc67d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:37 GMT
x-stripe-server-envoy-start-time-us
1684319497367891
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1684319497367567
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 3EAF
0
717 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684319497368189
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684319497367596
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 3EAF
0
717 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684319497367745
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684319497367606
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 89C0
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
99
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:29:59 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-id
dwDNHt2CDyy5AvSiBlVBkC_EBrziNNmZ0ehZMUsxI-mK7FLH2_rSFA==
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E6F6
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 May 2023 10:31:37 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1368
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 May 2023 10:31:37 GMT
country
api.btloader.com/
16 B
203 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=lfgSRuIOL&w=5655392579223552&o=5735828726743040&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.tmz.com%2F&sid=h7HDm4uCv&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
csp-report
q.stripe.com/ Frame 89C0
0
491 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 17 May 2023 10:31:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684319497659148
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1684319497658885
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 89C0
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:30:07 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
90
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
TRhKjvfVKFU8e86_fAmxgAH69za6YMPlukJ5yBD0X5aIY1znQkKxsw==
pr
s.amazon-adsystem.com/v3/ Frame 2BE9
2 KB
2 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e473efb030c7aa69e5a09e86c8376394de2264613b018c71dad21dd4d1ca0aea
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1754
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 17 May 2023 10:31:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
265SXX890GHYKF3X0A4G
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 2268
19 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2E) /
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:37 GMT
Content-Encoding
gzip
Age
1601959
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6789
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D2E)
Etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
platform.twitter.com/embed/ Frame 2268
4 KB
2 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D19) /
Resource Hash
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:37 GMT
Content-Encoding
gzip
Age
1601959
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
1519
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D19)
Etag
"9b4625539e420d3aa9e7164c41134250+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
platform.twitter.com/embed/ Frame 2268
35 KB
11 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D28) /
Resource Hash
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:37 GMT
Content-Encoding
gzip
Age
1601959
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
11068
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D28)
Etag
"d9721c440687123317b741f7ee34aefb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
lazy-loader.c8cd494b-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
921 B
645 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:37 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45JCN9WT1W5CK1C
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
410
x-amz-id-2
9J+JGj6PLz8bcLetxKBcBnYDeooucNfkUW8qLMElEC59ipbeC94WurjHSnTzlRW32XOZsw+XvJI=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319498.846769,VS0,VE0
etag
"43b458adcc5ab7566291590de5438262"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2019021
ecm3
s.amazon-adsystem.com/ Frame 2BE9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1684319497939
  • https://ad.turn.com/r/cs?pid=45&rndcb=340716730
  • https://sync.1rx.io/usersync/turn/7773351280725958108?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-0300fc3b-d7bf-46f1-a9ef-7bc8...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z00ESDXVPJW5DQXSVVV2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 17 May 2023 10:31:41 GMT
Server
Tengine
ETag
RX0300fc3bd7bf46f1a9ef7bc89480ea3d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005
Content-Type
text/html
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 2BE9
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273210971454852000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273210971454852000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZ7BEBHNZCJ0496983AH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:37 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273210971454852000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 17 May 2023 10:31:37 GMT
integrator.js
adservice.google.ca/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.tmz.com
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c01::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tmz.com
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c04::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
49 KB
21 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Clb1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x250%7C970x66%7C1010x150%7C1010x250&ifi=1&adks=3254797906&didk=3460462850&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498050&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=436&adys=35&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=1600x314&msz=1600x70&fws=4&ohw=1600&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb9daebaa2a418a696da6617aaa7d222e6c86815d9bcc3bc2df1a6cff874594e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20874
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
539 B
340 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cskin&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=3x3&ifi=2&adks=4204576372&didk=2507869301&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498077&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=799&adys=599&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=1600x61852&msz=1600x-1&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6afb45fc58e1309ac5cb169831ef57f680ebb26dccffaedea879e9cccb070cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
585 B
392 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Coop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=3&adks=852677705&didk=3515002534&sfv=1-0-40&ists=1&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498089&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=800&adys=61853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=1600x61852&msz=1600x0&fws=0&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33fbf032826fd0605169fcc5498e5dd539482481be18b44fbdcb09455a8d2cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
541 B
343 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Clb2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x250%7C970x66%7C1010x150%7C1010x250&ifi=4&adks=2082127935&didk=2286218936&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498098&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=263&adys=18723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=728x60732&msz=728x90&fws=0&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c333f0e53ef846d34a62586700a24d92819d3c8907472cd34b0cad2e02cbada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
49 KB
21 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=5&adks=4066739781&didk=4236135307&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498108&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=562&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x861&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd335f5ff437c7ae27ed3ec959b9d4c4fd4c6f2524f03d619e3c941fce31a29c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20924
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
49 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=6&adks=1519689470&didk=4236135308&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498117&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=2826&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cbf1984a3a2e076f407d4b25d817ab9cdc78c862ef0db82fd2166cf1fe77049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20861
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=7&adks=2450303528&didk=4236135309&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498123&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=5058&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c12903c52fe15e8c6cd0df8810fffbdc84ef7e7ff8c862497181f22dbc74539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14054
x-xss-protection
0
google-lineitem-id
6025548439
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413042629
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban4&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=8&adks=3104782664&didk=4236135310&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498135&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=7290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04661086981dd31ebe696d8a8fe503bb6e15c3f97ced28541d50a6918bc4b03a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14462
x-xss-protection
0
google-lineitem-id
6026357477
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138393315328
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
590 B
350 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban5&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=9&adks=668116819&didk=4236135311&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498143&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=9522&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc10b61fb0e7fe1b852668f038ed3b66a20efbb8e97d6bab912670cc3b8c53ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban6&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=10&adks=4055465572&didk=4236135296&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498150&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=11786&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dfcbc245c00b4ab368b6fa576303cd954f8cd8b519f419d6dcc9dfa82dd4414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14569
x-xss-protection
0
google-lineitem-id
6025594249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138393314368
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
590 B
344 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban7&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=11&adks=2526581090&didk=4236135297&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498177&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=14018&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2c0a2c45c65cb3d835c934d24f7dc8d120a51934fb5daa533b9c23dbc47771f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
590 B
346 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban8&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=12&adks=575345959&didk=4236135298&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498183&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=16250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x346&msz=300x250&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92115c9ee145a65046b4bb865c18604c3f5163cca8ccf7ec2f877ded88a2c675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
590 B
347 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=444311531886474&correlator=1562808052320267&eid=31074474%2C31074533&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Chp%2Cban9&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x300&fluid=height&ifi=13&adks=2994084847&didk=4236135299&sfv=1-0-40&prev_scp=c%3Dhome%26adtype%3Dfirst%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dhome%26sub_section%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&ppid=8b8e530f050d4b9dadf0ab548c791b1e&sc=1&cookie_enabled=1&abxe=1&dt=1684319498186&lmt=1684319498&dlt=1684319487877&idt=3149&adxs=1037&adys=18517&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=10&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tmz.com%2F&frm=20&vis=1&psz=300x70&msz=300x70&fws=512&ohw=0&ga_vid=1084030298.1684319489&ga_sid=1684319498&ga_hid=1734746088&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d81d2271d28ff156b882ca97e799f253d3a605bf10df1e6f5c9fc0733556548f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C69
6 KB
3 KB
Document
General
Full URL
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0c::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:38 GMT
expires
Thu, 16 May 2024 10:31:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/113/ Frame 1368
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 17 May 2023 18:24:08 GMT
cast_sender.js
www.gstatic.com/eureka/clank/113/ Frame E6F6
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 17 May 2023 18:24:08 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 65F5
4 KB
2 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.135.175 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-135-175.compute-1.amazonaws.com
Software
nginx /
Resource Hash
783c9724461a403cde99ee0cc94cb51924f140a5cd07d58641db154363e007da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 17 May 2023 10:31:38 GMT
etag
W/"064fb0ed6cdd36edcb7d4fceb7d115e21"
server
nginx
timing-allow-origin
*
httpapi
api2.amplitude.com/2/ Frame 5453
93 B
286 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: minigames.versusgame.com
URL: https://minigames.versusgame.com/assets/vendor.13b24c47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.203.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-203-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d9d152985eff2984a9e73b6f153f3618a4e75ecce023d8f3417585558a3b0a13
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://minigames.versusgame.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:38 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6464ad0a-42a26044127664d952f365f5
content-length
93
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.203.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-203-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://minigames.versusgame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:38 GMT
strict-transport-security
max-age=15768000
usermatch
ssum-sec.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
3e91db0285a6d6e4496bddf7e102fd376b68785d73d4b36872cd0f6932446e4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1703
Content-Type
text/html
Date
Wed, 17 May 2023 10:31:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 17 May 2023 10:31:38 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
match.sharethrough.com/jwumXNuB/v1/ Frame CBCD
427 B
938 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
c9529f57b94083c65c1cc01970fb27d1b9e87e8cf7ff5c35570396b5d9bbccd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Wed, 17 May 2023 10:31:38 GMT
submit
prod.pyxis.atp.fox/pyxis/ Frame
0
0
Preflight
General
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:e36:d806:a626:4d72:4b0d:1f4e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
date
Wed, 17 May 2023 10:31:39 GMT
submit
prod.pyxis.atp.fox/pyxis/
71 B
448 B
Fetch
General
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:e36:d806:a626:4d72:4b0d:1f4e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1428ca8ba0ad84ca327eab89bd41ad7777d88ddc5cf1b31f618ec04bfad38da2

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json;

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
71
tamptsync
sync-amz.ads.yieldmo.com/ Frame 22B2
1 KB
1 KB
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.93.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-93-7.compute-1.amazonaws.com
Software
/
Resource Hash
3f147cb3af5ce9041d8a658f2ba356d49a3676cf4f4e864c63ed27d039ec733e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 17 May 2023 10:31:39 GMT
pragma
no-cache
vary
accept-encoding
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2768803346163236077
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2768803346163236077
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Wed, 17 May 2023 10:31:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dec7b30a-665d-48aa-949e-ac07544226d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2768803346163236077
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26us...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2da9d31c-026b-5289-b8aa-17d9dccebad4&ssp=gumgum2&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 17 May 2023 10:31:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4dc4839d-c658-578e-70ac-1dd3650e544d$ip$149.56.153.180
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4dc4839d-c658-578e-70ac-1dd3650e544d$ip$149.56.153.180
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4dc4839d-c658-578e-70ac-1dd3650e544d$ip$149.56.153.180
Date
Wed, 17 May 2023 10:31:40 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVBEE6TGLFGDQQ2DNBBDKVTLIR3UCNKNLE
  • https://usersync.gumgum.com/usersync?b=zem&i=BBzfYL8CChB5VkDwA5MY
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=BBzfYL8CChB5VkDwA5MY
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=BBzfYL8CChB5VkDwA5MY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=uKJJ4yyMvqXI&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=uKJJ4yyMvqXI&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=uKJJ4yyMvqXI&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b9f9f4b7f-kxxc2
expires
-1
c.gif
c.bing.com/ Frame 65F5
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fSf3QD8JiKI5LQB5JSA9XICagk_XfYDQGGILNItZZx4Hl_idINsAmEprhejWD2tm%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&obuid=ENC(fSf3QD8JiKI5LQB5JSA9XICagk_XfYDQGGILNItZZx4Hl_idINsAmEprhejWD2tm)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
42 B
175 B
Image
General
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
last-modified
Thu, 04 May 2023 15:33:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 16875A374CB14875878A3DDB730D0073 Ref B: YMQ01EDGE0819 Ref C: 2023-05-17T10:31:43Z
etag
"231a8c19d7ed91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

Location
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Date
Wed, 17 May 2023 10:31:43 GMT
X-TraceId
582bad9ea07474bf2542c6b5291d66e9
Content-Length
0
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=bfe0eb02-8959-051c-1500-f2197414a8a9
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=bfe0eb02-8959-051c-1500-f2197414a8a9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=bfe0eb02-8959-051c-1500-f2197414a8a9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-27Ho2LZE2peYArp3LtAuJWyIOpip2ux1T153~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-27Ho2LZE2peYArp3LtAuJWyIOpip2ux1T153~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 17 May 2023 10:31:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-27Ho2LZE2peYArp3LtAuJWyIOpip2ux1T153~A
content-length
0
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=0d06390d-c3cf-4217-afc3-9de254b71b0f
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=0d06390d-c3cf-4217-afc3-9de254b71b0f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=0d06390d-c3cf-4217-afc3-9de254b71b0f
Date
Wed, 17 May 2023 10:31:40 GMT
Connection
keep-alive
X-CI-RTID
1b5e3c1b-e078-4416-aa69-44adb147a01d
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 17 May 2023 10:31:40 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1055891165
location
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 65F5
0
222 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:39 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=99fa6124-c2d7-4941-bfb0-9e715c45c9ad
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=99fa6124-c2d7-4941-bfb0-9e715c45c9ad
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=99fa6124-c2d7-4941-bfb0-9e715c45c9ad
access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:41 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 65F5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2248550271948191650
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2248550271948191650
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2248550271948191650
date
Wed, 17 May 2023 10:31:40 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 65F5
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_fde2e35b-d1e8-4857-a935-8de12bd3b086
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JYMSJ1W6RN8XYG6SC1VX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CBCD
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=5d16c636-2886-467d-b0c1-d8fb6317e279
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
16S0SKRB8QE7GDWQ8TQA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame CBCD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHRKCA12-D-DA9B&gdpr=0
68 B
607 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHRKCA12-D-DA9B&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHRKCA12-D-DA9B&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
v1
match.sharethrough.com/sync/ Frame CBCD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2768803346163236077
68 B
606 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2768803346163236077
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
487831d6-412d-4708-936f-0d19760f07e1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2768803346163236077
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame CBCD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=BBzfYL8CChB5VkDwA5MY
68 B
605 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=BBzfYL8CChB5VkDwA5MY
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=BBzfYL8CChB5VkDwA5MY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame CBCD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
68 B
603 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKmA0Kk_S5CxWybu_YNY4bY&google_cver=1
43 B
631 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKmA0Kk_S5CxWybu_YNY4bY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKmA0Kk_S5CxWybu_YNY4bY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expiration=1686911499&gdpr=0&gdpr_consent=
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expiration=1686911499&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expiration=1686911499&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 94C0
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4QN8C41QG180MQKKN4TB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGStCqTjy5FfWw6nXPYvfwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIICL6zwFoG4ipjI5K6AW-U&google_cver=1
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIICL6zwFoG4ipjI5K6AW-U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIICL6zwFoG4ipjI5K6AW-U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2768803346163236077
43 B
631 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2768803346163236077
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 17 May 2023 10:31:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a04e441c-eef5-476a-b4ec-1b4405a3ba2f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2768803346163236077
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=63038ceb-6793-83ba-5b73f849
43 B
631 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=63038ceb-6793-83ba-5b73f849
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 17 May 2023 10:31:40 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=63038ceb-6793-83ba-5b73f849
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=14682feb2c950534&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAB2T8arRypEwN12JurAAAAAAA&expiration=1684405901&is_secure=true
43 B
631 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAB2T8arRypEwN12JurAAAAAAA&expiration=1684405901&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAB2T8arRypEwN12JurAAAAAAA&expiration=1684405901&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 94C0
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625787502750739
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625787502750739
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625787502750739
Date
Wed, 17 May 2023 10:31:40 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 94C0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z062FZ3SQYX2H1Q7RM0X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
6
m.stripe.com/ Frame 89C0
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.153.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-153-0.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f8ef786d4f879b47e62f6d1d755b9b770b2e0b3aed6775c2f1b02c3d5b0ecd52
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684319499477957
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1684319499477326
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
875.2c240adb-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HY74WTM9HCGVTFX
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3692
x-amz-id-2
vzy8catZaGs0sNXeXUZ9I6GjU5gVKnG3ddeB807w3Z3BnjLDcLb0LM7frU7+YeBmdEjTocrs2Bw=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271082,VS0,VE0
etag
"12b760183a18786621f95a5599ea91d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2666
page_view_event-aggregate.5a238c1f-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
11 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45ZMT60MRXY88GE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4123
x-amz-id-2
6aFeSJvr1jaLcGnzv4ZjvrTCge/AlT6+VjvezZkNhH3cvZNDYIObJofUTeZdl9QLsW8oeAJjaxw=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271206,VS0,VE0
etag
"397497131773c37606e11fcb4222917f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2649
page_view_timing-aggregate.ddd91465-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
12 KB
5 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
KHXNJBG8ZN51AW16
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4571
x-amz-id-2
hxGMXwn5s/pXMgjjq1PqZmkncrNouhtDRLSPSoEwJg2Nf+oOYeJ+zH+h27UTN6RH/bQcaKHYLQA=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271191,VS0,VE0
etag
"38f4d68378bfe3989db669dc9385b7c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2851
metrics-aggregate.c2ad263a-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45ZTE5S6R5XPW9G
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1663
x-amz-id-2
3Q2yiGJITHcascATzk7VM9wejiDnWfG10tiAItUihZO1IB38XFM+Ut0VPceFRYM+GBxoR+WgbCc=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.272218,VS0,VE0
etag
"581d99ebc34c05e0a160a0c4a848cae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2764
jserrors-aggregate.017d6ea4-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HY3XBE7ABW6188P
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2704
x-amz-id-2
2FL882sWYPrEx1TE6GyUtb8X5Co+1SHHsPs/NvPh+j1r40Xx3byBPkh8VeBGYGrSbQKn6BK7el4=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271843,VS0,VE0
etag
"3eccc20152284ae6154ef68728b49a85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1952
ajax-aggregate.666f66ea-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
5 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HY7WBDKXJMJV51H
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2159
x-amz-id-2
MJXWe7xRZo9Dt8TeXTfHfaSgw2PhaSMefSD3R1akURMUF+N5i+ZriJxw2j1W8tGUOiIZBWI74to=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271665,VS0,VE0
etag
"6f55903bceeb36daf6c5579103364266"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1404
session_trace-aggregate.c0ef217a-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
8 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
KHXVF9MJS22TBSEM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3302
x-amz-id-2
xVgjpCZtJpmh6kbBVZeXoFZ69xQCRDTU0qe/BzWylUOjzuVC6otxZyYOg/0XiU2HHsL9LkH3TLQ=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271654,VS0,VE0
etag
"8658ef92a475808fc6ed23b10731217d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2099
page_action-aggregate.64dc4751-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z45HR198JVF1XWKH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
985
x-amz-id-2
75QCttkXSibv+SZ+Uq7Lsju++RWWCfhUUsog0nodhfH1XUtvVi5Vm5r3XWvHqAyINrm0UXTytLs=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271630,VS0,VE0
etag
"19f8af5dbc48da5cec8a15e4e37572a2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1951
spa-aggregate.342172b1-1.232.0.min.js
js-agent.newrelic.com/ Frame 0C68
18 KB
7 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 10:31:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
KHXQQHMWE5A5KBYC
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6574
x-amz-id-2
kWWu1HJvAtPFbGsx1YJ9PoDFWG60LUnesx3b4JZNwBcjSSnahd/ClpX4wDYSYaUr99czWnd0MXM=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684319499.271613,VS0,VE0
etag
"cd8a824b2ab07e7b696cf7565028153b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1441
container.html
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD32
6 KB
3 KB
Document
General
Full URL
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0c::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:39 GMT
expires
Thu, 16 May 2024 10:31:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CA0
6 KB
3 KB
Document
General
Full URL
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c0c::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:39 GMT
expires
Thu, 16 May 2024 10:31:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9B25
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstma5F3pyQ339VRzeRXU4U0_piUTze42sg_7K9pi0vJwRbLqf-Aj1rK5qIYq1MrVWMXf3xPCzWLNaawKeRZ5neIPi8Ay0_q9EIe56Qtnu1vJXzTer-qWeOUnkH6Go8mCvn_euzn2FF-_oOkoJaP24szAvojILJFWVljJjR2O2_F76_9VCOcMOTAKILr9tYLHZM0xZKwh3H_n2Xk6WSM5p3RBzJ-5NwiMwwjoP5N-Ye7sy_oNz7OdKpvAUKYsy4whY_8ankEQY5IV4m6NH9NpRG6SnAPrSrQMi8LNYvNdpJYgeqHnmpZGpIMvzTQzjk&sai=AMfl-YSYIBSJbJ1Fxnwb5wEgc7EfNUloGxHIgteyg498DQb0eeQxsafl819WtDStR-3i8Q2tao3gn3uYddx0gS5tVJ9LMSAZrPKJxfcEiNAdOTGR7_8hHzqzRuOE4HCEzvJm3d8sJ2G1CVxJRU3ndkEVyH0&sig=Cg0ArKJSzAq9XkiNIR5-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 9B25
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:28:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B25
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:39 GMT
moatad.js
z.moatads.com/fxnwsv2L3592D3FC21/ Frame 9B25
345 KB
117 KB
Script
General
Full URL
https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a56d7725b40ffe9d3ba00f024e204e190a246c1eb107a8c7380a969da4f3cfc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:31 GMT
server
AmazonS3
x-amz-request-id
XDF0VRF3WN2CFGBA
etag
"849dc8939ae707eb4f5fd66a785481c6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63658
accept-ranges
bytes
content-length
119698
x-amz-id-2
asOn/u6d8Hi8Pi6N8KIDHoIoQMUupueR9vMb5of9QgoPazUSDymllgtKvWqtEX38nB7iY3ZFvxZMzs/ySoIwtRNIwEyS1d9O8u9LYQ6YcbM=
15244475610163325492
tpc.googlesyndication.com/simgad/ Frame 9B25
49 KB
49 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15244475610163325492
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
388178b826b5cf925dbfa00da775e4195f9181c27bfa1807b4729dcd2a1b6289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49676
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 19:41:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 May 2024 10:31:39 GMT
l
www.google.com/ads/measurement/ Frame 9B25
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGNuyCbbjTNKevlKkKfppNEIAdHQQxmgQ82gdy0bIsKImO-OW904o3C2GckTDVUJ6y-Csu4M9jPQDkr_45UGTcZwDSlQ
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

truncated
/ Frame 9B25
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02ebcd30b3c075a6f619019d2c3e054c0e33dc8c7870d7a509cefbd7a484f06a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
container.html
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DE6
6 KB
3 KB
Document
General
Full URL
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c0c::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:39 GMT
expires
Thu, 16 May 2024 10:31:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.123.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 May 2023 10:31:39 GMT
ecm3
s.amazon-adsystem.com/ Frame 97F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1sbHREZmdsRTJ1THBCQkxsZ2pJYlBJamp3T09VanhiQX5B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1sbHREZmdsRTJ1THBCQkxsZ2pJYlBJamp3T09VanhiQX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-vmg_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
X31X84MVMEEPQ8934ZA1

Redirect headers

age
0
content-length
0
date
Wed, 17 May 2023 10:31:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1sbHREZmdsRTJ1THBCQkxsZ2pJYlBJamp3T09VanhiQX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
envelope
api.rlcdn.com/api/identity/
0
0

pd
us-u.openx.net/w/1.0/ Frame A12A
749 B
787 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
80b4b4ac46ada4def892d2a927c7fe8a4cfe041cf3d91c2d472214cdec60a635

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
475
content-type
text/html
date
Wed, 17 May 2023 10:31:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
de.tynt.com/deb/ Frame 08A8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
26ea63b37ba528871356111e81cbb3c8a2b7618997a06c7483a5e993b115ee7f

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9F01
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=82395
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 17 May 2023 10:31:40 GMT
expires
Thu, 18 May 2023 09:24:55 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame F382
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
078d40511d5f933d7964012a5fcc1dd28a2dc214ee23c8716a3571443164c63c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:40 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
async_usersync.html
acdn.adnxs.com/dmp/ Frame 18BD
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14958
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 17 May 2023 10:31:40 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
390, 8989
X-Served-By
cache-lga13626-LGA, cache-yyz4581-YYZ
X-Timer
S1684319500.208241,VS0,VE0
/
de.tynt.com/deb/ Frame 6ABC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
80a3267066656d1d4e5d915140a1174481f2853a28189171523eecafad78154c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
de.tynt.com/deb/ Frame 5491
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
80a3267066656d1d4e5d915140a1174481f2853a28189171523eecafad78154c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usync.html
eus.rubiconproject.com/ Frame 3A59
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 May 2023 10:31:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 11A2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
078d40511d5f933d7964012a5fcc1dd28a2dc214ee23c8716a3571443164c63c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:40 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
ixmatch.html
js-sec.indexww.com/um/ Frame 6326
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
533
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c8b312d79a2a1f8-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:40 GMT
expires
Wed, 17 May 2023 14:31:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f6ebdde04d909c8e45968f20db43c1c8490a1d792611ec0ad53887ea7a2f8ef9

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1110
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 17 May 2023 10:31:40 GMT
location
/sync?us_privacy=1---&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
de.tynt.com/deb/ Frame 8007
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
26ea63b37ba528871356111e81cbb3c8a2b7618997a06c7483a5e993b115ee7f

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:40 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
de.tynt.com/deb/ Frame 4AEF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
80a3267066656d1d4e5d915140a1174481f2853a28189171523eecafad78154c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
de.tynt.com/deb/ Frame 60F1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
80a3267066656d1d4e5d915140a1174481f2853a28189171523eecafad78154c

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
de.tynt.com/deb/ Frame D434
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
1 KB
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4def31d1b5e43eaa877ec9e5f811a2f98098f1e51144979d41f9bcfffb84f347

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1416
content-type
text/html
date
Wed, 17 May 2023 10:31:40 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 17 May 2023 10:31:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
sync
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=themediagridus_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user-sync
sync.adkernel.com/ Frame 12E7
21 B
191 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Wed, 17 May 2023 10:31:40 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame AACC
9 B
175 B
Document
General
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 17 May 2023 10:31:44 GMT
Server
nginx
Transfer-Encoding
chunked
ecm3
s.amazon-adsystem.com/ Frame 22B2
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g61a31454be8ab0bb78e
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TCN74TWS41MJ10GVNHNN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 22B2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g61a31454be8ab0bb78e
  • https://ads.yieldmo.com/v000/sync?tdid=2d909864-2418-4a60-9ec8-c961d3e14a63
43 B
475 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?tdid=2d909864-2418-4a60-9ec8-c961d3e14a63
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
44.197.95.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-95-124.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=2d909864-2418-4a60-9ec8-c961d3e14a63
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
pixel
cm.g.doubleclick.net/ Frame 22B2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzYxYTMxNDU0YmU4YWIwYmI3OGU=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 22B2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyOTcwOUEtQUUyMi00MzA0LTk2MjctRjRCQzAyNDYzMzFE&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC429709A-AE22-4304-9627-F4BC0246331D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
43 B
799 B
Image
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.4.93.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-93-7.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame 22B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=2768803346163236077&pn_id=an
43 B
578 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?userid=2768803346163236077&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
44.197.95.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-95-124.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 17 May 2023 10:31:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
53d2b233-0c28-4632-9cc2-1e9d59796e42
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=2768803346163236077&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 22B2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LHRKCA12-D-DA9B
43 B
577 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LHRKCA12-D-DA9B
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
44.197.95.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-95-124.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LHRKCA12-D-DA9B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame E6F6
28 B
50 B
XHR
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time
1684319500683
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=1
X-YouTube-Client-Version
1.20230509.02.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5TDR3NmVVeVFHcyiD2pKjBg%3D%3D
X-YouTube-Ad-Signals
dt=1684319493566&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C684%2C385&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 1368
28 B
50 B
XHR
General
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cfa9e7cb/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c08::88 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time
1684319500760
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fwww.tmz.com&widgetid=2
X-YouTube-Client-Version
1.20230509.02.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtlYU5ZYnZZbkxacyiD2pKjBg%3D%3D
X-YouTube-Ad-Signals
dt=1684319493648&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
embed.5644.a53236fb4061481eff44.js
platform.twitter.com/embed/ Frame 2268
275 KB
85 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D06) /
Resource Hash
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:40 GMT
Content-Encoding
gzip
Age
1601962
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
86309
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D06)
Etag
"fffbc835ce5ea74b50841277f004ec87+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
platform.twitter.com/embed/ Frame 2268
82 KB
19 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DD2) /
Resource Hash
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:40 GMT
Content-Encoding
gzip
Age
1601962
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
19182
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1DD2)
Etag
"78eb335064b247abbd726915a1908ad4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
sd
us-u.openx.net/w/1.0/ Frame A12A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGStAwAAAHemOANP
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGStAwAAAHemOANP
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12834-YUL
pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684319501.052964,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGStAwAAAHemOANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dc1a2936-31e0-af03-43ac-f401431364a6
pr-bh.ybp.yahoo.com/sync/openx/ Frame A12A
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/dc1a2936-31e0-af03-43ac-f401431364a6?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:c104:fcd:17de:de96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame A12A
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=100b330f-bde6-86b0-b275-6063d477620f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4M443T8VNYDXE2MGD3AB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A12A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=48dd4f72-a14c-3d4a-727b-e2f4bc44a9ef&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame A12A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjRiMjljYjgtNjgzYi02M2VlLTY3OWItYjg0ZDc2YTY2Nzhm
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A12A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOR41eXqk6aibKotVtgPKqQ&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOR41eXqk6aibKotVtgPKqQ&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOR41eXqk6aibKotVtgPKqQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41F7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUmNW5GNrOjTLsrbbSUaluNhokfpobSE-XbsfsSmwDZHJJ0Qcofh3vxtiRKwXAoSPFMzs4icczqo76xwDA5mdTtn32ddkt1IOXeqOC06FJxQ8buePo-svYwystxzoBVROFM6T-vh8fmfgp3C9lghPQiLndds_wI7ZxTwwTw1hEb_v7JRmib2CZisCRv_2CvULuArPGpAMkhPSOj_51YBv75sPsBDBLD7m3srqwOkajMJ8k1245buCHrvvHcZ4fW1o1eIdOcWd4bge_aTSROf9Y6Ux9mhxeITgge8DCJz8DGT9ULoYWAA3ypXwkBdo&sai=AMfl-YS5rC_BKhY9T3kTkIFcwgW9dTBf4OiWfl_k7AsOzuPWOAfPa3tFL5V7fvKOOD39HmHq99-q36gXuSi_N9yXWtwly_2mgSpOcf9_80NHGWzVezzLmRVgBcdvkBanZjo_HOjkkSqGfkail1ErhdABdQ&sig=Cg0ArKJSzORvsWC4j_awEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 41F7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:28:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 41F7
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:41 GMT
moatad.js
z.moatads.com/fxnwsv2L3592D3FC21/ Frame 41F7
345 KB
117 KB
Script
General
Full URL
https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a56d7725b40ffe9d3ba00f024e204e190a246c1eb107a8c7380a969da4f3cfc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:31 GMT
server
AmazonS3
x-amz-request-id
XDF0VRF3WN2CFGBA
etag
"849dc8939ae707eb4f5fd66a785481c6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63656
accept-ranges
bytes
content-length
119698
x-amz-id-2
asOn/u6d8Hi8Pi6N8KIDHoIoQMUupueR9vMb5of9QgoPazUSDymllgtKvWqtEX38nB7iY3ZFvxZMzs/ySoIwtRNIwEyS1d9O8u9LYQ6YcbM=
3771409964792371247
tpc.googlesyndication.com/simgad/ Frame 41F7
51 KB
51 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3771409964792371247
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89be435897d895e354f5b1ad28b46b308546ba6f743032f8bc5a0e45e14fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51741
x-xss-protection
0
last-modified
Tue, 24 May 2022 17:42:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 May 2024 10:31:41 GMT
l
www.google.com/ads/measurement/ Frame 41F7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2Km85ue0WaQlcU6ebb_wCJFzvpy20xuggi_ZSDH7QjWnxIZeKeSvFijjyIU2Nv9xiNghVF0xxFvLJ3lRigHIPyQESug
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

truncated
/ Frame 41F7
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f48c942480d880cb38a956105efa2b8dc29804cb96eeb2ae56368a4e1589bd56

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C6C
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=82394
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 17 May 2023 10:31:41 GMT
expires
Thu, 18 May 2023 09:24:55 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 87AE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=2d909864-2418-4a60-9ec8-c961d3e14a63
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=2d909864-2418-4a60-9ec8-c961d3e14a63
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 17 May 2023 10:31:41 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=2d909864-2418-4a60-9ec8-c961d3e14a63
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 7BC8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:41 GMT
Expires
Wed, 17 May 2023 10:31:40 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master iad-pixel-x16 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=&gdpr_consent=
usync.js
eus.rubiconproject.com/ Frame 3A59
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 22:35:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43400
Connection
keep-alive
Content-Length
10021
Expires
Wed, 17 May 2023 22:35:01 GMT
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2d909864-2418-4a60-9ec8-c961d3e14a63&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=2d909864-2418-4a60-9ec8-c961d3e14a63&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=2d909864-2418-4a60-9ec8-c961d3e14a63&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKJ5cGoR9-mN0Pk52Z8bmJA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKJ5cGoR9-mN0Pk52Z8bmJA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKJ5cGoR9-mN0Pk52Z8bmJA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CD9
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njc1NTAyNDE2NDc4MDEzNTk3NjQx
date
Wed, 17 May 2023 10:31:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0CD9
0
514 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=675502416478013597641&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DDBDCF0785634AAEB30461C3AD88B087 Ref B: YMQ01EDGE0622 Ref C: 2023-05-17T10:31:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX74TGYaXi/Wiu/P0It2w==
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=675502416478013597641&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=triplelift&gdpr=0
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1d7de830-109e-4a27-a34e-b84b8c56fe0b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1d7de830-109e-4a27-a34e-b84b8c56fe0b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1d7de830-109e-4a27-a34e-b84b8c56fe0b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 17 May 2023 10:31:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 0CD9
42 B
666 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=675502416478013597641&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
last-modified
Thu, 04 May 2023 15:33:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C4348D9F84D64D1DA1131F9C0F4F222E Ref B: YMQ01EDGE0819 Ref C: 2023-05-17T10:31:41Z
etag
"231a8c19d7ed91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/675502416478013597641?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-wEcUBn1E2oTnni2aD8wqZrvKbOKNfPvoqhCOmGHK6w--~A&dongle=0883
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-wEcUBn1E2oTnni2aD8wqZrvKbOKNfPvoqhCOmGHK6w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 17 May 2023 10:31:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-wEcUBn1E2oTnni2aD8wqZrvKbOKNfPvoqhCOmGHK6w--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=BBzfYL8CChB5VkDwA5MY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJBHUZSZJQ4EG...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BBzfYL8CChB5VkDwA5MY
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BBzfYL8CChB5VkDwA5MY
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BBzfYL8CChB5VkDwA5MY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 0CD9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2768803346163236077&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2768803346163236077&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Wed, 17 May 2023 10:31:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3ff89bed-bc7f-46d7-bc15-23fe6e2ca664
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2768803346163236077&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D6C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFf7fj7S4U67yHQ0oIA8OwFHZlkv3W_bnIwdDWvYGlc50FZayBdgfq8PW_WW7PH4l_V0e_6r2DxBE2gHbEzk_jV6rxMw0v6posbFDPguiZWBnIFb2-OKFx507zpDqfpc3OkndQbfyE0pL79tpDTP2m4O4dqgOnt_jizDP0WNuqseeT6hPrTLMiioNpcBO5qeaiQRjflMK9nxH9k3BX10XrT0SdA7vLzNpJm7wiWtNLmwbvRbYywC377fXdTFOqCX8uqoUe0Y-gJgW4flL8j9TiXBNtx4954JoGxA4WeRjmC6KUxcuR_OQ07lNz17g&sai=AMfl-YQrjyS8q1Tc0lhaH3r8FxTnnCsKjwU4rgTAd99U87_qadyQFaE8wZXSSbmdrI8spoN5tYzAWxu8J0q2htHsr7aLGG16zlJhT4qKd9OpQrkDl51ukD0xSENchjoc0mdBwM9hd1WijfPpB2yyIgwZjQ&sig=Cg0ArKJSzDRh3DwDJG4EEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 0D6C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
1398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:08:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D6C
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:41 GMT
moatad.js
z.moatads.com/fxnwsv2L3592D3FC21/ Frame 0D6C
345 KB
117 KB
Script
General
Full URL
https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a56d7725b40ffe9d3ba00f024e204e190a246c1eb107a8c7380a969da4f3cfc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:31 GMT
server
AmazonS3
x-amz-request-id
XDF0VRF3WN2CFGBA
etag
"849dc8939ae707eb4f5fd66a785481c6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63656
accept-ranges
bytes
content-length
119698
x-amz-id-2
asOn/u6d8Hi8Pi6N8KIDHoIoQMUupueR9vMb5of9QgoPazUSDymllgtKvWqtEX38nB7iY3ZFvxZMzs/ySoIwtRNIwEyS1d9O8u9LYQ6YcbM=
3665390343998941557
tpc.googlesyndication.com/simgad/ Frame 0D6C
84 KB
84 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3665390343998941557
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6edf029cf7b808c4cee5b82193250c6ab84be004a1c9373b32dcb24423882e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85825
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 20:43:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 May 2024 10:31:41 GMT
l
www.google.com/ads/measurement/ Frame 0D6C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRydVLC_CgEYK2xEGPIkuU7Q3KDckan-UNCjHDGFfHSB4oRre194m9umGL0YYoBzcoyQMnENW1y7KMtHltKcMi0mUNGg
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

truncated
/ Frame 0D6C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d926b03634b02b768f3114f9e9c4cbb4bcd15e7d871ec4edde0d91657e9e408

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame FD32
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZQbkCq1kZOjeD8mInwTKwJ7AA6Omsctshcifqa0QwI23ARABIABg_eiigfADggEXY2EtcHViLTYyNzUwMzAyMjE5NTI1MTXIAQngAgCoAwGqBPgBT9CgK1sT_0BVWFlKwqeXA9erUtYdoX4Jv8lpcXu3wYkKM2eGuExPpC_8Z6yZxiCQ5fqf0fbURSse1ZJiVlwqcLMBWaEnGhMUMVSLwAVbAyQZ7lpEaPuB91UW4E0_AObVIX3pl-5RLWmMvrYw9sxiBJM2CvPqpemhYbUEg98OVLH8w--xYO2K3rcuWZGW-lkIJwa3b5zus7gVhha2_Y-eagFAM7fjFcSoRmBlDRdXuzJ2RLpw1a4pCJuUo5-oBsZx5rRFq18mbB2vMVwZGiAmOCuS35w6uLHOexzhVuPbNZraT4O8fzplWhk5N8S8anprYuaIBoeVYrHgBAGABqiUluu09Z3TSaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYyNzUwMzAyMjE5NTI1MTUYyMEV&sigh=Kv1jMqYRgpU&uach_m=[UACH]&cid=CAQSTQBygQiDMTCN5lCd-doMDLtvWLLMGNYI-YUNJAzsGROkSXqMMEnDuA0w3pENZkiW0PU5GqWeIuUS6rD4dkMYM8X7nDQjqd0GWsx5iEsNGAE
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

winnotice
trace.mediago.io/api/log/ Frame FD32
0
0
Fetch
General
Full URL
https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=2afc227ae03e079806a2ade234a22966&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1684319498&dp=Gmn6YdRZu2RiKIo0Ok6aLqWRon9lAuDfsSpJTAIv7yM&dsp_id=22&url=VvJVWody_kXwQ9BtSPk8K2WKgEI_qSGElrHCdO0k3Qs&sp=Gmn6YdRZu2RiKIo0Ok6aLqWRon9lAuDfsSpJTAIv7yM
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
style_banner_728x90_standard_127e5e.css
cdn.mediago.io/js/template/style/ Frame FD32
4 KB
4 KB
Stylesheet
General
Full URL
https://cdn.mediago.io/js/template/style/style_banner_728x90_standard_127e5e.css
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-38.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60c3a5babd0a75ece28db3fb5de437637ebeccdd2e8f3f99c760b6fb1910d3d5

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Origin
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
viD_AJufokwJlGj2EargcMbRBxVoKRzl
date
Wed, 17 May 2023 08:29:28 GMT
via
1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 07:01:55 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
7338
x-amz-server-side-encryption
AES256
etag
"fb044b942a726f3fe8fbb3de5c0c0690"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
3751
x-amz-cf-id
_BUd7_e_GyWslQe-ttKxAWKsVCEEFaz0TIDC2-xT5V1VLP2O1iXD8Q==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame FD32
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
1398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame FD32
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
server
cafe
etag
5156626137554315251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:31:41 GMT
l
www.google.com/ads/measurement/ Frame FD32
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXhc20e7wNCbyyQkl8tpP_KXQFkuL7FkdfXcUikU38l95XKUOFCeGowjPL3iNcYcKB5jvtuinxO-5bE2TUVX-IjV_5dw
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FD32
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 May 2024 10:27:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD32
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:41 GMT
truncated
/ Frame E6F6
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
wJxR7jjc_cxPlHvPi6DOEeqBVB1-mVKhV4atm7JOnjDkkyGGxugfqpxfT7zuUu9qAaZLNoBwNKU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E6F6
1 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/wJxR7jjc_cxPlHvPi6DOEeqBVB1-mVKhV4atm7JOnjDkkyGGxugfqpxfT7zuUu9qAaZLNoBwNKU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
12c8a44a41b19fb16406cafc2ada63a66d27d568851e8fc0e86c5d97b9910f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:50:57 GMT
x-content-type-options
nosniff
age
2444
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1494
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 May 2023 09:50:57 GMT
maxresdefault.jpg
i.ytimg.com/vi/86IVxf_KbEQ/ Frame E6F6
83 KB
83 KB
Image
General
Full URL
https://i.ytimg.com/vi/86IVxf_KbEQ/maxresdefault.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2016 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9d15f593af95c4491e9987501d717b27235444966ef846718d7c88c61497ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:20 GMT
x-content-type-options
nosniff
age
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84701
x-xss-protection
0
server
sffe
etag
"1588023393"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 17 May 2023 12:31:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3CA0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM4GuCq1kZLz1IdnZnwT3_IGACKOmsctshcifqa0QwI23ARABIABg_eiigfADggEXY2EtcHViLTYyNzUwMzAyMjE5NTI1MTXIAQngAgCoAwGqBPgBT9ADlOvLtblDD4ZPXlOYSsOSlrKVHyPJxdoRqiQDJWR55Zw-BeoeHQVzedSNYN8CbVQT_eRoP940cH_oNRg-j5wKa8iC_AjW47ZUDqNDUR5CV3WwIWH6TkEBX_yZkJ2udWrK5Qen7S6hqcAfpMgZ1-Wx60bPb4W7br2Y50MfXuUrKS8GceH8GUyLvNDeSpHXRVUhOeF3THHD8ZVnFGF8KjCGDtziIdMszFj0zw8iN0baakoEITeoyW1TPeCkn5ohg5VlEJC7Ua46DUV2lm0waUY1qcYVSqkxMEXUj5hj89RSmpn_8DLXO6hVHoy7Ec71XyRkCZ3ADwbgBAGABvnr0czI5drBiAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02Mjc1MDMwMjIxOTUyNTE1GMjBFQ&sigh=srSQTHMkTV4&uach_m=[UACH]&cid=CAQSTQBygQiDoNk758o5ujS53Yz9GjCxc2sSRtvWKGruBgAGE4QkkgpZE47IKCm4cuKxIYrWVnt225aAnZqcsY25AJ2D6A652OiMYO5YlGnrGAE
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

winnotice
trace.mediago.io/api/log/ Frame 3CA0
0
0
Fetch
General
Full URL
https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=fb8974bcc026b8bcdb22f91cc77a6262&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1684319498&dp=LUwiiQSYJXHySE8MaPATAMmJOMarH-WA4jquVjaaEXo&dsp_id=22&url=MKDZ2V3RGRBgnDbqS9ZY3IQV_NH-KQL0uiaRvKUpt-Y&sp=LUwiiQSYJXHySE8MaPATAMmJOMarH-WA4jquVjaaEXo
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
style_banner_300*250.css
cdn.mediago.io/js/template/style/ Frame 3CA0
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.mediago.io/js/template/style/style_banner_300*250.css
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-38.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
551f69e7bbf6b354cf7c56cbbf449def07337e85d4eef18c1c0b3dda173371c9

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Origin
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
MwvM9DLKTwx9PSJuExyXdAInt7iTlKkz
date
Wed, 17 May 2023 00:39:45 GMT
via
1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 02:58:08 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
79647
x-amz-server-side-encryption
AES256
etag
"a780bd9e0339004ac3a4e0a250f2c0ce"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1958
x-amz-cf-id
7BQC4h92VZm1-DBpmCLxwkRsURj-dS1riUpcXJahkgoovw36XmranA==
3584fc805156109a03c344ead52ec09b__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 3CA0
98 KB
98 KB
Image
General
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/3584fc805156109a03c344ead52ec09b__scv1__300x175.png
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:d000:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b88279b5448e1b1a7b51cb4cd40eeb19d4766ec4913e1d854b045f3a3a8f89cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
d9EnRSYiqoXyIfLspTuituirdcCvpGg1
date
Tue, 16 May 2023 15:58:36 GMT
via
1.1 b2e4ee7da1129b64011b5c8c604f1c26.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
66809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
100239
last-modified
Thu, 27 Apr 2023 05:32:15 GMT
server
AmazonS3
etag
"514d5c0c0b771bd83dbeb38c04bedcf6"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
0CY0QYCTaPnJki0-E5aoCwTusOIW9fS2Gy4IH_dP9K9PafIhBx-CKQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 3CA0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
1398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 3CA0
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
server
cafe
etag
5156626137554315251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:31:41 GMT
l
www.google.com/ads/measurement/ Frame 3CA0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7CtetLMQ3MJ3VTLss4T4zdMKdEC0INEzyf-4JbvQEXWfO2716MsRLBo7ofrifDs0fKQdchGzdmZGj0KQbyVHNJZDgyA
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3CA0
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 May 2024 10:27:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3CA0
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7DE6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTcBaCq1kZM2rNs3anwTolaWgCKOmsctshcifqa0QwI23ARABIABg_eiigfADggEXY2EtcHViLTYyNzUwMzAyMjE5NTI1MTXIAQngAgCoAwGqBP4BT9BKLpfqj-veGCsyE-kZYKDjSf9mnwe52L0SA24_4WVzUxYUKtGZ9B0L1M7jYWIreyx6qz9YWRjxBfr9nSy_zKwPe60-zAnadIYhAVlCu5jFS3RtdZfouP1xMhndVAIh3cTL6rZw84GSo86g9JqDL40kTEgPGMbOVidJS2RldU1nPGpid7VukPqFM47o1BlIRdC9s8MC4Zr1X-avSyGHwn-2jtLhdnv_Pn9I3Sq8ZpFOrFmF6XhIODFExakwa1EkZrGp2rmQEAytEkO0kfFKpkIdJYL3oBaJuJq5juAzQr3NP7q4ajdbfFSVu3YVhyoCGi62Uy0TuMdqRw-Cn9HgBAGABvnr0czI5drBiAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02Mjc1MDMwMjIxOTUyNTE1GMjBFQ&sigh=K13dWZRHqMo&uach_m=[UACH]&cid=CAQSTQBygQiD0eqX6krlymcneownPwHoTQNYWKlEdipBhZcnK18gB0Zq2jyHbke_T28b_t-OcWLWv2sjX1gcWZlo4Bd_DQU5c6dSC47-Ke18GAE
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

winnotice
trace.mediago.io/api/log/ Frame 7DE6
0
0
Fetch
General
Full URL
https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=1f17922bb3b8e32f9b7a8dce46bd1f62&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1684319499&dp=4nZlso6NHT1XZfgNKWHmBab_adIwwq2cGHPx7bDvmSk&dsp_id=22&url=eyvzVmepfztwaEq3S89WSl4nnxlGzEGpfL6wUYiXaUk&sp=4nZlso6NHT1XZfgNKWHmBab_adIwwq2cGHPx7bDvmSk
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
style_banner_300*250.css
cdn.mediago.io/js/template/style/ Frame 7DE6
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.mediago.io/js/template/style/style_banner_300*250.css
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-38.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
551f69e7bbf6b354cf7c56cbbf449def07337e85d4eef18c1c0b3dda173371c9

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Origin
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
MwvM9DLKTwx9PSJuExyXdAInt7iTlKkz
date
Wed, 17 May 2023 00:39:45 GMT
via
1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 02:58:08 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
79647
x-amz-server-side-encryption
AES256
etag
"a780bd9e0339004ac3a4e0a250f2c0ce"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1958
x-amz-cf-id
0G3ZH0t6mw-y11_XqWIopMtZt6HjHvWsuvt-NeFZy99WX--MJ4v1JQ==
3584fc805156109a03c344ead52ec09b__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 7DE6
98 KB
98 KB
Image
General
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/3584fc805156109a03c344ead52ec09b__scv1__300x175.png
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:d000:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b88279b5448e1b1a7b51cb4cd40eeb19d4766ec4913e1d854b045f3a3a8f89cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
d9EnRSYiqoXyIfLspTuituirdcCvpGg1
date
Tue, 16 May 2023 15:58:36 GMT
via
1.1 b2e4ee7da1129b64011b5c8c604f1c26.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
66809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
100239
last-modified
Thu, 27 Apr 2023 05:32:15 GMT
server
AmazonS3
etag
"514d5c0c0b771bd83dbeb38c04bedcf6"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
gv6nQ_ENDvgtl2llkcswIKKKCPTCvMBUxWcnRMY2oXwtY95MfoJ7Gg==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 7DE6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
1398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 7DE6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
server
cafe
etag
5156626137554315251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 May 2023 10:31:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7DE6
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 May 2024 10:27:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DE6
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53845
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684150324481819"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 10:31:41 GMT
async_usersync
ib.adnxs.com/ Frame 18BD
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:41 GMT
AN-X-Request-Uuid
8054df60-863d-45c4-9fc2-81efc671fed6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 06BA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGStAwAAAHemOANP&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZGStAwAAAHemOANP&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 17 May 2023 10:31:41 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZGStAwAAAHemOANP&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12834-YUL
x-timer
S1684319502.680323,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 530B
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9mZGUyZTM1Yi1kMWU4LTQ4NTctYTkzNS04ZGUxMmJkM2IwODY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 0346
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGStDsCo8XYAAPDDDTUAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZGStDsCo8XYAAPDDDTUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 17 May 2023 10:31:42 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZGStDsCo8XYAAPDDDTUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad149.dc4p.scaleout.jp
X-SO-IP
149.56.153.180
X-SO-Key
ZGStDsCo8XYAAPDDDTUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.180","key":"ZGStDsCo8XYAAPDDDTUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad149"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad149
usync.html
eus.rubiconproject.com/ Frame 8C60
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:41 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 8007
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1---
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=the33across&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1---&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8007
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500517.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
225 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x17 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame 8007
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8007
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=77d430de3e6e1a08&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl1ANE0JIRAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1ANE0JIRAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1ANE0JIRAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1ANE0JIRAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8007
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d8lMJq8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 7267
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 May 2023 10:31:41 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 08A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625787502750739&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 08A8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500517.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x7 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame 08A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 08A8
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=45aa2714cd040534&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABpsxHilBfqAMp3K1TAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfqAMp3K1TAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfqAMp3K1TAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfqAMp3K1TAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 08A8
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dubQuw8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 8A38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:41 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 5491
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TcSDncZYV45wrB3TZQ5UTZU4mbQ&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5491
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5491
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=11bdf70db7da0534&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl1gMUvt6oAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1gMUvt6oAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1gMUvt6oAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl1gMUvt6oAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5491
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5491
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dWnlLe8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x8 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
usync.html
eus.rubiconproject.com/ Frame 28E6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 6ABC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6ABC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x21 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame 6ABC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6ABC
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4b1e7ede3ca51a08&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACAFOLwWctLQMlKCmEAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctLQMlKCmEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctLQMlKCmEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctLQMlKCmEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6ABC
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=d2k7PU8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 06D1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 11A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TcSDncZYV45wrB3TZQ5UTZU4mbQ&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 11A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 11A2
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=62d8246e9e141a08&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB2T8arRypKwMxC30RAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8arRypKwMxC30RAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8arRypKwMxC30RAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8arRypKwMxC30RAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 11A2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 11A2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500520.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dG2Dbc8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x17 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
usync.html
eus.rubiconproject.com/ Frame FA63
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame F382
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79365997055a4b3e9c451f56caf64d4b&ssp=the33across&bsw_param=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F382
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500520.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 874 41fc63c master iad-pixel-x1 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame F382
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F382
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=11878d02f55605a2&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACAFOLwWctMgNQ3YwnAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctMgNQ3YwnAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctMgNQ3YwnAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACAFOLwWctMgNQ3YwnAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F382
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dnRK7q8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame CF13
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 60F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=2d909864-2418-4a60-9ec8-c961d3e14a63&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 60F1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x24 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame 60F1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 60F1
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=45104b45211b04a6&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl2QMHjICEAAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2QMHjICEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2QMHjICEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2QMHjICEAAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 60F1
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dBsx0M8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 2FA6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 4AEF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=51371d1e-b9d1-4859-8fd7-e5877e039233&ssp=the33across&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1---&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4AEF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500519.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 830 785530e master iad-pixel-x10 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
match
events-ssc.33across.com/ Frame 4AEF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4AEF
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=64a5b7ca285805a2&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABpsxHilBfrAM5urK0AAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfrAM5urK0AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfrAM5urK0AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABpsxHilBfrAM5urK0AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4AEF
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame D7DB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
match
events-ssc.33across.com/ Frame D434
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10599080989859845205&ssp=the33across&gdpr=&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=1d7de830-109e-4a27-a34e-b84b8c56fe0b&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D434
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:42 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-yWSG4s1E2uFI9mVOE45htYjBGq5LoY68%7EA&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D434
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=316aa0dfcbe21a08&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP42tx7wl2gM-zWD2AAAAAAA&expiration=1684405902&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2gM-zWD2AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2gM-zWD2AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP42tx7wl2gM-zWD2AAAAAAA&ts=1684319503&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D434
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=675502416478013597641
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:41 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=675502416478013597641&ts=1684319502&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D434
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1684319500555.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPO5ye8VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 17 May 2023 10:31:42 GMT
Server
MT3 851 9bd98ae master iad-pixel-x11 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=1&external_user_id=12c66464-ad0d-4f00-ab70-9ee7e47009a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 May 2023 10:31:41 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 May 2023 10:31:42 GMT
usersync
usersync.gumgum.com/ Frame CD83
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=e342b450-66b4-41f0-b1ca-6c8829ec479b
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=e342b450-66b4-41f0-b1ca-6c8829ec479b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 17 May 2023 10:31:42 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=e342b450-66b4-41f0-b1ca-6c8829ec479b
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
js.stripe.com/v3/fingerprinted/js/ Frame 5453
295 B
796 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://minigames.versusgame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 17 May 2023 10:17:36 GMT
x-content-type-options
nosniff
via
1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
1860
x-cache
Hit from cloudfront
content-length
295
last-modified
Mon, 08 May 2023 20:05:29 GMT
server
Cloudfront
etag
"477956b204dfd45e10334fc060914d4b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
SxdxA_eDck31tavqf4FxL07XhLWm-qcJ5SjUOFI_-_A3L5GhJZgBlg==
usync.js
eus.rubiconproject.com/ Frame 7267
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame 8C60
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame 8A38
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame CF13
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame 28E6
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame 06D1
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame FA63
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame 2FA6
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
usync.js
eus.rubiconproject.com/ Frame D7DB
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43399
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9B25
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuneUMUGnOykDQcyMZ5rKTCh7zvhU1Kw5BevDu_cMYrwfCpN0tAvwcS5zwZwbsMkk18nIWBfkNeAt6Z-9km5Kn1vbYTqNrVL3esKiXbv46l3hkyDunbaHGVOd7wtxdO_N24Dj6QoPoc_OrryUk57Un5pH-vr_FRY-BEitHzNfOiCjKmZrO26Q168S2uBj1eEXCMmNThKUd6Wtjnk5GrKAQkXcv7UXS5CrrNpFb_FIdW46rrG9XdydRX2e4rgGXbZ6IvZii5-Ep3cjMCHd-UNXtOfF0g4PzZQg1WEUsXBC5uYsZFSWOsuTVRpaxfR3gBw&sai=AMfl-YRcYd9I89d26Y04BGk2OzuJ93lhAANF__Ku1_4NIa9NEs7iAC6AP-gmDiHrak1WTCE2I8TizIfNGElWmDZf0Ge1lFxR-Ectt3yOh4YGX3UTHterpfc2raY2XhTJWhvjtAbfRON8HtOPaNNoP8ha58A&sig=Cg0ArKJSzDAtXs9WP3yHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 May 2023 10:31:42 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 9B25
7 KB
4 KB
Script
General
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=foxnews
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Wed, 17 May 2023 10:31:43 GMT
content-encoding
gzip
via
1.1 varnish
age
1194
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
3459
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 03 Jun 2020 21:02:49 GMT
x-timer
S1684319503.231646,VS0,VE0
etag
"db6884bae01ad7499be92887e1875ecc"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
30
n.js
geo.moatads.com/
82 B
255 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684319502748&de=715128216455&m=0&ar=fde231f50fe-clean&iw=4275cfe&q=2&cb=0&ym=0&cu=1684319502748&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1133%3A1133%3A0%3A1606&jm=-1&fs=203695&na=2116137306&cs=0&ord=1684319502748&jv=1536089501&callback=DOMlessLLDcallback_1817006
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.185.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-185-167.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
43abbf56526a8d2ea8419384b846cae9d53bc75a56841ce419e93e01a0952c73

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"172c4f25b91194cbcb5de985ca41542974ee45b1"
content-length
82
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/
84 B
256 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684319502748&de=715128216455&m=0&ar=fde231f50fe-clean&iw=4275cfe&q=3&cb=0&ym=0&cu=1684319502748&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1133%3A1133%3A0%3A1606&jm=-1&fs=203695&na=1146534681&cs=0&callback=MoatDataJsonpRequest_1817006
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.185.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-185-167.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
17035f7282a1a590f085b3198112214da1028e143e494b60dad4f835647b592b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:43 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"13d7ecd6665cfbb800298e944fc0ced49664c864"
content-length
84
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684319502748&de=715128216455&m=0&ar=fde231f50fe-clean&iw=4275cfe&q=4&cb=0&ym=0&cu=1684319502748&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1133%3A1133%3A0%3A1606&jm=-1&fs=203695&na=153364753&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:43 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9F01
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82875678&p=158583&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
56566821d8b88ea09fd68ceed0211524c4b6cfd9ef35147d63b0b23814092fea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame E4EC
43 B
631 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:43 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 42A9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=esAM4jFeGNWGRUSs7Kls&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=esAM4jFeGNWGRUSs7Kls&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:43 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 17 May 2023 10:31:43 GMT Wed, 17 May 2023 10:31:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=esAM4jFeGNWGRUSs7Kls&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C6A4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:43 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 17 May 2023 10:31:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame 6663
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9e5c0a086714dc65cf78373fbfe047a51dad1237497d6b66b024feb112e0535b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1637
Content-Type
text/html
Date
Wed, 17 May 2023 10:31:43 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3A59
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QY5DYNFN0ZBY6XXBB4J9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3A59
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RNWFok9QSxyH76tc4FlVUw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RNWFok9QSxyH76tc4FlVUw
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RNWFok9QSxyH76tc4FlVUw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JDMMCTX374TTTD6V6RTK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RNWFok9QSxyH76tc4FlVUw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3A59
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhSS0NBMTItRC1EQTlC&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWycZ8ZxyVUGotTF37vHCc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3A59
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJLaDDxiyGGKAOAZdziqSD0&google_cver=1
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJLaDDxiyGGKAOAZdziqSD0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJLaDDxiyGGKAOAZdziqSD0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3A59
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YYxUrguAPLpcGfLmve7V5Q?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oYG28oFE2oKddIqUaSiavErt7A2Aqv7LKPlqyw--~A
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oYG28oFE2oKddIqUaSiavErt7A2Aqv7LKPlqyw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 17 May 2023 10:31:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oYG28oFE2oKddIqUaSiavErt7A2Aqv7LKPlqyw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 3A59
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHRKCA12-D-DA9B&us_privacy=1---
0
360 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHRKCA12-D-DA9B&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 909F4BE4F6C84A3688F5981EA09FD6C0 Ref B: YMQ01EDGE0622 Ref C: 2023-05-17T10:31:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX74THB8yqbIOw5MHUXdQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHRKCA12-D-DA9B&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3A59
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzIyYjgyNjAyZTQyNzkwNzlmMDZhMGI4NDNkMzMxOGYwNzJkYzIyOA&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzIyYjgyNjAyZTQyNzkwNzlmMDZhMGI4NDNkMzMxOGYwNzJkYzIyOA&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzIyYjgyNjAyZTQyNzkwNzlmMDZhMGI4NDNkMzMxOGYwNzJkYzIyOA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3A59
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=&expires=30
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
async_usersync
ib.adnxs.com/ Frame 18BD
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:43 GMT
AN-X-Request-Uuid
447afbf2-ed2f-43ed-b2d7-c39c1c65ccfa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41F7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7cFDo8ZoQSdnaYgYXIyITL2bbF2hL3Y1AhZJHco6bIjtUdCAje4VREj0dkVaUkqJT4UtfFLpXGsA3vjWi6LlfJAXX4H2sjdLfT6qDnDoOQLqZyhK5ppCLyO1Fe_dK_JvO_JRJhp65XnLw4WgtRZK584OS3ky2RODG5Qj4tcb_vKw87p5Wvx4F6LKQVBly-1kz5vaoUa8JgH6myiz5gPVXOMZ219wTSbQ2EX3zpl5EYw4caH5KojOKlsbdi8miTumeW3l4q8rCQL_Al82dRzC6C4mBLfinC3mYq20qhVhLhbAn4A_ipXciRUfBlugm0w&sai=AMfl-YSK1BXSMBq0GRN5GrfF0PlHpYJKJpRqvdzWZpg9VCBsknPBPtbcE-p2iXAfGXQR2JZbylsJ0qKz7AeLx-IhH2RaZgBMDbOOg07NXJEQFJFqAlwcQAGDpLNZOOrW1ZxB3HNjw4KiphM90YTkh09Q6g&sig=Cg0ArKJSzM5wW88mq-AVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 May 2023 10:31:44 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 41F7
7 KB
3 KB
Script
General
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=foxnews
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Wed, 17 May 2023 10:31:44 GMT
content-encoding
gzip
via
1.1 varnish
age
1195
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
3459
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 03 Jun 2020 21:02:49 GMT
x-timer
S1684319504.055369,VS0,VE0
etag
"db6884bae01ad7499be92887e1875ecc"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
31
353ec3b0aa9422fefa5a441f014e485c__scv1__300x175.png
imageaws.popin.cc/ML/ Frame FD32
107 KB
107 KB
Image
General
Full URL
https://imageaws.popin.cc/ML/353ec3b0aa9422fefa5a441f014e485c__scv1__300x175.png
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
0e57f088a416d41a37575bb6d71122ac22b9917d9a847744d703eb103b58b302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:44 GMT
x-amz-version-id
5vFzlL1Dq5a2jLalVjQZErfmPv.FlHSS
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.27
x-amz-replication-status
REPLICA
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
109119
Last-Modified
Fri, 10 Feb 2023 09:10:30 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"64ee1bcb9a4c776b0317defa3e02b349"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 16 May 2024 10:31:44 GMT
ic
trace.mediago.io/ju/ Frame FD32
0
38 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&acid=23091&data=o5Se0ojj7QKrW9xDUx75znjGj7OBmIUi4hDAVMFdfXKFlhgZ0SqyWY-thwIrj9oB9Xorkq2DUtDBVfXtKZKueJno6xwbjrizB51CWcntg4II03zd0OhvjPqDlPh1Eev5MBGG28gNYOQw-gsv9l4vDmVK4ZEMf9e9iVZBjrkhfQk7f2ePia-T540ERFSke1fT5eGKcMI6z3WY2JumP8vqtXvdOhre910Qz_8XFVsYNx4gC18DMN4_QXX-ckGBYkK5GeiLV0PUIfISqGi_R7bdD7ANohKZz8EpEM7kghrKm7tktCvPskOyDC0FzM5piXSVTI4qvLlsoxpsMW_vOeriy0IUuyzGyilot59L53BamHKwNN-YQO3WETP7_miS7VCBt6CcFoMa8um5JQ2eh_GF6LKzcvotjnFJd75okM_ZAA9q4g2ND9_hXoELOcjPuZVDb7565we6tFdfA9mB_WYz5_p5Spw8vRh1bcK59jNZub-1pp7hYpxzIRLnRgdw3aXMWONpBX_lbfWOGQxbLnNfg2AuagjbtCNOCkHD3fZJxK7rX8b7wihgrmygD2ziskje7SBzYzw8-gCewEywiwcfl3apLuuQRwIzHJokVF1DH5ulHEOEYoGRnz8eMixdMeDtVOvww71rLh1Z07lReH_36knwDQ4KUBov1kKZc2ts7x9jy7HmW2oet-zfEDH-_rY4ypTI8f3a-rY9IssQkSgp83bILzi8SGQs8fLPv1SJfT7aKcW_5Z4oawNJBzeA1-G2Tv9GpEKQ7plFvlmEXiFSQzkiUJB8KkjOEKOfvhv4mx4RvIfufRZLdPo1Cwte1ISaS4Pgk05Zf_rjx_jYb7We0MQOPSGVYkidNNMCdhXNEALQJfTEAecB5q2NriRkatNUF4ae6ZOgXnpafFMM5jGyKJlF4lx0Mc72o_fGqHZ6gmg-_wKMZPDYRjZQzMTNao3QVp2ULLXyqsSo6zITxPkMA5LMG-QDRfda3pNhJPeDppegJ2B3hXA5lrhXJO81noGt&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
c
trace.mediago.io/ju/log/ Frame FD32
0
58 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&mguid=&app=MEDIA_INFO&ext={%22templateName%22:%22728x90_standard%22,%22inIframe%22:true,%22getParentDoc%22:false,%22screenHeight%22:1200,%22screenWidth%22:1600,%22self_s_w%22:728,%22self_s_h%22:90,%22self_c_w%22:728,%22self_c_h%22:90}
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
ic
trace.mediago.io/ju/ Frame 3CA0
0
38 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&acid=348&data=D5kGravmdyAu16MNXYBhGvM8p2foHflV87GAMFqLih02E3UCLGw4VidUq92VvH1tVu8ekOgM0XDnPEgt6RcI6M4kIcOAUmEyuy2UTSSdNF7LFbPhvsAmaM2dtJkUwUjS6CRolTv_pzVnXptltbqSY0U6hrD00GYxXUAOAb2WdTnj9hhOWmoSFCp9dfI6duBlmXJRKMiLuvXItvNPNkZNjxvJuft_ZW9FEIZxi7IQfv-h601Q_fU4Gu0Sm-ZG8RHmzbO6k4xZaWLPQ4wWhLSqB5y0bIi3SFuwWgW6KRH7q2U4RyTJTgE5QOuSq3hdxg3J5RBjxmOc3s4MOZBUjCkW3nnCiAnaDQRjAWa8Jqs_pkkN8EeDNcPh9NasNwgEcVmld4HA73U9msXK4GYdysVjPmw-2_RswOCGJmjajUU6nsc-Pdl-bHosJ5KIWAUs1NOkvzLu-qV0uA-p3-rbqbU43FD5wSM2oJlZkvWxsmPwXaaA4EjUu8cOBIUMVGIJm_1umzrs1RNID1zfCP6rwzViGqZUTcKsxWQiVEnf6xnhVhy3xHBGMrrIPolLA3VmMJOJ5TQGdeZjETTTN_1VXuDJzziW3WCqaxMSOvUofaPOalsgu8MzyY047HoeQIQVPylfE-sAjkvs5ftsHCQr5Wd1QxVXdsFts3pyrA5B-rLGCYVUvWeUykDb_8UqK6PPseR2a4GVYCxW6s4twrP_yHwLtjczvO-8X2WCNsQfRQMaLfCHu-GXL1zLQVM8SJHicLHdT3FvQfbdnrumrk4eOmKoRceYh8RgGY8x_5iyS6VwKCBRBr5VkXfDyl1YH3SxyYVHSZ3glUkxm6lQv7K62NA3Rzl2fqW9Jf59FUGp0EdIwk-51_gfsTIWv4Gu_HtjDGQEmCit9yrY3u3nazFTDuGdSYrOaEXjv9Rf_tjdj9qhJAGFEhs2kIEg153CPa-7W64nFobhKvKF7elAf2pN-XHwOk2TASumPQuAMC1zPsfhUpAYTdcVUcU6qSBoL96e84vR1ErUtfT75agUW-KcVAa1yQ&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
ic
trace.mediago.io/ju/ Frame 7DE6
0
38 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=592960dbcdc157a87d0de6d748bdba63&acid=348&data=9bz0xnNontbcOsO-mb8liDfQGqaohhx_OzH_y59S50bFXrjTouBgA_buc5YhUL4KMdJVmE_qIjDymfJ0b9FI2E3-te1U2tSUs8PYbc77p-f-7b54TaSXaqKuNyvFXx5pFKdpAWSfjvwk2kiCxMgl9ylse_DFfODf388GY9IwdzUhqG7PP2X_9XEZVdBIQK4BhJE1E1G6x9eredt7wk0zh6FpKYDs3zyLd7hjb3TFKJhsIiBubQZyEt3wYvJnLQWZGx89D-gPBHiYKWQxP__0v7nimIB8fgpzXbytWFi0jEQdVJCGVtnfZ42dCHA0u-n52rUKG6f19bSFAEZsDgRO0pmiHAygey9lzGYtn3ZHk5m2KIY7IOlY47h5SaM5W15UUCnGqGWGh4MCBWr7dQ1coq8d7i19Uv_idSme9PtsQj6SKo7ftObZV3X1PgAW3pcQhen9WQ5yvYj7VE9IjRCwscCXbHJQzbAI7jfkMqDeKWJuD0x4XY3IjJteOIcSr2odGBwK4aP5xG-kiamZDQAyRxm12W8-CG_wel0boDoskKCjsIOuvoqIDukzoh9YrWBz0XdY4foa0CeOi1U19Vs-2wsTzFuSxpteY-XqSHuMOsOVBT7HhUiPl4pdm2dxv_nIVTy-0N_DQXmKPtcX_M588NCtwwHvG2d5gt52I5cgrWQ_82O_WzWbgsE5FGsSNAjokoYc0cDkDbAbdSMwUkbsFhBZ61icpNLTgiZlE_LXcHyqdevIeJaP0rn_WQPKB7L3Ziw8X4AzMaSSon5C_Ze99Pb68gW2M7ui657HHKnMAb_eCVxRDRIqcPiBhy4KIzQvgzf0ide-smsYOrlWaicLdiRH8D-T9DknLJd4t5GXNmHD7T2lyGDvc42hjQ4pC2YpUq_7KuKHuzdpLFdWqJMsF3MY7KbVKlSGBX7wR9YWcsAw0xClxp6EF6_g_dkzMVoUaRFZRfQL8evFUKMicJeWp4BZJYseo3yIMqQ6a2WWV3hocaBB3lK4O4gBV7aP0-cCOirftNP48FWEgyNsiFZaiQ&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B47D
1 KB
1001 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
58135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 18:22:49 GMT
etag
48472445140208031
expires
Wed, 17 May 2023 18:22:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6b678a388b
bam.nr-data.net/1/ Frame 0C68
49 B
527 B
Script
General
Full URL
https://bam.nr-data.net/1/6b678a388b?a=1503825200&v=1.232.0&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=12789&ck=0&s=1ae124eba15c3060&ref=https://playlist.megaphone.fm/&ap=2&be=190&fe=5342&dc=2504&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1684319491411,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:50,%22c%22:50,%22s%22:89,%22ce%22:142,%22rq%22:142,%22rp%22:190,%22rpe%22:274,%22di%22:2393,%22ds%22:2393,%22de%22:2693,%22dc%22:5518,%22l%22:5519,%22le%22:5531%7D,%22navigation%22:%7B%7D%7D&fp=2743&fcp=2743&jsonp=NREUM.setToken
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://playlist.megaphone.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:44 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
close
CF-Ray
7c8b3145ee420f97-EWR
usync.js
eus.rubiconproject.com/ Frame C6A4
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 22:35:46 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=43397
content-length
10021
expires
Wed, 17 May 2023 22:35:01 GMT
crum
dsum-sec.casalemedia.com/ Frame 6663
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2768803346163236077
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2768803346163236077
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 17 May 2023 10:31:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
57a73272-42ed-4447-a5b5-691f3ad92e50
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2768803346163236077
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6663
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:c104:fcd:17de:de96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6663
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:c104:fcd:17de:de96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZGStCqTjy5FfWw6nXPYvfwAAACwAAAAB
date
Wed, 17 May 2023 10:31:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 6663
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAESDE7IyVoAACBaUprklg&expiration=1685529105
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAESDE7IyVoAACBaUprklg&expiration=1685529105
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAESDE7IyVoAACBaUprklg&expiration=1685529105
Date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
CookieIndex
rtb.adentifi.com/ Frame 6663
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.184.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-184-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
rum
dsum-sec.casalemedia.com/ Frame 6663
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGStCqTjy5FfWw6nXPYvfwAA%26044&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3ab11f22-a2d0-4fb2-ad84-7d99fae7fc11-tuctb5e3290
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3ab11f22-a2d0-4fb2-ad84-7d99fae7fc11-tuctb5e3290
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3ab11f22-a2d0-4fb2-ad84-7d99fae7fc11-tuctb5e3290
date
Wed, 17 May 2023 10:31:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22700
crum
dsum-sec.casalemedia.com/ Frame 6663
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700217104&external_user_id=25bd24ee-d3c6-4448-9d53-2ea0d5cbf1c3
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700217104&external_user_id=25bd24ee-d3c6-4448-9d53-2ea0d5cbf1c3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700217104&external_user_id=25bd24ee-d3c6-4448-9d53-2ea0d5cbf1c3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum.casalemedia.com/ Frame 6663
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=845fe41f-9da7-4443-86f2-ca777bb1dddc
43 B
631 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=845fe41f-9da7-4443-86f2-ca777bb1dddc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Wed, 17 May 2023 10:30:57 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=845fe41f-9da7-4443-86f2-ca777bb1dddc
cache-control
private,no-cache
content-length
222
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6663
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGStCqTjy5FfWw6nXPYvfwAA%26044
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
61418
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c8b31497a3aa229-YYZ
content-length
43
expires
Thu, 18 May 2023 10:31:44 GMT
match
events-ssc.33across.com/ Frame 7267
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LHRKCA12-D-DA9B
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LHRKCA12-D-DA9B&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LHRKCA12-D-DA9B&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LHRKCA12-D-DA9B&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LHRKCA12-D-DA9B&ts=1684319504&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D6C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAkiVUtP3NmuBMv-dY-NYSg6lLkPhrmNOVN-V4zXo6_l7LS5Z6mHA8v_HoVWljc_dgVztBhIFhW28mHqhdWmjZVAIAmt6cl5OsqY7unLFG1hx6la2T5nkNgLLDcOZqh6-qh7FOV2abYxMm6g0iWkj3k1zOhjxPiblNFFlD25nyWek2g_lc2H1Omsgx0NS6-bSC4p4C7JbiW2dMpOk6LZ-mzKSSJ-QLvYieOe417r7bDbeWCKb937cYcr-PD3I3m-UiZyG8FkClrskdbE89XcTmmbD33SaktjK8NhxUUorBsrqEOMTmQ_arKJKPXmbZNQ&sai=AMfl-YR5fMvJPi1B8HJ_r2KOhOHP9273l06180iZsPmNUmXErxWlF0VI6KVX4H_8XhG4Ml_tL1iaNnGzqtZ9RtxZCecVbvLjWFl2wDtU77InbSx5znkX6eyonsk7e7n9wygEnGu45cx-OZVl6KXl6vu8Ew&sig=Cg0ArKJSzDuGBwftVjUREAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c00::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 May 2023 10:31:44 GMT
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 0D6C
7 KB
3 KB
Script
General
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=foxnews
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Wed, 17 May 2023 10:31:44 GMT
content-encoding
gzip
via
1.1 varnish
age
1195
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
3459
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 03 Jun 2020 21:02:49 GMT
x-timer
S1684319504.408839,VS0,VE0
etag
"db6884bae01ad7499be92887e1875ecc"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
32
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15244475610163325492&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319502748&de=715128216455&cu=1684319502748&m=615&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=61727&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1133%3A1133%3A0%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=159&cd=0&ah=159&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar3&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=371155884&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C019
1 KB
677 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
58135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 18:22:49 GMT
etag
48472445140208031
expires
Wed, 17 May 2023 18:22:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 283C
1 KB
677 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
58135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 18:22:49 GMT
etag
48472445140208031
expires
Wed, 17 May 2023 18:22:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7DE6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3337841a8b1840737244a42758520285a8db70c78aa11fb11c3efef6a6288350

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FD32
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6ff8f8bf5b6cc962b4b1bebabbee2f67a91f858ec3701177b7358124add5c9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3CA0
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bb9991a57639e40f09e970836e8b3917582ff6cc3e6468950aa9ec3348fe192

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
tweet-result
cdn.syndication.twimg.com/ Frame 2268
3 KB
2 KB
XHR
General
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1658558081398374400&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D28) / Express
Resource Hash
1f3075009a76be08b00b2bc10429db9afdbaccfd738ad88516fd0c237dfb400b
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=631138519
age
21
x-powered-by
Express
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1297
x-xss-protection
0
x-response-time
33
last-modified
Wed, 17 May 2023 10:31:24 GMT
server
ECS (nyb/1D28)
etag
W/"dc1-V3uGiC98vB347p35QbP5sLvBDjg"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
503d06bfb552e50b
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
97ff31257f4e9d79616c1eaace3774fccfd5b7163a2a6a47c94b80743f257b4f
accept-ranges
bytes
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
ic
trace.mediago.io/ju/ Frame FD32
0
121 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&acid=23091&data=C7TqQfxMYvni2u6uBv0xX7J04KHynK57eoSmRSiiBxo8f1215e4cg-wwbssUqtEgYn2pPHIrOx13VyxrjQJUaOJkAtUd8ZCpQupJkv3lXVtGY3MVj6mPfNkCEu7An1O4kk-AG33SVoZBhOweHPjT1KnlehOkP5p52v9QDXlvrZAQE85kKkEqVbm7nzZ5_0HPIOROdk-d0v0CWqAidjwkcF7nYNw-W4ymkORcM8hlbxerU7QwWUllLAd7WmEMqabBfrCHmkirPSon34lC7kRybXL8fQtRmLRpYVWQ0_PRHFGpO2bc1A4yDJ4oNwU2qE_Quuof2fqgU5ci7_J-VnaWJCpkHwLc3gvmw7Zthy7W2ONxvlHkz8aRm0885RsFF94FkgSD9S_dEC2st7KtacBV8vAMSx1JKhau6mnEJqYbMK7bU0QJzS6F5ij8FeqhWO7VhlcH62UbFKV-90DPKhbcvT960oo9nSNgxB2fJT16AEbU0_OqUoabYHzgChACY9mSeRQQ9PNVCplJzSiq6nnIguyv-lcmicZ74RIQDnrL-FVI3Yie5btQHcKzQBk7jlEW-XuSRuHfStQoMPxzIZXBqv2VavP851sm-Naw7xOU2mNsTQo86mKvDMAIIZYMGtEwol1WTB4_0V0oYe60XCJds3fKEAt6hXSo1yERmReVgthUA242rAkiKTjY6K5CiKS6FS0oB8-oigq81CUiNLlvZxNwLJ3p08tSOYXAir16PDOqmg-Awwi02nOC_RwN8Y-usd628kgu8ywYsFYuhTUcfR2cyojAoNdx0_-dvm_uYFSUO35hPOU9MoAS2VpF3Nt5_TKRjSnMGhK00KPrDuVeJuVMvLV5s4DoigmbnxToVL0CoIL1DMHFBz5XuURbKEAA8DCrfr9aTYioCPZuzAuykKjMOwc4NQgEnDjF1LEnrWOl8FTAkNR554hvgEDw8tJcGMg4pIIF65N44mOWRXUnhFsNM_oAm6Lfrj-uxH7eQWYklK9Xix_aNJg1jHzRO9vs&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}&wprice=ZGStCgAD72gKh8RJAAegSk2RadfAlFe68Cacjw
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
get
cdn.krxd.net/userdata/ Frame 9B25
0
0
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ic
trace.mediago.io/ju/ Frame 3CA0
0
121 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&acid=348&data=mWp87dNdpfk3OEL9qsxHqak5j_2A1b9dsmAD9A1LM6ETCg-Sv0yhRy0Aev29ca7bYGS3cyKTunTQUJNsX1p5u_31DTCEH5tqRKbEFXyJa06c2bdb1gWFzsos7lDxYdqHzJM2Givto8SPld5JcO6UzPSsPPEwuOeYX35bQ3Eektj0bmd9Vr_Ml3mlr3crMyi5kqKVKqNs-QKopos290_SJ_evcEYqsrU8pJM7h_izauCDy8_5wv9yxsIpYopKzBYigyQGGFckEaO9nT6TbI4VoDaqI6Ui4YKGPu5fi8FzoYtYSFepaGMY5hJSMwx9qwtnH8RWqSl0ytbg7uh0WjuFg8RQS4LBU92hQ0naJsrAJatcOoA9YyjbIyGH6KikYZaLQ-eUJG-TNgBg--XxKN6TMOoFK2Of9Un5Sd5jbxDaU5atY2c-r_-jVamoU29z5nAlFN07OjCVnpXxcJ8jiEBgh32MkrIuoHASPstLZLWYRs2gNFOgAHWKBtdAd4z57GH5bFWgjMt2PSgR9a4vS1p4AaYdm3KYHmlusdeQxNZopsgpcN4WDNu2P9A23FPjuQ6HaxFebc81JA8WoQsviKGrEA9U9LIujn_Ht3zHYeZXp_1wZ-5f9Hv32xFetppCtUfEtO6Ue2G-BbvnGkDRmZFXqhmz6n5lHV7H2Fl-VWSL05Xq7LA8qmwBPg0OXX4pni0r4JjIv0MZJh_LEFX7SnQYWEAYDWeIlybt3tWc-NHCBZEmx80sbTjfqgJsFaRvfmRWSX32yz2kEeSM_8p0v9QpGxOY3G9Ji5p6vJgOW1RgX5WsZWlLAaQIVYqSIEL_AxHN8nvbB1_biHGNSlekpH0KND9fillsiH_6dsOnLKcBCBGrk0jkVrKcv3tk_8zhnG22jHHQEWqcXYKj6fkGLzXyx63paIZEyvTU3EiyJRoaKvEib_GuO3LrbzeXVXUKopQUhyMo_ETiM-SxtLR4EKqNJzJH-IvmvF6uYNd-VdSSYZAebb8qXC0Zd-YGJ3XvjEnQmzqrVpv7AbCFPCnWMtCNMg&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}&wprice=ZGStCgAIerwKh-zZAAB-dzQoyUBiGws3pdMoCA
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
ic
trace.mediago.io/ju/ Frame 7DE6
0
121 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=592960dbcdc157a87d0de6d748bdba63&acid=348&data=9XFqceklvOJ40VsMj7OVek8UMtMKWa6r3LTvBfF1rHR-SSPYEw8mbXWrnLjHjtJHpn_GpemVCWnHoGOVVVXJYWDFnlwujqPHj0a6HkrtU9HDVdvxHUSoxg8T5Mz8OYyb8KGZCuQb9iolL5b4X3UAcfBLgbukECNRl2UUZ4fLtlF8p7SQ4zhH_04iiFLbaUfMi-K_zD39enEOW4YM7D2QqDg1I9U7VYt24G1V0851JcdCgwcrajaP7xtPTtzFlxv4BH56cL7ox-_Nssarn9tgZsn-y0-YtXV82YdW2k6n7-DYd82RUPyB82tnxVFuxfWtDdTmWjNlmIPgcTermbB9SET8r9w_fBGPRN7q9E9Sdkm9KJ7_yRyj7bfrGFyf9fIJ_aY13ZLDhAwVGI3DeYdV5_cg1SK2Ll9rJjI8sG0gTvi4G-aBr0NoHaq86NC9X2fHZ9wtEPAfkhOXvEzxczULeSnfBpCrEtdoAAq2K6XaBjf_AFr_876LK6yDUnItUVRaAVou3xCGG5DESe9c87Y-ey4lmZB5y4INVaSMwwe7JtiAVVH5Unh4oa7xcKQkIiJRL0gAxxMu88JJauf1NwsTmMFlSoX5fKVYk8rOpbkr8k1DywX0V1A-A0G-6OM9_rfBFtN5wbhdpufXC5nW436qkQMnzErpt0CRyJVzL7bq3i48-oiCv5K07MN7W0oT3EdBFfKh1KbLitwddzvWfEjFjGtvrTKD3hwWizNDG6R6WIf8zuHZjnTPZ89oVvGelcJcK03GpT-6k8z__ofRXS4xCaSmjAY2JpUU04yEzgHbAdUKiKKadi5QtvIQKcKW29NspR5cqkdQLQhFWVC0NFvdswJ38w8KxSG3p2y1_Mz_qIATnH1kDW0TeE4Z-pXctbuDIc2U3BFIJqfb-y7qK9vY09cJbq3j7x1mJiYOU2CoovQ4UaPT51m3ZjMtbN_KEo6h_dp6HXXghdfLNhzUzWPsKYiOxL39f_X2JoKy_VjaNap6OZywyzloFIJIzTHvWWlw6OFETRJMZ0Ixe6Mrs3sExg&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}&wprice=ZGStCgANlc0Kh-1NAAlK6ExaqdzFse5yixHI3g
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
event
foxnews.demdex.net/
42 B
950 B
Image
General
Full URL
https://foxnews.demdex.net/event?d_sid=1543608
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.60.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-60-90.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v044-0ec1c09d6.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9s+MPbP9Q8E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
event
foxnews.demdex.net/
42 B
950 B
Image
General
Full URL
https://foxnews.demdex.net/event?d_sid=1543609
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.60.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-60-90.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v044-0cb72ce4f.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sxvpy2LeSyY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1430
85 B
343 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 17 May 2023 10:31:45 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12834-YUL
x-timer
S1684319505.098344,VS0,VE15
Pug
image2.pubmatic.com/AdServer/ Frame 02F5
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625787502750739
42 B
291 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625787502750739
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 17 May 2023 10:31:45 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625787502750739
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame D757
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C429709A-AE22-4304-9627-F4BC0246331D&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DVR8D9A0G38EB0T3XTT2
Pug
image2.pubmatic.com/AdServer/ Frame C9DE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFU0RFN0l5Vm9BQUNCYVVwcmtsZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAESDE7IyVoAACBaUprklg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAESDE7IyVoAACBaUprklg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2248550271948191650&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAESDE7IyVoAACBaUprklg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248550271948191650%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2248550271948191650&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAESDE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESDE7IyVoAACBaUprklg&gdpr=0&gdpr_consent=
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESDE7IyVoAACBaUprklg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 17 May 2023 10:31:46 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESDE7IyVoAACBaUprklg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F3EB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
568 B
642 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:44 GMT
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:45 GMT
Expires
Wed, 17 May 2023 10:31:44 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master iad-pixel-x11 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 4F55
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=057fa382-f49e-11ed-af2f-ea49dfcb416c
42 B
243 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=057fa382-f49e-11ed-af2f-ea49dfcb416c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 17 May 2023 10:31:45 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=057fa382-f49e-11ed-af2f-ea49dfcb416c
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9F01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xClwmq4iQwSWJ_S8AkYzHQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=82390
accept-ranges
bytes
content-length
5554
expires
Thu, 18 May 2023 09:24:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9F01
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C429709A-AE22-4304-9627-F4BC0246331D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C429709A-AE22-4304-9627-F4BC0246331D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%2C%2C
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2d909864-2418-4a60-9ec8-c961d3e14a63&ttd_puid=d486060c-e813-489b-bb88-9b85bf812d2d%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame 9F01
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=C429709A-AE22-4304-9627-F4BC0246331D&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 9F01
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ac7c2029-7792-440a-9fd2-ac1e4c3975c5
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ac7c2029-7792-440a-9fd2-ac1e4c3975c5
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
34.206.190.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-190-140.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 17 May 2023 10:31:45 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C429709A-AE22-4304-9627-F4BC0246331D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ac7c2029-7792-440a-9fd2-ac1e4c3975c5
date
Wed, 17 May 2023 10:31:45 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDtkwlN1FicPwlSbHVqqS5M&google_cver=1
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDtkwlN1FicPwlSbHVqqS5M&google_cver=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDtkwlN1FicPwlSbHVqqS5M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:26D4858F38B64E928F9E607F1CDB92C6
42 B
286 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:26D4858F38B64E928F9E607F1CDB92C6
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:26D4858F38B64E928F9E607F1CDB92C6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 16 May 2023 10:31:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7773351280725958108&gdpr=0&gdpr_consent=&us_privacy=
1 B
196 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7773351280725958108&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7773351280725958108&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=
42 B
357 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2d909864-2418-4a60-9ec8-c961d3e14a63&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C429709A-AE22-4304-9627-F4BC0246331D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CNNjmXxE2uX0KBGv6gqKJ1avtvPcAdk-~A&gdpr=0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CNNjmXxE2uX0KBGv6gqKJ1avtvPcAdk-~A&gdpr=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CNNjmXxE2uX0KBGv6gqKJ1avtvPcAdk-~A&gdpr=0
date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
C429709A-AE22-4304-9627-F4BC0246331D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9F01
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C429709A-AE22-4304-9627-F4BC0246331D?gdpr=0&gdpr_consent=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:c104:fcd:17de:de96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban6&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban6&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684319503993&de=324564011247&m=0&ar=fde231f50fe-clean&iw=4275cfe&q=9&cb=0&ym=0&cu=1684319503993&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3031810283%3A6025594249%3A138393314368&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1133%3A1133%3A0%3A1606&jm=-1&fs=203695&na=2017995915&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:45 GMT
get
cdn.krxd.net/userdata/ Frame 41F7
0
0
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

embed.9055.562f3b67a56eb321b7bc.js
platform.twitter.com/embed/ Frame 2268
68 KB
21 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.9055.562f3b67a56eb321b7bc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D33) /
Resource Hash
1dae5d7333d2dd8ba2c43fe1760dd3cde18786918aaaed0259e272f69476b98e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
20503
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D33)
Etag
"ee760961cd101a7acf5e72451fd07965+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.618.445d4f9457209eb939b1.js
platform.twitter.com/embed/ Frame 2268
41 KB
15 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.618.445d4f9457209eb939b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0F) /
Resource Hash
0cf9e1b1d21a708b0a44af4b794f277cf337386fe0f5db21136f29110433fb21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
14483
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D0F)
Etag
"f9c2e663089051f7670b260f58e53ec6+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.4384.d53eef7ab8f79aa4e703.js
platform.twitter.com/embed/ Frame 2268
13 KB
5 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.4384.d53eef7ab8f79aa4e703.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
b69c1ee662af72e770d4e2fb06732b3a4a7fe69e9ed6f01b6bc9cda4cb077357

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
4211
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D1A)
Etag
"667b1857275fdf15ab6ebeed943928a5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.2796.e15a95cb0e43f3b50e30.js
platform.twitter.com/embed/ Frame 2268
149 KB
41 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.2796.e15a95cb0e43f3b50e30.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1C) /
Resource Hash
673208ff8d0e960ffbfe1b881d9ea0b214b8e5a7e62c7312077d93126d91eb1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
41713
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D1C)
Etag
"fe65fa8883a788bfe978b9c28d155c35+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.TweetVideo.2eb01baa55aa365d2035.js
platform.twitter.com/embed/ Frame 2268
11 KB
5 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.2eb01baa55aa365d2035.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D24) /
Resource Hash
e93f59058f312b5a89f1f683759f6d5b98d09607af18b6204e92a249e77b18f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
4186
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D24)
Etag
"9abf81ededb95d8061183534eb3ab5d5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ Frame 2268
43 B
148 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684319505343%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.tmz.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22TMZ%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221658558081398374400%22%5D%2C%22item_details%22%3A%7B%221658558081398374400%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
6
date
Wed, 17 May 2023 10:31:44 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 17 May 2023 10:31:45 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
3ce1cc504ccd82fe
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
468ae5f21d30a7b716a66a7e42b4e432829ff674df11d60132ecb99db05ad0b3
content-length
43
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdTdEF3QUFBSGVtT0FOUA==&google_gid=CAESEDP6YW1ytGq3EtpV54_Pa_k&google_cver=1&google_push=ATf1kGO9UQYfcS-sat9qtOQQASKtksx4i9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdTdEF3QUFBSGVtT0FOUA==&google_gid=CAESEDP6YW1ytGq3EtpV54_Pa_k&google_cver=1&google_push=ATf1kGO9UQYfcS-sat9qtOQQASKtksx4i9AKqPP1_dGz4yLUS1mIU1h5dtbq6Trn4m5mqYYa_wKXQevttQ9gDp_ewy8YLvUssKI
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yul12834-YUL
pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684319505.450769,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkdTdEF3QUFBSGVtT0FOUA==&google_gid=CAESEDP6YW1ytGq3EtpV54_Pa_k&google_cver=1&google_push=ATf1kGO9UQYfcS-sat9qtOQQASKtksx4i9AKqPP1_dGz4yLUS1mIU1h5dtbq6Trn4m5mqYYa_wKXQevttQ9gDp_ewy8YLvUssKI
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRntBMblLFbbhbN7diAkOA&google_cver=1&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3PdIj0VADmvK0r
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26D4858F38B64E928F9E607F1CDB92C6&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26D4858F38B64E928F9E607F1CDB92C6&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3PdIj0VADmvK0r
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26D4858F38B64E928F9E607F1CDB92C6&google_push=ATf1kGN8PhgF4a6kiECUBbxBqX9iNQGyjpJRELGnmjtwXUUs6IMwUhkvZ-6IlBTCVucFlBpoZcRZ1sFSrkA4re3PdIj0VADmvK0r
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 16 May 2023 10:31:45 GMT
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4feg...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4fegL1Kg&google_hm=eS1pSnRuSV9aRTJwRnhZbm5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4fegL1Kg&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP9-45Q4tBKlt8TrPZ1Gu__viGpukXRqdlkoG7qiXFBkL6xtcXt3-0-rlNAN5ZYcSofIs_U8uxsr_71DkIf9Zd4fegL1Kg&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame B47D
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESED2g81b6TldXVXSoHZVysC4&google_cver=1&google_push=ATf1kGO3iHJZww5eRZTixVNweJG6JbDmTG__ChZjl_MEF8W5x-fR2bLfxzipiBN477SCvdgiUDQ7dWSdW4lBROBAHgDjm-aiN2ad
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
506134
expires
Wed, 17 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJUJAQEpkzOTkwndylhFKRU&google_cver=1&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0E...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0EbQuF7fSZrS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0EbQuF7fSZrSG6WYw
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMQKtC_A54a6MOSqw8984qTpzfF2ofTPEG0SK6zI9NHJsncuu_bfZIOaM9iwUIuYdIsPO_E2DCxtYWDb0EbQuF7fSZrSG6WYw
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKSnspD0JDAD-6gxtvSdqug&google_cver=1&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poU...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKSnspD0JDAD-6gxtvSdqug&google_cver=1&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poU...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MmU5YjVkN2NjZTgwMzUzZQ&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MmU5YjVkN2NjZTgwMzUzZQ&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9jt_2FA
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MmU5YjVkN2NjZTgwMzUzZQ&google_push=ATf1kGP3W-oI88Wei7TqcLQzir1QKohgTCh7sOpu4VRVzrAJqwrnKgibWZHwnx0ZImbEzTzsNyeUg7-ZVQW8s5poUPQ657V9jt_2FA
content-length
0
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame B47D
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEAybDft5DEAKDEFiE3vWZNU&google_cver=1&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp7HvDQ&google_hm=fbf5ba3f97a6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp7HvDQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGNxlrzj5GnhYEsqUx95rCAtecSgnMGKUzSKphnHqERFdyUV6hSs6xnzxaage9No58RjQNWi8SDj5XioQNNIuRDqP-OFp7HvDQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame B47D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lk1c85n4HKeEd5NuAy92e8uR4Kx287G-n-AImlr2VCgrC3CMXohUEoQ_sqM0zcxlaLsfFcKTdn
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
get
cdn.krxd.net/userdata/ Frame 0D6C
0
0
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

usersync
usersync.gumgum.com/ Frame C6A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LHRKCA12-D-DA9B
  • https://usersync.gumgum.com/usersync?b=mag&i=LHRKCA12-D-DA9B
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LHRKCA12-D-DA9B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LHRKCA12-D-DA9B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnI...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnIksQb2&google_hm=eS1pSnRuSV9aRTJwRnhZbm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnIksQb2&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOYHz-SbW0HZxxTlJEZHVkkTC8XD9YG71XXne4jo7BDwebdueK5NmFnBsCRMY7wrUwktsqBkjAKllxXUby_fNVnVnIksQb2&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWycZ8ZxyVUGotTF37vHCc&google_cver=1&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86r2Bp-uTqNxa-3yaD8kvUxXqfi
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86r2Bp-uTqNxa-3yaD8kvUxXqfi
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhSS0NBMTItRC1EQTlC&google_push=ATf1kGO4cLw-HPU5ig7HvIzB3YDaoyaqscyCewPuTcdrKI-fB3coT1TBG7VW2kufHVT4EVwQB86r2Bp-uTqNxa-3yaD8kvUxXqfi
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJjvqT2DqibVTiG2PiXa&google_hm=b9ae10b0-6be5-44ab-91...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJjvqT2DqibVTiG2PiXa&google_hm=b9ae10b0-6be5-44ab-9130-94d45094e9f1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-172
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGOGWqr9NotZEQBYGIAytAdNA4FdB0Fk-2scS6en9i1Rzwq5K235azUHbXHO5VSsoQnU_jc98KFPJJjvqT2DqibVTiG2PiXa&google_hm=b9ae10b0-6be5-44ab-9130-94d45094e9f1
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEAcdkyVFH5euM0VzHNdkTyw&google_cver=1&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu3jZb_lJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mfphJMLXSUG_sJ5xXEXJrQ&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mfphJMLXSUG_sJ5xXEXJrQ&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu3jZb_lJTC0LE
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mfphJMLXSUG_sJ5xXEXJrQ&google_push=ATf1kGPzdl1d70uAHYYJdGzmRMV9f50HFBrRvNEvA0tcW4bfp_DymCaEflPbTlTeGRK_hXTdKQngDAJojUAn1Pu3jZb_lJTC0LE
access-control-allow-origin
*
date
Wed, 17 May 2023 10:31:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAUL9CntcqnjZ6OZw37WYSI&google_cver=1&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJNVCnnruv9H3Abv1Vl3...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iVDU0ZzVSRTJ1SDFjd2xyc25HZS5XTm5XZ09mUnRRY35B&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iVDU0ZzVSRTJ1SDFjd2xyc25HZS5XTm5XZ09mUnRRY35B&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJNVCnnruv9H3Abv1Vl3VE7_bD3C6BtN6aAQxbT60I1mNpYg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iVDU0ZzVSRTJ1SDFjd2xyc25HZS5XTm5XZ09mUnRRY35B&google_push=ATf1kGNy4bZniVnCWx9Ge8QS8ag6qlHy3XekGDx109vl0qyRaA3u8uEJNVCnnruv9H3Abv1Vl3VE7_bD3C6BtN6aAQxbT60I1mNpYg
date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDfNftSkyxkqSuqvel_R5SQ&google_cver=1&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMj...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMjZgF9L3T3qdFXW8OHx_OGkn1Fw&google_hm=QkJ6ZllMOENDaE...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMjZgF9L3T3qdFXW8OHx_OGkn1Fw&google_hm=QkJ6ZllMOENDaEI1VmtEd0E1TVk=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPvDb4fqf_ZqmKYW0DsCPii6NbvnFcTkSe8b4_K_rsvmA9DQph4IHrPBJtFAwqHOC_GKwoMjZgF9L3T3qdFXW8OHx_OGkn1Fw&google_hm=QkJ6ZllMOENDaEI1VmtEd0E1TVk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C019
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjc2ODgwMzM0NjE2MzIzNjA3Nw%3D%3D&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ1htOrLzvKw0zvH3Dx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjc2ODgwMzM0NjE2MzIzNjA3Nw%3D%3D&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ1htOrLzvKw0zvH3DxuNNQ54KhsqjZqORatEZxaOLz63PoLZzXd5bbUuMUVDgq-IRTk1NMvdW8mhb5uEX3BZ
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 17 May 2023 10:31:45 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22341e86-2d0a-4234-9e4f-7c52552efc9c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjc2ODgwMzM0NjE2MzIzNjA3Nw%3D%3D&google_gid=CAESEHX0BMvzM2vHZhjXEDY29vQ&google_cver=1&google_push=ATf1kGMJEcb4nMyjJ1htOrLzvKw0zvH3DxuNNQ54KhsqjZqORatEZxaOLz63PoLZzXd5bbUuMUVDgq-IRTk1NMvdW8mhb5uEX3BZ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C019
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JyvzeRpcD43JOv-8Rnwm2Epz1KCfvl_liXKFhAqCli7agT9QB--P4Nufu_0MZtljiKVt4mifTX
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 283C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0joPaaahgIUEiE7mDc8Yg&google_cver=1&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX&google_hm=HX3oMBCeSiejTrhLjFb-Cw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX&google_hm=HX3oMBCeSiejTrhLjFb-Cw==
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX&google_hm=HX3oMBCeSiejTrhLjFb-Cw==
Date
Wed, 17 May 2023 10:31:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 283C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWaSsBHMqZDCfHToFhj9No&google_cver=1&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS74BM&google_hm=eS1pSnRuSV9aRTJwRnhZbm5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS74BM&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNCdSOZhr0xZ1XjzR8vLDWsypX0b4urby6Xuhe0bNwpkadZDU9ToIFtw8CmlI72WJsMZdNjWpMIg_q_OQ-fgR0WzVS74BM&google_hm=eS1pSnRuSV9aRTJwRnhZbm5JNWpwMzB0M3M1RWxFOWZPcn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 283C
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESED2g81b6TldXVXSoHZVysC4&google_cver=1&google_push=ATf1kGO7pedBRJ2mVWT2T4gVx-VAcdYSLQfuG04pR0fP0OLEUf79H_y91o1RUIQINBNSKUmTsktH0cHYPag6WnkERWAnxjDK8WHO
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
253246
expires
Wed, 17 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 283C
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkPy8ezRKoavVaYKUTWlr&google_hm=31f6ea04-1b19-43f2-a7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkPy8ezRKoavVaYKUTWlr&google_hm=31f6ea04-1b19-43f2-a7db-1973cb4bcea4
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-175
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNTELI5ThpbsiYb9qDKa2YC0jUBwNlYYsR7qa2YN6qcsi0HWPgKQMh1scFzSsMux1aRSMDbK49ZkPy8ezRKoavVaYKUTWlr&google_hm=31f6ea04-1b19-43f2-a7db-1973cb4bcea4
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 283C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJUJAQEpkzOTkwndylhFKRU&google_cver=1&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e7...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e72J_uk9umZy...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e72J_uk9umZytcNQw
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=2nozxjPt0Uiyjw0tKNKUcg&google_push=ATf1kGMcxXfK5mVVJ0MjdbrBrVIuSxeWkmDnJDidrDuNWLNGlDKNfXnAAe4lDZobzXleTsb4d2XB4NCJScQ31e72J_uk9umZytcNQw
Date
Wed, 17 May 2023 10:31:45 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 283C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECt4Rx5AvSQpwhBvDTlr_i8&google_cver=1&google_push=ATf1kGP_-NOzrKYbkM4AqnJycZcjjOON4siq0oX3ns_rlgHr1R1YhXW5J5xc7d5rxCRrmv1h88udVW-bYDm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP_-NOzrKYbkM4AqnJycZcjjOON4siq0oX3ns_rlgHr1R1YhXW5J5xc7d5rxCRrmv1h88udVW-bYDm-D-t085F_nfLr4tmhgA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 283C
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEAybDft5DEAKDEFiE3vWZNU&google_cver=1&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpc...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpcbJUMQ&google_hm=fbf5ba3f97a6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpcbJUMQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H3
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMV_qnnA2rE-0ZgcOc9Tog7J_BK4nd2r5gKtrhkI6TS040qxSbGCE3v5kiJNmHaZwZULtP1Q8ED_NCRZ50rLngsuKVpcbJUMQ&google_hm=fbf5ba3f97a6d447a843febc0577a0f4
date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 283C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9xlkT4N7qyosimQ6KfmTHYT_BMKKA4rxTH-lSd2J1kWNj3dUpPgqET_wHUhykYMupWRXmrY8O
Requested by
Host: 924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
URL: https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.215.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vt-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=45je35a0&_p=1734746088&cid=1084030298.1684319489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1684319489&sct=1&seg=1&dl=https%3A%2F%2Fwww.tmz.com%2F&dt=TMZ&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0f::66 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tmz.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban6&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban6&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3771409964792371247&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319503993&de=324564011247&cu=1684319503993&m=76&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=61727&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1133%3A1133%3A0%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9&cd=0&ah=9&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3031810283%3A6025594249%3A138393314368&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar6&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar6&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=277943276&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:45 GMT
9IUUkmZ3_normal.jpg
pbs.twimg.com/profile_images/1642398003955748864/ Frame 2268
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1642398003955748864/9IUUkmZ3_normal.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D07) /
Resource Hash
2fae0c88c49be22fc19585d9ff53abbd220b8c8fdd139b19574583bb6221626f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
206472
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1959
x-response-time
10
surrogate-key
profile_images profile_images/bucket/2 profile_images/1642398003955748864
last-modified
Sun, 02 Apr 2023 05:24:13 GMT
server
ECS (nyb/1D07)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
d408e77f82658e33
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
9db355d2c976f05085c2f3b7dbe563e7c6ada6ff14b5f7b648a721ba63e605c5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ic
trace.mediago.io/ju/ Frame FD32
0
38 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&acid=23091&data=cJT5ADtpwmo0lmiCi6FmmiSOJwD75TOwdUdk-q_QD6Zd2ZHpAaIh7rkJB2LTZfMrtV_TX-w-ycL8Vn254SgNnzJUYvk5MfS0lJlQns50b74krHDUxfRWJAWqV3xV3KHW3B_FnD_5gN0rIfxDO-HBeWc3Wt3NCWWBrDgn9IbMWujs-jq2wJUwMV442l3K-9-Rp0Et9p7CtO-ZhHkSk4kuYopldvMuoPbLnWRfM6LhGzsvm3Muc085c2YAQtFzS3_bQTiGOfjAOdIh11gmA0tb82tOLznlq1pd2qz5j0fr4Up25EBBFg-p2YaO5EM2KdqWYRnWRIe4sRHk_Rn3Q43n1oVD4S--zyvxFTMQYqRr2RUEItdLwyFDwvuWRXd_CV0ot6K_R18V6WK8624mRj6FZQqh5vI_o1_1EGlHDG77jYmZexIdQEllI8-alVds5tY2eJ_wpPdgP5IUHofVHOff5gFnaEm2EZJf2vfxATr6H5GZdLqm0tXVDYTyrRc7UL9W7wyyOjLIOAq2Qdn_CBx1dXGWlzEUIwth033sq12dr9L9c389jBu0eYydF7LgUsW3PLF-fZ9Ij6kGLsdRxeKz9QXxcCcZ_UtIwB7-G9RfOWSOETxD8-V7KUpPRju7JoBKZxYYm-AIG0SluUfItSW2h_XwkiqLeQDRxtGKZTEkrSvTYXhuXtIjiesnb1rw4PRvKCqVE3U_LfIeUjcYtCMzrcMuTPbIz57ZTaZB3sKQIwgo2ImhdZ4iBbD5MG49mdFRaFzZenkWBdjaYi9UaBm4aVS_Cwx7KRpL2pcH15exB6TV8ivFxcqAUnePv4ukK-C8Kyhk77gvsKuqIWsf-BzkGzLFtLnTz7WpNe4kUCJtPHToEGTR7TEYZXtL5o_U-9xzWlt10q5JZqWs3bVmlPETqu4QNutYheUwinu1zySp2LlaqDh-KSVZFHIEgzzWxo4dgBsSP1ZDGvjwrNuDT9sRIVTrVC6E8FHLy2QpHwIOxsxsIYfTBezUgwtigo_A6cn-&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
c
trace.mediago.io/ju/log/ Frame FD32
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&mguid=&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:6351,%22time%22:1684319505735,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
6b678a388b
bam.nr-data.net/events/1/ Frame 0C68
24 B
409 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6b678a388b?a=1503825200&v=1.232.0&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=14331&ck=0&s=1ae124eba15c3060&ref=https://playlist.megaphone.fm/
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://playlist.megaphone.fm/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://playlist.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c8b314f4c1932dc-EWR
Content-Length
24
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban4&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban4&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684319504380&de=420259934407&m=0&ar=fde231f50fe-clean&iw=4275cfe&q=14&cb=0&ym=0&cu=1684319504380&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3032746944%3A6026357477%3A138393315328&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1133%3A1133%3A0%3A1606&jm=-1&fs=203695&na=818135462&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:45 GMT
embed.6387.77d90dda9fac16610d27.js
platform.twitter.com/embed/ Frame 2268
9 KB
4 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.6387.77d90dda9fac16610d27.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
0268cdb70a38d6d5f08308884d07ffc2bdef635c0658d134e1a7d2ba2f1cf5c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
3396
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D1A)
Etag
"5b5de734baa237eec11d8149e5cc84c1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.loaders.video.VideoPlayerDefaultUI.318cd25220feea6e8d7d.js
platform.twitter.com/embed/ Frame 2268
47 KB
14 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.loaders.video.VideoPlayerDefaultUI.318cd25220feea6e8d7d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D20) /
Resource Hash
2b1b660487940af62010c6c7aac1648d9c1d02bea5e99dd5fa1180a60fc1d504

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
13203
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D20)
Etag
"96b6c83a799851ac8216f3bf880f1e4c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
platform.twitter.com/embed/ Frame 2268
343 KB
98 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) /
Resource Hash
8a920aefbb6f0d3d9b4136714b18008b1f3c3bf15f9ff950b44db082634baf2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658558081398374400&lang=en&origin=https%3A%2F%2Fwww.tmz.com%2F&sessionId=515b177f5632dfd7c259b0b6f438d80805a50ccb&siteScreenName=TMZ&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:45 GMT
Content-Encoding
gzip
Age
1601967
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
99587
Last-Modified
Fri, 28 Apr 2023 20:58:50 GMT
Server
ECS (nyb/1D08)
Etag
"534d2664be37613f7aa95436c2911110+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
6WRsodk0k_15MTp9.jpg
pbs.twimg.com/ext_tw_video_thumb/1658558016742932481/pu/img/ Frame 2268
23 KB
24 KB
Image
General
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1658558016742932481/pu/img/6WRsodk0k_15MTp9.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D31) /
Resource Hash
34096602367614761a7e335a38b3b534b06a8e6cfe028a41ccde2064719c4730
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
53469
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
23975
x-response-time
94
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/5 ext_tw_video_thumb/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECS (nyb/1D31)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
8846aad903e084cc
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b9052e4de12c412022a9efc37755a020468597ff9fbb8182add8e9142cf4af94
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ic
trace.mediago.io/ju/ Frame 3CA0
0
38 B
Image
General
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&acid=348&data=FzqEQw77uIo9fnX6hjk-ZxkwJNeBukHW9L_O3Nrki4Fm61b1b0Z-VJOvvYJi7FV_5Bj_8W5u6aQh70ox_j9ghfAtc7IQDrhhLaM-WoYDHlxxTVXFOHShiF9871vgJsmaBfqDnTEdNk4oYbZ8UOZExIoC1-qfdMht1Ma_YIEEN3U9Ttd_63wPs6jCLkBzZzjjA3X1F9cMrDrQ-WwnKXlr9okb6KVHQ-6fcJvWkKE3whtK88UBg4-JJsRVV4Pg5r1NIvHmjJTl37Y8gB3upAji9fLMW6WdY7JhRpY05lyfBWwMRmHuRoQHkLThy0GveT_BKTW28IqK0qqC4OVcScvSGDHOQcEsbbGvNg7GubuLRu5Zsv98GVsIxaDFJk9_n5KqW5SqMDPNT82rMipNtdAc1uYkbf_HsEqAINiGTjXfmZY5jTGgdBtWCLgOeCWwcpJ03EwP2QhowfwohmMfIBABVBhz1aDS20Zju3gT5LdR4VLh4ejn4Ui-J2X9U4fNfq1ZVDRPupUhQdd4hRwN-rTqhiKNpZRt27uGNVFbzzLWPcByKBPM4odipGuluvKa_Y0qHAZD0c7GEuBbDgQG07U3uqizm7ug9_XXt5J2d9d5RvNOJWAWQvFFR16fyoDTPwAGkDosae4YrcvTadq3kK0OWhIIb44ww04cs84ovgnmgie2ZGtfQFo1cZb0uie8D7i3tccvMO4viRaLRHiyhHlSDFg4sNoCACC-wqmw43nnckeY724thBKULPdF9n7U7ZkXreWNJZaPTT_7YQQuW10ckFMPNlRAMO2Ur0gtqvrtgQ4PzVhzfkuZrIgpCFV-T8UYF6BuokDrWbH9JPWhk0tbOTzX5RMxbJTW7R3ypbd5oNYyJdJWTPSgY4Y1sFWh4p6JKHliGRr7lYb0ouFrbs0OfzzUy0oTt3U6g-hgP_CVKiEQu080T2V-wrM2JP2mPIRp5HKn1-uVLOcDHyAdxMSkWWgr_R-eLffkgrTa-U1SpzSIbl21OsMPhjlfJnqosBbmhp_wUEKza1tEbu3ANsh9vg&uid=CAESEAybDft5DEAKDEFiE3vWZNU&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
c
trace.mediago.io/ju/log/ Frame 3CA0
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&mguid=&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:6344,%22time%22:1684319505859,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban4&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban4&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3665390343998941557&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319504380&de=420259934407&cu=1684319504380&m=41&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=61727&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1133%3A1133%3A0%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9&cd=0&ah=9&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032746944%3A6026357477%3A138393315328&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar4&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar4&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=329362094&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:45 GMT
6WRsodk0k_15MTp9.jpg
pbs.twimg.com/ext_tw_video_thumb/1658558016742932481/pu/img/ Frame 2268
23 KB
23 KB
Image
General
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1658558016742932481/pu/img/6WRsodk0k_15MTp9.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D31) /
Resource Hash
34096602367614761a7e335a38b3b534b06a8e6cfe028a41ccde2064719c4730
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:45 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
53469
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
23975
x-response-time
94
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/5 ext_tw_video_thumb/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECS (nyb/1D31)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
8846aad903e084cc
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b9052e4de12c412022a9efc37755a020468597ff9fbb8182add8e9142cf4af94
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
z8XwrA4wJhPxN_nq.m3u8
video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/ Frame 2268
640 B
816 B
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/z8XwrA4wJhPxN_nq.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46C5) /
Resource Hash
a712597a16dcb93705964781b6d85c2c94d4501d38f0058bf8718893e9318d11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52032
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
299
x-response-time
78
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/46C5)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
7b5b504c7d9324b3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b521961afe7c1d1accbf7c29f0b8ae74f2fcddfd19042aa201204da6cf7b69e6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Xop6ojMal4idPL-n.m3u8
video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/404x270/ Frame 2268
873 B
485 B
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/404x270/Xop6ojMal4idPL-n.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/47F1) /
Resource Hash
0f77d78525de2933779640b94aefada97f28028ad748a6b11f017f79e97fff7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53466
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
349
x-response-time
147
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/47F1)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
998e78b99f2b00f0
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
a804b2dc424dba0378938a7ce788499d8bedbf59f55d312f0bec77753eb397d5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
activeview
pagead2.googlesyndication.com/pcs/ Frame 3CA0
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWM85sF3NUgCD-nStc64yb2mOrQcjiMZ4Wo9J_WRKcB7efl1oJbFOT2qT3akoXbXc_ktLm9Tk6EES8HxjCUywmTbyN&sig=Cg0ArKJSzDxXxQtaCwiSEAE&id=lidar2&mcvt=1001&p=626,1037,876,1337&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4066739781&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684319499515&rpt=5524&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tRCgvrUGqSs1SudU.m4s
video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/3000/404x270/ Frame 2268
51 KB
51 KB
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/3000/404x270/tRCgvrUGqSs1SudU.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46D2) /
Resource Hash
aaecdd6f07145d077adb47fb32dd64099dc7a4520b910a73eeeee565f7bb43b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
age
53459
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
51766
x-response-time
99
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/46D2)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
cc213f8f2a4d0775
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
0185f1f2be47bed59250ad07c87c6d9ad9723e53f01fc57ac5e0c95c029f52da
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sEW3-zqYh9W8rSBL.m3u8
video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/540x360/ Frame 2268
873 B
482 B
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/pl/540x360/sEW3-zqYh9W8rSBL.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/47B2) /
Resource Hash
566b8cb45eb68b9431b3d25de16780132196193f76a2e890482a4268864a0ea8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53431
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
346
x-response-time
154
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/47B2)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
98e51872d646571d
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
1dca5b5b3b2ec77b3d3d13ade09a32207a3178f38d447a4b97bacfd520d06476
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
TSPIE1VwFvtz2sUc.mp4
video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/0/540x360/ Frame 2268
1 KB
1 KB
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/0/540x360/TSPIE1VwFvtz2sUc.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46FD) /
Resource Hash
7009271b3f3b24fece7e2b7ef94c19bfbd5469237357e3da3f2c736aba12055b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
age
53372
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1131
x-response-time
156
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/46FD)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
7b180457ab27883a
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
069132c349aa8dd6bb24f2c9a40a531354c30050def9a573b3d0452731926a97
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
pu5icTSsmD3MRNzW.m4s
video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/3000/540x360/ Frame 2268
117 KB
117 KB
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/0/3000/540x360/pu5icTSsmD3MRNzW.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46CA) /
Resource Hash
038fec36fc679c282443e6b975385fe5f3d01fcba58065c4dc8ca71d872a6101
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
age
53431
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
119974
x-response-time
93
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/46CA)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
5ae0a5f238bae2e5
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b21aa78f50d23c730722276d659acdedd21cb5436b1a5a4bdc8a7cdf016dd130
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Dr4p4QFTNuc0y5pq.m4s
video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/3000/6000/540x360/ Frame 2268
101 KB
101 KB
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/3000/6000/540x360/Dr4p4QFTNuc0y5pq.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/479B) /
Resource Hash
18e25f55a7b7b2976f8c6f445b9f2ac395e0e57f2389fce8e8edeb4b98f570f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
age
53371
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
103329
x-response-time
458
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/479B)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
3bd18ff5eeb15d2f
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b31a03e016ff0b0d87e88a99e529ff3eb908b559ed50d451db59885095799ebf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
mWxqGHbpipZkFsuO.m4s
video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/6000/9000/540x360/ Frame 2268
83 KB
83 KB
XHR
General
Full URL
https://video.twimg.com/ext_tw_video/1658558016742932481/pu/vid/6000/9000/540x360/mWxqGHbpipZkFsuO.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.1.d02af01334bc0b1255aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:dc2:1fe1:23fc:954:1461 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/47BB) /
Resource Hash
99f897200e2c7c8cd1e2c17c27ff653e0b1aff6ed8fff42469884d771b3f6cbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
age
53371
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
84706
x-response-time
83
surrogate-key
ext_tw_video ext_tw_video/bucket/5 ext_tw_video/1658558016742932481
last-modified
Tue, 16 May 2023 19:38:20 GMT
server
ECAcc (nyb/47BB)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
fe6e232dea8d5e9b
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
4b74472999d58b7cdeb1768dcc452103c427cae93e098bc7f0c8ec8063964f1f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
activeview
pagead2.googlesyndication.com/pcs/ Frame FD32
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO0utlfoMfb4ni-Nu6LS7Q7Qdxf-lqG7iF6nmJ_Jc-UWdaMq-bmQ5jkDaJ3OXKFVvKP9vh0NpQEl-0RyDFMrWzpC-g&sig=Cg0ArKJSzFR3EBBLks4rEAE&id=lidar2&mcvt=1000&p=22,436,112,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3254797906&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684319499384&rpt=6180&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72a011c79640567ca62d15ab0cd1ac54a53b9194e3fb1b51ba8c041c7c769e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11156
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 1E63
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tmz.com
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:46 GMT
server
Kestrel
server-processing-duration-in-ticks
632508
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 May 2023 10:31:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E00
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:26:35 GMT
expires
Thu, 16 May 2024 10:26:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AADE
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c16::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
00b5234fce82c2e0b46274c306ab0d4372d2ea379b616c8816b26e96854e47ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5_EsGTDI60qm4gi-lswOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tmz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-5_EsGTDI60qm4gi-lswOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:47 GMT
expires
Wed, 17 May 2023 10:31:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 1E63
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tmz.com&sn=ChromeSyncframe&so=0&topUrl=www.tmz.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=yBdbzHx6NzU0UGorVDRXS2ZWWU5INHN0Vnl1TGVOWUtsZ290N1lSemcyM3pwWkFCZWFVREV5dTVISjVYVVk2OVZaZkRadWI3OGQ5RlcvaVhWY1IrQmJHOXdodzV4UUdaU0c5L3E3c0lvSEQ2b1Fha3A3R1c4Z0luc0FvY1...
444 B
662 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=yBdbzHx6NzU0UGorVDRXS2ZWWU5INHN0Vnl1TGVOWUtsZ290N1lSemcyM3pwWkFCZWFVREV5dTVISjVYVVk2OVZaZkRadWI3OGQ5RlcvaVhWY1IrQmJHOXdodzV4UUdaU0c5L3E3c0lvSEQ2b1Fha3A3R1c4Z0luc0FvY1lUdDZkekRaWGpZK3kySWFUR0p3RFBXZmI4d05JYXlRZEtSaWk5NUNLV0IwaTVocmF2WUNkMldnODlER1FpcnJLZTlDSEJ0aHJaaGZ4dERxSng0VXlzZy9uejEvVlp0cnJjMVpyQkFyQlVueFh0c0N2cVpkbFVGL25zRUx6aEg5SllpNUNIaGRKaDhjV3ZSY2UwUUgweXg1TThCZGFwdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f081e07581566638e02d79295bd0b94dca2b67ceedfc9062d52161ea8bbec7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2716012
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yBdbzHx6NzU0UGorVDRXS2ZWWU5INHN0Vnl1TGVOWUtsZ290N1lSemcyM3pwWkFCZWFVREV5dTVISjVYVVk2OVZaZkRadWI3OGQ5RlcvaVhWY1IrQmJHOXdodzV4UUdaU0c5L3E3c0lvSEQ2b1Fha3A3R1c4Z0luc0FvY1lUdDZkekRaWGpZK3kySWFUR0p3RFBXZmI4d05JYXlRZEtSaWk5NUNLV0IwaTVocmF2WUNkMldnODlER1FpcnJLZTlDSEJ0aHJaaGZ4dERxSng0VXlzZy9uejEvVlp0cnJjMVpyQkFyQlVueFh0c0N2cVpkbFVGL25zRUx6aEg5SllpNUNIaGRKaDhjV3ZSY2UwUUgweXg1TThCZGFwdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
281528
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AADE
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=444311531886474&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
pagead2.googlesyndication.com/bg/ Frame 3E00
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:13:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
123525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14627
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 00:13:02 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9F01
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158583&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 3E00
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?V9CUsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c06::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C6C
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4427481&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
16c173aa529afb1fe36e0add8deb4195ee6fda95e3400815cfab564bda1c2fb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 10:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E238
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2768803346163236077&gdpr=0&gdpr_consent=
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2768803346163236077&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
0ac35f6b-391a-426b-a4c3-28d95e1fe146
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 10:31:47 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2768803346163236077&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 7798
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
42 B
340 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 17 May 2023 10:31:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame B5E6
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ec5053115f584c5fb6100
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ec5053115f584c5fb6100
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 17 May 2023 10:31:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ec5053115f584c5fb6100
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame FBF4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 17 May 2023 10:31:46 GMT
expires
Wed, 17 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
922740
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersync
usersync.gumgum.com/ Frame A927
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C429709A-AE22-4304-9627-F4BC0246331D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 17 May 2023 10:31:47 GMT
Expires
0
Pragma
no-cache
sd
us-u.openx.net/w/1.0/ Frame 8C6C
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 8C6C
43 B
504 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.96.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-96-54.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 10:31:47 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 8C6C
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.227.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-227-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 17 May 2023 10:31:46 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 8C6C
0
397 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.62.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-62-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 10:31:47 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
06f9d5c0-f49e-11ed-b316-06a2c4e90c81
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-07c3c7f751be29bea
Pug
simage2.pubmatic.com/AdServer/ Frame 8C6C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=47aabcab9a201a08&is_secure=true&networkId=17100&version=1&nuid=C429709A-AE22-4304-9627-F4BC0246331D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB2T8arRyptgMfdzzTAAAAAAA&expiration=1684405907&nuid=C429709A-AE22-4304-9627-F4BC0246331D&...
42 B
264 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB2T8arRyptgMfdzzTAAAAAAA&expiration=1684405907&nuid=C429709A-AE22-4304-9627-F4BC0246331D&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB2T8arRyptgMfdzzTAAAAAAA&expiration=1684405907&nuid=C429709A-AE22-4304-9627-F4BC0246331D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8C6C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0d06390d-c3cf-4217-afc3-9de254b71b0f&gdpr=0&gdpr_consent=
1 B
256 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0d06390d-c3cf-4217-afc3-9de254b71b0f&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0d06390d-c3cf-4217-afc3-9de254b71b0f&gdpr=0&gdpr_consent=
Date
Wed, 17 May 2023 10:31:47 GMT
Connection
keep-alive
X-CI-RTID
48eae573-5b33-46e6-b4bc-ab050cee7270
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 8C6C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=1d7de830-109e-4a27-a34e-b84b8c56fe0b
  • https://a.usbrowserspeed.com/cs?puid=d5289711-ec3e-56ff-88bd-9eb4e8fa1215&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%2...
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.usbrowserspeed.com/cs?pid=beeswax&puid=AAESDE7IyVoAACBaUprklg&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=38dca57a-3441-4c33-bbfa-e07f746a36b7&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
264 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 10:31:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1d7de830-109e-4a27-a34e-b84b8c56fe0b&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 17 May 2023 10:31:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 8C6C
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102CF081B_E5C2B01&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.68.201.140 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-367324307; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 17 May 2023 10:31:46 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-367324307; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 17 May 2023 10:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 8C6C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
42 B
388 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 May 2023 10:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 10:31:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 8C6C
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.184.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-184-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:47 GMT
c
trace.mediago.io/ju/log/ Frame FD32
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&mguid=&app=VIMP_DURA&ext={%22reportTime%22:2,%22curTime%22:1684319507736}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
c
trace.mediago.io/ju/log/ Frame 3CA0
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&mguid=&app=VIMP_DURA&ext={%22reportTime%22:2,%22curTime%22:1684319507860}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=444311531886474&bg=!oqGlofXNAAYldGN0BXQ7ADkAdvg8WssNRRQy7meB8pE7n9a6_g-vkTWV_isLC_J4bOp0-_h77LWBdAckJ0PxzUPdF5vGt2j3eQ0CAAAA9lIAAAAbaAEHmQKbJZbWmrNtdvRMQIkVTFM6jZcEwx648A0hUL6bxYYxdI04hBJ7fqHhzCb82EK9_Kf0reXyq5UurW2i4Yvr0MdewBx4z_P1yDPxPmlU9QlR7x0UkhvvmiGEQpXtSZNv78WwxoKfzPAA9tiZBkRkxxAMPnwzru_xGI0fC3zhsloFwJStrv2YEEw_dIWrFYnSySIwRi7rgXjfnrHlKWfPIHGbsNSl627WUFuIKuNZm_Kw8mrDwMKCUGaTmqUsYfZeDvkJL3lhnyeOHytXsmOeIG9_7PImDN3xL1VHDIZ-EBJbF9LkRcn3nFvpvZCml5YedMIR7Bn5ytZ8oTj3xs56UnO5nsNdpVY2khZPd3k0gdz8dY90rgc-TSWaWJqdUBNget2nuPnWYhcdwmn_MnYhTdNM14LnRHsjNYnNYgyZbpp9CV7IkJAzFdS2vPKS2LtbkJVlGE7d75tz1GyNAgFKQG3wWxdKgbKc_fhDUiTTKbMqoc39bat3SCBgJlCG2vswP01G2E82Vzr9o5oUuQJIWN_HDX9FkqW8hHcEqN5WiDnnjnIL_UJ4ox8X5Uv6Jl_uKZZIcyJQJ0z-XB7cyRxC4CLAJGlgvN3PJPvu00Q7h7vnxB3AI7JLILjO7EySqqmlHsPdrvc-_THkRFkxJiaKZp5iCOX3BfGHZKWq8xw0j-CLkEKKTJVZWXANEjv3UqBBTS9Jc817OEgm9ax_2TPXDT4-WVV0DqyrnmcwAKqOaQ5EiqkOlHGY7R9TfzwscdPxfdQGZGoEIiVahkmgnG3DApdnO3ldVbKwOVLTxGgw_yhe9nf672txO21kUaIJygt-1Oiubg3C8aC74Iiq6DfEOundDrxhqj6mS13OAmShcxm6HmIqj2J8nGn29_90ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319502748&de=715128216455&cu=1684319502748&m=5734&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=62477&le=1&lf=1762&lg=1&lh=584&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1133%3A1133%3A19250%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5098&cd=159&ah=5098&am=159&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar3&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=2&tc=0&fs=203695&na=430305998&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:48 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8C6C
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban6&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban6&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319503993&de=324564011247&cu=1684319503993&m=5402&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=62477&le=1&lf=1010&lg=1&lh=598&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1133%3A1133%3A19250%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5142&cd=9&ah=5142&am=9&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5089884148%3A3031810283%3A6025594249%3A138393314368&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar6&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar6&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=2&tc=0&fs=203695&na=221134780&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:49 GMT
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban4&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban4&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319504380&de=420259934407&cu=1684319504380&m=5427&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=62477&le=1&lf=658&lg=1&lh=440&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1133%3A1133%3A19250%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5202&cd=9&ah=5202&am=9&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032746944%3A6026357477%3A138393315328&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar4&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar4&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=2&tc=0&fs=203695&na=113229888&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:49 GMT
c
trace.mediago.io/ju/log/ Frame FD32
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=7f0baf889eaf27e6e7f9e13192054001&mguid=&app=VIMP_DURA&ext={%22reportTime%22:5,%22curTime%22:1684319510736}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
c
trace.mediago.io/ju/log/ Frame 3CA0
0
39 B
Image
General
Full URL
https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1d7c874f5825e554a75cdd33ad29fab4&mguid=&app=VIMP_DURA&ext={%22reportTime%22:5,%22curTime%22:1684319510860}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 10:31:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fhp%2Fban3&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=hp&zMoatAU4=ban3&wf=1&ra=1&pxm=1&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gzpKRbEIrmlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2F&id=1&ii=4&f=0&j=&t=1684319502748&de=715128216455&cu=1684319502748&m=10777&ar=fde231f50fe-clean&iw=4275cfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=62477&le=1&lf=1762&lg=1&lh=584&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1133%3A1133%3A19250%3A1606&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10142&cd=5098&ah=10142&am=5098&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5089884148%3A3031940869%3A6025548439%3A138413042629&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-sidebar3&zMoatCURL=tmz.com&zMoatDev=Desktop&zMoatDfpSlotId=ad-sidebar3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=2&tc=0&fs=203695&na=1348174659&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.tmz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 17 May 2023 10:31:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 10:31:53 GMT
6b678a388b
bam.nr-data.net/events/1/ Frame 0C68
24 B
409 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6b678a388b?a=1503825200&v=1.232.0&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=24048&ck=0&s=1ae124eba15c3060&ref=https://playlist.megaphone.fm/
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://playlist.megaphone.fm/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 May 2023 10:31:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://playlist.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c8b318bb9e932dc-EWR
Content-Length
24
6b678a388b
bam.nr-data.net/jserrors/1/ Frame 0C68
24 B
409 B
XHR
General
Full URL
https://bam.nr-data.net/jserrors/1/6b678a388b?a=1503825200&v=1.232.0&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=24050&ck=0&s=1ae124eba15c3060&ref=https://playlist.megaphone.fm/
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://playlist.megaphone.fm/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 May 2023 10:31:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://playlist.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c8b318bf9cc78db-EWR
Content-Length
24
6b678a388b
bam.nr-data.net/events/1/ Frame 0C68
24 B
409 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6b678a388b?a=1503825200&v=1.232.0&to=ewlYFUsMWlgGRhgWCVkfUxMWEF5bFA%3D%3D&rst=24051&ck=0&s=1ae124eba15c3060&ref=https://playlist.megaphone.fm/
Requested by
Host: playlist.megaphone.fm
URL: https://playlist.megaphone.fm/?p=FOXM2059868704&episodes=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://playlist.megaphone.fm/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 May 2023 10:31:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://playlist.megaphone.fm
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7c8b318bfe620f99-EWR
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13258

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 boolean| credentialless string| SITE_BASE_URL string| STATIC_BASE_URL string| CLIENT_PUBLIC_PATH string| AMP_BASE_URL string| DAM_DEFAULT_BASE_URL string| DAM_IMAGE_BASE_URL string| DAM_VIDEO_BASE_URL string| SHARE_BASE_URL string| WEB_BASE_URL string| DEVICE_VIEW string| VIEWER_COUNTRY boolean| GDPR_APPLIES string| APP_ENV string| APP_VENDOR string| APP_NAME string| APP_VERSION string| APP_BUILD string| APP_DEPLOYMENT_ID string| CLOUD_PROVIDER string| CLOUD_REGION string| CLOUD_ZONE boolean| IS_STAFF object| CLIENT_PRELOADED_STATE object| dataLayer object| wbq object| googletag object| foxstrike object| semaphore object| google_tag_manager object| google_tag_data function| ketch function| onYouTubeIframeAPIReady function| gtmVisitorApi function| gtmLoadAppMeasurement object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| __uspapi function| consentsTo function| watchConsent object| wbabt object| wbppid function| jQuery function| $ object| TMZ object| s object| asq object| _comscore function| gtag object| gaGlobal string| GoogleAnalyticsObject function| ga function| cnxps object| twttr object| ggeac object| google_js_reporting_queue object| adobe function| Visitor object| s_c_il number| s_c_in function| e function| AppMeasurement_Module_Media number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| gtm string| s_account object| COMSCORE object| ns_p object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableHouseBrandAndYtCoexistence function| onYTReady object| __twttrll object| __twttr undefined| google_measure_js_timing function| _typeof object| gaplugins object| gaData object| GooglebQhCsO object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| x string| y object| s_i_wbrostmz object| LOC_START_TIME boolean| CUSTOM_ANNOUNCED object| FNC function| lodash function| ope object| aax object| apstag function| pre function| onVideoOverlayOpen function| onVideoOverlayClose function| loadAd function| manualRefreshAds function| pageLoadDynamicAdPlacementsReady function| initBidding function| loadDynamicAd function| onDestroy function| correlate function| adRefreshCallback function| reloadAds function| setupAdRefreshTimerLogic function| onAdSlotRendered object| adRefreshTimer object| pbjs function| parcelRequire94c2 function| Fennec object| fennec object| pbjsChunk boolean| apstagLOADED object| apscustom object| _aps object| Criteo object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_1817006 object| MoatDataJsonpRequest_1817006 object| GoogleGcLKhOms object| google_image_requests

191 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9vCPyoIxCgoI4gEQ9vCPyoIxCgoI5gEQ9vCPyoIxCgoIhwIQ9vCPyoIxCgkICRD28I_KgjEKCQg6EPbwj8qCMQoJCAsQ9vCPyoIxCgoIjAIQ9vCPyoIxCgkIXxD28I_KgjEKCQgfEPbwj8qCMQ==
prod.xid.atp.fox/v2 Name: xid
Value: 9f7c28b1-5bcf-4b2a-9145-1b007a69bdd4
.youtube.com/ Name: YSC
Value: nLaY67cobew
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ihs_jGe_EbI
.imrworldwide.com/ Name: IMRID
Value: fc6873a0-f49d-11ed-a24c-8ffcc53d42c3
.demdex.net/ Name: demdex
Value: 19187662051573948914210813287748594420
.scorecardresearch.com/ Name: UID
Value: 1CC88edd4e6fa36fe5d09dc1684319490
.tmz.com/ Name: _ga
Value: GA1.2.1084030298.1684319489
.tmz.com/ Name: _gid
Value: GA1.2.1198122314.1684319491
.tmz.com/ Name: wbppid
Value: 8b8e530f050d4b9dadf0ab548c791b1e
.tmz.com/ Name: _gcl_au
Value: 1.1.2088206945.1684319491
.tmz.com/ Name: AMCVS_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGStAwAAAHemOANP
.tmz.com/ Name: s_ecid
Value: MCMID%7C14357699558290564263685038476820947093
.dpm.demdex.net/ Name: dpm
Value: 19187662051573948914210813287748594420
.www.tmz.com/ Name: s_nrv
Value: 1684319491960-New
.www.tmz.com/ Name: s_ppn
Value: TMZ
.www.tmz.com/ Name: s_cc
Value: true
.smetrics.tmz.com/ Name: s_ecid
Value: MCMID%7C14357699558290564263685038476820947093
.tmz.com/ Name: AMCV_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19495%7CMCMID%7C14357699558290564263685038476820947093%7CMCAAMLH-1684924291%7C9%7CMCAAMB-1684924291%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684326691s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19502%7CvVersion%7C4.4.0
.tmz.com/ Name: usprivacy
Value: 1---
.tmz.com/ Name: us_privacy
Value: 1---
.tmz.com/ Name: _swb
Value: 8c0703ab-24e7-49ef-a7a1-6638b6964ba6
www.tmz.com/ Name: FXN_flk
Value: 1
.tmz.com/ Name: _swb_consent_
Value: eyJvcmdhbml6YXRpb25Db2RlIjoidG16IiwicHJvcGVydHlDb2RlIjoidG16X3dlYiIsImVudmlyb25tZW50Q29kZSI6InByb2R1Y3Rpb24iLCJpZGVudGl0aWVzIjp7InN3Yl90bXpfd2ViIjoiOGMwNzAzYWItMjRlNy00OWVmLWE3YTEtNjYzOGI2OTY0YmE2In0sImp1cmlzZGljdGlvbkNvZGUiOiJkZWZhdWx0IiwicHVycG9zZXMiOnsidGFyZ2V0ZWRfYWR2ZXJ0aXNpbmciOnsiYWxsb3dlZCI6InRydWUiLCJsZWdhbEJhc2lzQ29kZSI6ImRpc2Nsb3N1cmUifX0sImNvbGxlY3RlZEF0IjoxNjg0MzE5NDk0fQ%3D%3D
www.tmz.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tagger.opecloud.com/ Name: ope_uid
Value: 2-YZigZxdYJ3h2yHZKPhQZp213QAWywLo1tetwswRubgWW9zVPcUphJZf2wveCUlOAyidcxQ==
.kargo.com/ Name: ktcid
Value: 8bf44002-3752-08a3-11b4-5d6c24a30aca
.openx.net/ Name: i
Value: 9b71702b-08cb-02bd-28ad-2a1cd8639a12|1684319496
.doubleclick.net/ Name: IDE
Value: AHWqTUkkJ_rfBgjvbv7-3j-EparCRDSibwPagMxxJVJG5l12O-xYvTNECfD6gOHD7hc
.amazon-adsystem.com/ Name: ad-id
Value: AxlpxC5Tq0iQkA9cpKCqq2w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDID
Value: 2d909864-2418-4a60-9ec8-c961d3e14a63
.rubiconproject.com/ Name: khaos
Value: LHRKCA12-D-DA9B
.media.net/ Name: visitor-id
Value: 3273210971454852000V10
.gumgum.com/ Name: vst
Value: u_fde2e35b-d1e8-4857-a935-8de12bd3b086
.casalemedia.com/ Name: CMID
Value: ZGStCqTjy5FfWw6nXPYvfwAA
.casalemedia.com/ Name: CMPS
Value: 044
.casalemedia.com/ Name: CMPRO
Value: 044
.sharethrough.com/ Name: stx_user_id
Value: 5d16c636-2886-467d-b0c1-d8fb6317e279
www.tmz.com/ Name: xid
Value: 9f7c28b1-5bcf-4b2a-9145-1b007a69bdd4
.adnxs.com/ Name: uuid2
Value: 2768803346163236077
.yieldmo.com/ Name: yieldmo_id
Value: g61a31454be8ab0bb78e%7C1684319499280%7C0%7C
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1170506%7Ct%3D1170506%7Cdv360%3D1170506%7Cpub%3D1170506%7Can%3D1170506
.bidswitch.net/ Name: tuuid
Value: 1d7de830-109e-4a27-a34e-b84b8c56fe0b
.bidswitch.net/ Name: c
Value: 1684319499
.turn.com/ Name: uid
Value: 7773351280725958108
m.stripe.com/ Name: m
Value: 0fb322e1-74ac-47a5-b7a0-7b4b00df3f9d86b8fb
www.tmz.com/ Name: _lr_retry_request
Value: true
www.tmz.com/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: pd
Value: v2|1684319500|vMgavPkWgyiK
.yahoo.com/ Name: A3
Value: d=AQABBAytZGQCEJ0dp9ixscLVmHzIRJG73WYFEgEBAQH-ZWRuZCXcxyMA_eMAAA&S=AQAAAsJQgqV1bOSKYPOk3uISc0k
.33across.com/ Name: 33x_ps
Value: u%3D212165318746969%3As1%3D1684319500240%3Ats%3D1684319500240
.3lift.com/ Name: tluid
Value: 675502416478013597641
.tynt.com/ Name: uid
Value: QxvX/GRkrQwDYEPCXIDfZA==
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4dc4839d-c658-578e-70ac-1dd3650e544d.qpamCQ0CTKcckQe1h0ASUQjSDSNd0EqXDlfdzWWr8%2B8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATcSDncZYV45wrB3TZQ5UTZU4mbQ.knZeo8fldKwytf7oRbkbxDMYskjOk7NxzVWUq7WcH4c
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATcSDncZYV45wrB3TZQ5UTZU4mbQ.knZeo8fldKwytf7oRbkbxDMYskjOk7NxzVWUq7WcH4c
.brand-display.com/ Name: _knxq_
Value: 63038ceb-6793-83ba-5b73f849.1684319500.0.1684319500.1684319500
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1684319500555%7D%5D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzMDMyNbcwNzUwAmJzY0shPkNdpyzD3PRMJ9cI70gzADm6zWIkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzMDMyNbcwNzUwAmJzY0shPkNdpyzD3PRMJ9cI70gzADm6zWIkAAAA
.contextweb.com/ Name: V
Value: uKJJ4yyMvqXI
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8dd567ce43b21796
.deepintent.com/ Name: CDIUSER
Value: di_ec5053115f584c5fb6100
.ipredictive.com/ Name: cu
Value: 0d06390d-c3cf-4217-afc3-9de254b71b0f|1684319500676
.outbrain.com/ Name: obuid
Value: d9a3603e-7caf-40fe-aacd-d167b97389e3
.technoratimedia.com/ Name: tads_uidp_44
Value: LHP06HQP-Z-CE7N
.technoratimedia.com/ Name: tads_uidp_88
Value: 1468645970767512412610
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: 6766E48E-4512-47E5-9AB6-31112DF9B20C
.technoratimedia.com/ Name: tads_uidp_46
Value: 2248803453744334736
.technoratimedia.com/ Name: tads_uidp_79
Value: 9bfff6e9-7b5a-4967-a40b-0fc32e790c64
.technoratimedia.com/ Name: tads_uidp_37
Value: 9198a3bb-5df0-3316-a975-946f81543a74
.technoratimedia.com/ Name: tads_uidp_48
Value: 67c7f47a-1f95-4c52-9ae5-4bbf28279626
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAB3BazMRvlYgMa2pN5AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 46aec8d4-f6c5-4c7f-8efa-2a48f90a54bf
.technoratimedia.com/ Name: tads_uidp_80
Value: y-GrMd1xNE2uG7QafHXsMCZFCIK9ZOBPe9~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZGJQXwtiv2xuMiHwaL9.1gAA&134
.technoratimedia.com/ Name: tads_uidp_50
Value: fab28d66-7037-407d-8983-d38cc5810e53
.technoratimedia.com/ Name: tads_uidp_61
Value: 212127769546834
.technoratimedia.com/ Name: tads_uidp_62
Value: 3271663071454994000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: tqLYmMiLPUCJK83fpqR8fRdhkrN8Q6Cu
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-29f08066-c7c9-4a3b-9980-3d560c48acf5-005
.technoratimedia.com/ Name: tads_uid
Value: 5597529CCA40456999768DE69389154D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20190828051959+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.zemanta.com/ Name: zuid
Value: BBzfYL8CChB5VkDwA5MY
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005%22%7D
.bidswitch.net/ Name: tuuid_lu
Value: 1684319500
.360yield.com/ Name: tuuid
Value: 99fa6124-c2d7-4941-bfb0-9e715c45c9ad
.360yield.com/ Name: tuuid_lu
Value: 1684319500
.mathtag.com/ Name: uuid
Value: 12c66464-ad0d-4f00-ab70-9ee7e47009a2
.ads.yieldmo.com/ Name: ptrt
Value: 2d909864-2418-4a60-9ec8-c961d3e14a63
.sitescout.com/ Name: ssi
Value: 9f0312ad-38f0-4a69-8c6e-cd9f646db368#1684319501293
.tmz.com/ Name: __gads
Value: ID=c528c26534c64227:T=1684319498:S=ALNI_MaBbbrbYwTGYrrywMfs0aFFnVLFrQ
.tmz.com/ Name: __gpi
Value: UID=000009f32f77a037:T=1684319498:RT=1684319498:S=ALNI_MaVfn4aNAMwFg7f0U5cXozNFIscGA
.smartadserver.com/ Name: pid
Value: 2248550271948191650
.bluekai.com/ Name: bku
Value: ikG999t+jsEZSLD5
.tmz.com/ Name: _ga_NCN9V8PMQF
Value: GS1.1.1684319489.1.1.1684319501.48.0.0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0300fc3b-d7bf-46f1-a9ef-7bc89480ea3d-005%22%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 2da9d31c-026b-5289-b8aa-17d9dccebad4
.betweendigital.com/ Name: ss
Value: 1
.bing.com/ Name: MUID
Value: 0F2C5D678C62665D16084E738D59670C
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&21d12750-fcea-4e09-877c-4f97abc18612"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1684319501:t=1684405901:v=2:sig=AQGk4e4luDuMBXW-95byp8rgZlnZwf3O"
.ads.yieldmo.com/ Name: ptrrc
Value: LHRKCA12-D-DA9B
.ads.yieldmo.com/ Name: ptran
Value: 2768803346163236077
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C429709A-AE22-4304-9627-F4BC0246331D
.socdm.com/ Name: SOC
Value: ZGStDsCo8XYAAPDDDTUAAAAA
.openx.net/ Name: univ_id
Value: 537072971|2d909864-2418-4a60-9ec8-c961d3e14a63|1684319502294371
.admanmedia.com/ Name: admtr
Value: e342b450-66b4-41f0-b1ca-6c8829ec479b
.admanmedia.com/ Name: ac_r
Value: CS71
.betweendigital.com/ Name: ut
Value: ZGStDgAHIDiqAF67UxeQJzn8pDhCU0iJ-gWfZw==
.mfadsrvr.com/ Name: c
Value: 1684319502
.mfadsrvr.com/ Name: tuuid
Value: 51371d1e-b9d1-4859-8fd7-e5877e039233
.admixer.net/ Name: am-uid
Value: 79365997055a4b3e9c451f56caf64d4b
.creativecdn.com/ Name: u
Value: esAM4jFeGNWGRUSs7Kls
.creativecdn.com/ Name: ts
Value: 1684319503
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684319503
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1684319503
.mookie1.com/ Name: id
Value: 10599080989859845205
.mookie1.com/ Name: mdata
Value: 1|10599080989859845205|1684319503904
.mookie1.com/ Name: ov
Value: 9079a1600581a89ddf8b6d9b17e65bad
match.sharethrough.com/ Name: AWSALBCORS
Value: 49eNz1RAq+yCu7Fo/sjQ4Idjo9GQjbea8l8UTeQri3nSmmP4vmuCBi0OHAw58E8F637CbINe+6PpoKEVHXW5rEZCeT2Lkh5Ol/PmWKQt8aUhV/4sN5+EwWQt7wwr
.fwmrm.net/ Name: _uid
Value: "v2817_7234097185695031562"
.taboola.com/ Name: t_gid
Value: 3ab11f22-a2d0-4fb2-ad84-7d99fae7fc11-tuctb5e3290
.company-target.com/ Name: tuuid
Value: 25bd24ee-d3c6-4448-9d53-2ea0d5cbf1c3
.company-target.com/ Name: tuuid_lu
Value: 1684319504|ix:0
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnpwfHY5v7BHIFpyqCdHc4nQu3JrsKQjxucPTGqPm2mh2omY9TJmr2GZvSgJQC4TM1
.mediago.io/ Name: __mguid_
Value: fbf5ba3f97a6d447a843febc0577a0f4
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFibGhpamBqaGj0C4lvYGZutooFwTcyNTUFAHFQTCswAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968625787502750739
.bidr.io/ Name: bito
Value: AAESDE7IyVoAACBaUprklg
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1684319505189
.tapad.com/ Name: TapAd_DID
Value: d486060c-e813-489b-bb88-9b85bf812d2d
.adgrx.com/ Name: ADGRX_UID
Value: 057fa382-f49e-11ed-af2f-ea49dfcb416c
.simpli.fi/ Name: suid
Value: 26D4858F38B64E928F9E607F1CDB92C6
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-057fa382-f49e-11ed-af2f-ea49dfcb416c&KRTB&23275-057fa382-f49e-11ed-af2f-ea49dfcb416c
.foxnews.demdex.net/ Name: foxnews
Value: 19187662051573948914210813287748594420
.ads.yieldmo.com/ Name: ptrpub
Value: C429709A-AE22-4304-9627-F4BC0246331D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2d909864-2418-4a60-9ec8-c961d3e14a63&KRTB&22918-2d909864-2418-4a60-9ec8-c961d3e14a63&KRTB&23031-2d909864-2418-4a60-9ec8-c961d3e14a63
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEDtkwlN1FicPwlSbHVqqS5M&KRTB&22987-CAESEDtkwlN1FicPwlSbHVqqS5M&KRTB&23025-CAESEDtkwlN1FicPwlSbHVqqS5M&KRTB&23386-CAESEDtkwlN1FicPwlSbHVqqS5M
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7773351280725958108&KRTB&23150-7773351280725958108
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:26D4858F38B64E928F9E607F1CDB92C6&KRTB&23486-uid:26D4858F38B64E928F9E607F1CDB92C6&KRTB&23489-uid:26D4858F38B64E928F9E607F1CDB92C6
.thrtle.com/ Name: mc
Value: eyJpZCI6ImFjN2MyMDI5LTc3OTItNDQwYS05ZmQyLWFjMWU0YzM5NzVjNSIsImwiOjE2ODQzMTk1MDU1MTUsInQiOjF9
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEhinba0KsF2e1WuCoMxA8a+JUixCbOKdoeC/aBqglzJJhkMpiH4ODHy1jb3reD//fwJDinn2mpbfANjKiRLRc633EIDgD5dJ3S3iLUirbV3Q==
beacon.lynx.cognitivlabs.com/ Name: UID
Value: c6337ada-ed33-48d1-b28f-0d2d28d29472
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2boy:19b7~2boy:190u~2boy:175w~2boy:18z8~2boy:18yx~2boy"
beacon.lynx.cognitivlabs.com/ Name: ss
Value: LdZaxWOpLxcNvHKoQqonC2624sOtkIWOIh%2Fl1c3pWkqy52ufve%2FDe9h4xHmWd3i16WQPNax5tz7tV01DOE%2FSpg%3D%3D
.bidswitch.net/ Name: google_push
Value: ATf1kGP1fheLPbj2NbkQeKqUVb8tcaBIOHfsgUSYmlpOUxlvBG2z9FRsbBV4cA5danpRF4G7Zvz3CFZ7uPf_jBWDM0w4C0dQA8SX
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIto_F5v2y6zsQBRIWCgdzdng5dDUwEgsIxNaV-f2y6zsQBRIYCgliaWRzd2l0Y2gSCwisjMuP_rLrOxAFEhYKB3J1Ymljb24SCwjM7JSR_rLrOxAFEhcKCHB1Ym1hdGljEgsImurdnv6y6zsQBRIUCgV0YXBhZBILCMze1aP-sus7EAUYASABKAIyCwjM1tjQlLPrOxAFOAFaBXRhcGFkYAI.
sync-dmp.mobtrakk.com/ Name: pid
Value: MmU5YjVkN2NjZTgwMzUzZQ
.go.sonobi.com/ Name: __uis
Value: 31f6ea04-1b19-43f2-a7db-1973cb4bcea4
.go.sonobi.com/ Name: HAPLB8S
Value: s87155|ZGStF
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3298
.smartadserver.com/ Name: csync
Value: 127:AAESDE7IyVoAACBaUprklg
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kmt|7dN.0.AAESDE7IyVoAACBaUprklg|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAESDE7IyVoAACBaUprklg
.criteo.com/ Name: uid
Value: 6209cd6b-41a4-419f-b65c-4a18fb6074c3
.tmz.com/ Name: cto_bundle
Value: 6AtG0l9TVzVxUktneEdlVVJOajEwSkpBMGZRdmJJa3ZiaFglMkZxZGNuTkxacmh2ck9SRHZ6NTNTcTclMkYlMkJXSldkeWpxaWJSRHU2Q1R6bThvRDJNZjdtQVdiV2NNYVR0TkhNQVpQS3lZb1hBeGw1JTJGSm83a2NVeDRpOXAyVGJkaDM0UjdFeGZQaDBUYnJrUWhEaHBUJTJCTnVYTiUyRk1DdlElM0QlM0Q
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1684886400%3A248%7C1685491200%3A261_260_259_258_201_263_262
.pubmatic.com/ Name: SyncRTB3
Value: 1685491200%3A46_250_13_22_231_178_220_71_54_7_3_8_104_48_166_165_21_55%7C1685145600%3A63%7C1685577600%3A35%7C1684886400%3A2_15_223
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230517%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_ec5053115f584c5fb6100
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2768803346163236077&KRTB&23339-2768803346163236077
.dotomi.com/ Name: DotomiTest
Value: 47aabcab9a201a08
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NDMxOTUwNzQyNiwiNDEiOjE2ODQzMTk1MDIxNzh9
.quantserve.com/ Name: d
Value: EOgBCwGBKfijAA
.quantserve.com/ Name: mc
Value: 6464ad13-69acb-a6fc2-d09ad
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk&KRTB&19420-sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk&KRTB&22979-sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk&KRTB&23462-sanCQ-b5xUSqq80W5P_ZFrH7l0Wq-cRO5vmNNvbk
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-0d06390d-c3cf-4217-afc3-9de254b71b0f&KRTB&23011-0d06390d-c3cf-4217-afc3-9de254b71b0f&KRTB&23355-0d06390d-c3cf-4217-afc3-9de254b71b0f
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAB2T8arRyptgMfdzzTAAAAAAA&KRTB&22713-AAAB2T8arRyptgMfdzzTAAAAAAA&KRTB&22715-AAAB2T8arRyptgMfdzzTAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341&KRTB&23418-9f0312ad-38f0-4a69-8c6e-cd9f646db368-6464ad0d-4341
.bfmio.com/ Name: __187_cid
Value: C429709A-AE22-4304-9627-F4BC0246331D
.bfmio.com/ Name: __io_cid
Value: c930736100289f1d3196297f124cb4709d963f37
.mxptint.net/ Name: mxpim
Value: R35CA9_102CF081B_E5C2B01.1.00000000000000006464AD13
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA9_102CF081B_E5C2B01&KRTB&23092-R35CA9_102CF081B_E5C2B01
a.clickcertain.com/ Name: _ccpx_u
Value: 38dca57a%2d3441%2d4c33%2dbbfa%2de07f746a36b7
.a.usbrowserspeed.com/ Name: tuid
Value: a87729d3-7f56-4b92-a0e3-af3175464f3d
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1d7de830-109e-4a27-a34e-b84b8c56fe0b
.pubmatic.com/ Name: PugT
Value: 1684319508
.pubmatic.com/ Name: SPugT
Value: 1684319509

16 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js(Line 1114)
Message:
Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript error URL: https://www.tmz.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13258' from origin 'https://www.tmz.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_fde2e35b-d1e8-4857-a935-8de12bd3b086&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:12c66464-ad0d-4f00-ab70-9ee7e47009a2&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
7bd92.v.fwmrm.net
924f9d77a7d12899566e8480e899cfb8.safeframe.googlesyndication.com
a.clickcertain.com
a.usbrowserspeed.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
analytics.google.com
api.btloader.com
api.rlcdn.com
api.versusgame.com
api2.amplitude.com
b1sync.zemanta.com
bam.nr-data.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btloader.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cd.connatix.com
cdn.indexww.com
cdn.ketchjs.com
cdn.krxd.net
cdn.mediago.io
cdn.opecloud.com
cdn.syndication.twimg.com
cdn.versusgame.com
cds.connatix.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
cs.media.net
d2cli4kgl5uxre.cloudfront.net
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fox.demdex.net
fox.tagger.opecloud.com
foxnews-d.openx.net
foxnews.demdex.net
geo.moatads.com
global.ketchcdn.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageaws.popin.cc
imagez.tmz.com
inv-nets.admixer.net
jnn-pa.googleapis.com
js-agent.newrelic.com
js-sec.indexww.com
js.stripe.com
krk.kargo.com
m.stripe.com
m.stripe.network
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
megaphone.imgix.net
minigames.versusgame.com
mug.criteo.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
player.megaphone.fm
playlist.megaphone.fm
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prod.fennec.atp.fox
prod.pyxis.atp.fox
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
prod.xid.atp.fox
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
q.stripe.com
r.stripe.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.company-target.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
simage2.pubmatic.com
simage4.pubmatic.com
smetrics.tmz.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.foxnews.com
static.tmz.com
stats.g.doubleclick.net
strike.fox.com
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
tagger.opecloud.com
tg.socdm.com
thrtle.com
tlx.3lift.com
tmz.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
video.twimg.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.tmz.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
api.rlcdn.com
100.25.231.115
104.18.10.47
104.18.11.47
104.18.25.185
104.244.42.72
104.36.115.111
107.21.227.211
107.23.199.142
108.156.164.236
108.156.172.12
108.156.172.38
108.156.172.74
108.156.172.76
108.156.172.95
108.156.180.227
108.156.184.119
119.63.198.180
124.146.215.45
13.58.139.71
130.211.23.194
141.226.224.48
151.101.130.137
151.101.193.108
151.101.194.132
151.101.194.133
151.101.2.217
151.101.2.49
151.101.66.137
162.247.241.14
162.248.18.34
162.248.18.37
169.197.150.8
172.64.154.204
173.194.215.157
173.223.57.84
173.231.178.115
174.137.133.32
18.205.37.229
185.184.8.90
188.42.34.64
192.132.33.46
192.229.173.16
192.40.39.223
198.148.27.140
199.127.204.171
199.187.193.177
199.187.193.182
199.38.167.131
204.62.13.72
205.185.216.10
207.198.113.93
209.54.182.161
23.205.72.21
23.3.115.102
23.41.168.202
23.41.169.149
2600:141b:13:681::2313
2600:141b:13::17d7:8258
2600:1901:0:7a0b::
2600:1f13:e36:d806:a626:4d72:4b0d:1f4e
2600:1f18:4e9:5a02:c104:fcd:17de:de96
2600:9000:24f7:6e00:16:81fc:7dc0:93a1
2600:9000:24f7:ca00:b:ee9a:1d00:93a1
2600:9000:24f7:d000:11:9be7:da80:93a1
2600:9000:24fd:2400:1f:e7d6:9480:93a1
2600:9000:24fd:4c00:a:ddda:cf00:93a1
2602:803:c002:200::115
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:21f:dc2:1fe1:23fc:954:1461
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::ac43:4e7
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:ae80:1471:16::730
2607:f8b0:4006:81c::2016
2607:f8b0:400c:c00::9a
2607:f8b0:400c:c01::9c
2607:f8b0:400c:c04::9b
2607:f8b0:400c:c04::9d
2607:f8b0:400c:c06::84
2607:f8b0:400c:c08::88
2607:f8b0:400c:c0c::84
2607:f8b0:400c:c0f::5e
2607:f8b0:400c:c0f::66
2607:f8b0:400c:c12::9d
2607:f8b0:400c:c13::5e
2607:f8b0:400c:c13::9a
2607:f8b0:400c:c14::61
2607:f8b0:400c:c15::5f
2607:f8b0:400c:c16::5f
2607:f8b0:400c:c16::63
2607:f8b0:400c:c32::9d
2607:f8b0:400c:c36::71
2607:f8b0:400c:c36::84
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f258:e0:face:b00c:0:4420
2a04:4e42:200::644
2a04:4e42:78::720
3.135.132.32
3.215.81.226
3.225.218.10
3.229.184.207
3.33.220.150
3.69.181.173
34.111.113.62
34.111.151.213
34.117.239.71
34.149.20.76
34.171.234.26
34.206.190.140
34.216.93.162
34.238.47.251
34.239.204.15
34.72.38.16
34.96.71.22
34.98.64.218
35.163.153.0
35.173.167.165
35.190.90.30
35.207.24.140
35.208.249.213
35.211.165.199
35.211.178.172
35.244.159.8
35.81.229.26
35.82.203.206
38.68.201.140
44.197.95.124
44.228.125.220
44.237.13.56
50.31.142.127
51.222.39.187
52.2.185.167
52.202.176.32
52.207.45.55
52.223.22.214
52.4.33.45
52.4.93.7
52.57.206.241
52.94.223.37
54.147.162.32
54.167.135.175
54.171.62.25
54.187.159.182
54.205.21.165
54.205.236.63
54.209.96.54
54.69.60.90
54.70.216.151
63.140.36.104
67.202.105.23
67.202.105.34
68.67.161.182
68.67.179.166
69.166.1.12
69.173.151.100
70.42.32.63
74.119.119.139
74.119.119.150
74.121.140.211
74.125.196.149
8.2.111.13
8.28.7.81
8.28.7.82
8.43.72.97
80.77.87.163
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00b5234fce82c2e0b46274c306ab0d4372d2ea379b616c8816b26e96854e47ef
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e
01cbe46de5be0b6a24a2028fd5c096b96ff0dc3917c5bfe4ff44ee6f5efe4c79
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9
0268cdb70a38d6d5f08308884d07ffc2bdef635c0658d134e1a7d2ba2f1cf5c8
02ebcd30b3c075a6f619019d2c3e054c0e33dc8c7870d7a509cefbd7a484f06a
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
038fec36fc679c282443e6b975385fe5f3d01fcba58065c4dc8ca71d872a6101
04661086981dd31ebe696d8a8fe503bb6e15c3f97ced28541d50a6918bc4b03a
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078d40511d5f933d7964012a5fcc1dd28a2dc214ee23c8716a3571443164c63c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bb9991a57639e40f09e970836e8b3917582ff6cc3e6468950aa9ec3348fe192
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c12903c52fe15e8c6cd0df8810fffbdc84ef7e7ff8c862497181f22dbc74539
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cf9e1b1d21a708b0a44af4b794f277cf337386fe0f5db21136f29110433fb21
0e4ea35adb398a60d969426bf14b40d252e4cc87803c123f8d6ce6f89030f520
0e57f088a416d41a37575bb6d71122ac22b9917d9a847744d703eb103b58b302
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9
0f3ca066c2204a39dffb4b4f7f2fbb5b36ce74efbcb28898c0e262345196a05d
0f77d78525de2933779640b94aefada97f28028ad748a6b11f017f79e97fff7e
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0
11a70ce0e5488d6ffabd2e0ac9dd0af2e6d10a5c860556981079053333543745
12c8a44a41b19fb16406cafc2ada63a66d27d568851e8fc0e86c5d97b9910f42
1428ca8ba0ad84ca327eab89bd41ad7777d88ddc5cf1b31f618ec04bfad38da2
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
15f92dd1206d1ce49f9b0553e900b7c5e9cd426fb2ae941a435e560925f9812b
16130a09a6f8f8546e8ed3a9472b7759ef6f7565634436f02184f1930507a249
16c173aa529afb1fe36e0add8deb4195ee6fda95e3400815cfab564bda1c2fb0
1702e752eeb0b4733f245ffb3aba22331b7208b0ff36335bf0100c5660ad4072
17035f7282a1a590f085b3198112214da1028e143e494b60dad4f835647b592b
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
17df988d2395b27fbc18ea60d519f69d0091f7c7d300fdfb95ec3f362d20c3e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9
18e25f55a7b7b2976f8c6f445b9f2ac395e0e57f2389fce8e8edeb4b98f570f0
192bde7b0c34aad42bfd3a66e1616c77674718a8d99950479e9a2537f67223c3
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b8e14fff614c2140fecb76b740fee60671920a051a330bfedccd7829415038e
1dae5d7333d2dd8ba2c43fe1760dd3cde18786918aaaed0259e272f69476b98e
1f3075009a76be08b00b2bc10429db9afdbaccfd738ad88516fd0c237dfb400b
23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e
23b728dc05e13d8f3c4c08fc033111642c200be31027d7f4b6b524bfbc9fbffb
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26de5b2f18f9d451a3147d00dd26c7f91ec9b3f2d4e1a356d9887bdc32c674b9
26ea63b37ba528871356111e81cbb3c8a2b7618997a06c7483a5e993b115ee7f
27386392f194a09d8dbe95ba20693b5d253b4b24630837b7e094c46d3d7ab2a4
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
281904c2a3c974cb159213635a29d65e04457f7ecd0f46c50fb9482ef7ba884e
296f41b29964f21fe7fad561d86e9667578570190a6bc10bd33515372f0af138
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b1b660487940af62010c6c7aac1648d9c1d02bea5e99dd5fa1180a60fc1d504
2cb44dc38d8f6c71dd66b07955f87d7d7517858966aa329bf1baddc69026168c
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39
2d4c80892f37aa6e8463f1af7c1c11d6195c4850418db794806541bd5fcd26d5
2dfcbc245c00b4ab368b6fa576303cd954f8cd8b519f419d6dcc9dfa82dd4414
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce
2fae0c88c49be22fc19585d9ff53abbd220b8c8fdd139b19574583bb6221626f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3337841a8b1840737244a42758520285a8db70c78aa11fb11c3efef6a6288350
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35
33fbf032826fd0605169fcc5498e5dd539482481be18b44fbdcb09455a8d2cd0
34096602367614761a7e335a38b3b534b06a8e6cfe028a41ccde2064719c4730
34329ed18454d0cd30ecb05f3a38db89d776123eb8e7a7e0e913fd75461baabe
35e3b6a9918f6fae8023f5750e328863ec05f69850fe41fb739ed701bb849403
35e6d809eecb9e8425a2ea4247aafa3e0c8e4d8b33fc4e69b81ff75e2068d044
3622300d61bb487a844de818565f8e621ed226ce79176b54b6fbd3fd2d199d67
3735518a38780f6ae00743e402d2552b44bdfb2f541dff8fc882dbbe830e1698
3793c0ebf407cd243bf096d11cb2c88ca3a638f529d9898a28f39bfdbb6098ab
37edcafbce3ae9b6ed4e6a5f4516726f7d45d200efa2e3628dcc3aac4e3ebcda
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
388178b826b5cf925dbfa00da775e4195f9181c27bfa1807b4729dcd2a1b6289
38ba8106b0b700260723b8adafa054a3636b20783bbbec3afef1aea97efe4dd7
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
3b680b75ccbecc2aefb872163cd487ed964f764c12d4f9b356683e4b4469ade3
3ba0f53ba955a7e6d39a52bb0d654ed09c3aa67ef42cc1e9fae8e20cf8eee9fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e645d7b9dd12ed071e03671d191f188fb2330af3b1a0deb458c48b886fbad86
3e91db0285a6d6e4496bddf7e102fd376b68785d73d4b36872cd0f6932446e4c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f147cb3af5ce9041d8a658f2ba356d49a3676cf4f4e864c63ed27d039ec733e
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
409668da18b7f6a2591b5208a4c74f2dedf226fa4d536a0d9b8b98b0159d09cf
41f9d9cd89fdd83a94b89761c25ab2af7650fb2815e294594ba3da6b697a5edd
43a5c49df4efe7cfaa7fc1ec8e287dcab93eecf7b383a4eb2bd617778ca4d8b0
43abbf56526a8d2ea8419384b846cae9d53bc75a56841ce419e93e01a0952c73
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4438b6abebba6f52dcb9092621bb4eed4e10e838f036e69e069511b3f97aa29e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a505bc6f5c7c047e4bc61224e6cc94e391216462205d73ff8edd0f62663546
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3
4a57cb34fa86e2ffeb09eb7cd10a1a5b175fed1d15a665af3d8a033a009d2878
4cbf1984a3a2e076f407d4b25d817ab9cdc78c862ef0db82fd2166cf1fe77049
4d9d15f593af95c4491e9987501d717b27235444966ef846718d7c88c61497ca
4def31d1b5e43eaa877ec9e5f811a2f98098f1e51144979d41f9bcfffb84f347
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0d5d9af58e061a36086c0ccd113fead838b7d3a9917f9181f7283503d6df2c
4f2f62556894f7bf14fa3aa45feac2a49202e100ff35c944601d19051f417a91
508eabfe0b4b9ed312e4f18cae2c6ef6ca8ce512034f7861be4b68598ecaa3eb
5225bc3c3d88edd3ca118f3af317cdead6bddfb5ee1ab9aa2411387803831e04
5290602c25843c6e2e6905e8b77a648f8479d4d7fb0dc75dcc8e4197faa9e382
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551f69e7bbf6b354cf7c56cbbf449def07337e85d4eef18c1c0b3dda173371c9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
56566821d8b88ea09fd68ceed0211524c4b6cfd9ef35147d63b0b23814092fea
566b8cb45eb68b9431b3d25de16780132196193f76a2e890482a4268864a0ea8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c333f0e53ef846d34a62586700a24d92819d3c8907472cd34b0cad2e02cbada
5d926b03634b02b768f3114f9e9c4cbb4bcd15e7d871ec4edde0d91657e9e408
5defc00512db59bfe7b8d0c4e5701966a8a6be6de119e93a5e8b4d2ed8001f4c
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60c3a5babd0a75ece28db3fb5de437637ebeccdd2e8f3f99c760b6fb1910d3d5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644ad7b6d992393e0483c585357e2f7e16f0a0ce6ddb616bd8ae321c8b934792
6689e6dec40999eb649c33ecd144b5676d7506e6bd7d8304bf59730bf3fcf120
673208ff8d0e960ffbfe1b881d9ea0b214b8e5a7e62c7312077d93126d91eb1f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afb45fc58e1309ac5cb169831ef57f680ebb26dccffaedea879e9cccb070cb2
6b0504f6864919c1297e34207fcd801763aee59bca5f0b6efea9409bd8ba2550
6dceaac0d6a1ba768d8437c67b4d9a760a3376675110506b80c0a132e23d4d36
7009271b3f3b24fece7e2b7ef94c19bfbd5469237357e3da3f2c736aba12055b
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119
7193a4f3549d7529eb028aa51b4533f2f2f54e908b01039e6370c89792bdea9e
720f06e2003dd7e392ee507a2cbfa762746c30d2b26c1ca8c5eba0e236708092
72a011c79640567ca62d15ab0cd1ac54a53b9194e3fb1b51ba8c041c7c769e30
72a418acbd35a013ad51278ee6c258d293bcff425ec5edc8407cc43712853d3e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
74bcfb6fe93a0893de6612aae121331f63953238d299ac66607c1dfc4a2fa45a
7602aebd2f8a91fc47333db9ec42757478f6e95b5aa9a9a2930f654a81640a66
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
783c9724461a403cde99ee0cc94cb51924f140a5cd07d58641db154363e007da
78ad837e2fd773eeb062168736f7664cc765a083dc68470b64fd0e4fe4c7956e
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7938e3d899756731b4d21fb9f08d181f6f7b4c355026d050ae8afd11bd775006
795c8c5fa7697544f1c5447b371f3c7306cfb3842fce3eb13ca582e173c65c52
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373
7a753ac0cbdad0f2ba44fe864f858d90f6ef7d3020e8a4aa9cdd31543c6a9605
7a958bb77f866ab4f4f5320302ddc64bcc7bf9649c3df3aa99449b9e1935e782
7b765f29f5b849b7857bd65976f3e0580efdb986a26003a8dfe5cdca3f903332
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c33d014b8590d1fb9677ac64a0fbd7b741c105bebc28153adfb352c9dbdda95
7cb5e0631d216708f882244499f0bf79773495451a0a749fc04d6e22728465ca
7ded0bfd204406809b023171e23efc490eb3bef1c922a845414990490f3855db
80a3267066656d1d4e5d915140a1174481f2853a28189171523eecafad78154c
80b4b4ac46ada4def892d2a927c7fe8a4cfe041cf3d91c2d472214cdec60a635
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
835196b8ac50a5f02e607e616c16aed76a13de85e4b5f04273dea451af02692d
84539f52dd0a7a28dd4834135d96f443ebd3e3e1bd78b554dc4665894622539d
8a5eff6b2a26d66b4be230af006f107d38fadf7db83fe68ab2cc2ad69dd80b21
8a920aefbb6f0d3d9b4136714b18008b1f3c3bf15f9ff950b44db082634baf2e
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf
8b55102f7932ed8c54236786087e7981d699068f74e4b5356a85a20cde0a0219
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c7d64db44f62b648f4e114668f4896040e4624b73a1c8e9f420739d2dc4eb2c
8e351ed427314575ebfbfe4e095649b28093e13fc979a6c1d62df1fd6a628659
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92115c9ee145a65046b4bb865c18604c3f5163cca8ccf7ec2f877ded88a2c675
93f5992488eebd57fbca877984cefa95ca91385fed675fe35fcdb091c145a8b0
94ce9b8053ba0fd11deb00ec655d32645dac5aabd04ec4b651d2ea7f8ddb0553
955c9900f91960383fb075846176206ea0807157b53c9404696aa8e630545d4d
960a06caaa261e56d506638ba77348972051e5733c179ba2694f18c443d18721
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f897200e2c7c8cd1e2c17c27ff653e0b1aff6ed8fff42469884d771b3f6cbf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af1419f08c7ad01ad81db54080b13c61de5f99b81a2336d4a84226ca724f404
9e5c0a086714dc65cf78373fbfe047a51dad1237497d6b66b024feb112e0535b
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a412151fea5de9da277d60303490d6ccf542befbc21df8ffedce861c84bfcc28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc
a56d7725b40ffe9d3ba00f024e204e190a246c1eb107a8c7380a969da4f3cfc2
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6edf029cf7b808c4cee5b82193250c6ab84be004a1c9373b32dcb24423882e5
a712597a16dcb93705964781b6d85c2c94d4501d38f0058bf8718893e9318d11
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5
aaecdd6f07145d077adb47fb32dd64099dc7a4520b910a73eeeee565f7bb43b4
ab2e41bc82336e77a895982ee30b23aaf8829646ae9dbce4c113adfbd4d59dc3
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b07bceb5fdabfe6d09e7e8ca7dfc6f7395d33650aa5b1a68fa954284cc74247d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16de86e6866109ec9241d8e3ccdafe95db05fe729ad41ca107477195a552bba
b2fc31bd1aaa1d9dfacd6c9b3664118c5f48cfd045b332b67a4f7d10cd14424a
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a
b46c796beda687303e48435d7cd49bef612835664ff8accb7a5cbd8a3c6da708
b69c1ee662af72e770d4e2fb06732b3a4a7fe69e9ed6f01b6bc9cda4cb077357
b6fecee3f1f99509c0b110177d0c334469d6b483c6931a73fdab36853498db8d
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b88279b5448e1b1a7b51cb4cd40eeb19d4766ec4913e1d854b045f3a3a8f89cf
b89be435897d895e354f5b1ad28b46b308546ba6f743032f8bc5a0e45e14fa27
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3d86ef05695fbe5bc4932e7dc4556634618a7eb342cec108854c72cf3f332f
bbe14620cc51ebfb2bea7cfb7b8476b5114063d955a2cf8e04324b4152ecc86a
bc10b61fb0e7fe1b852668f038ed3b66a20efbb8e97d6bab912670cc3b8c53ee
bd335f5ff437c7ae27ed3ec959b9d4c4fd4c6f2524f03d619e3c941fce31a29c
bd3918687e421e37364d1fc0699288a40608f880dffc76764da0e191facfa0d1
bdcb3c875b457a7ff992a0d874959df51acec37c8e61efb60ce9cc5e528528e0
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1
c19fa4d8a5e883107ebd3a1a327e436cb81fe45f44b44b017ca90320a4b59cfd
c216d22bee295ae90eed1f144fa624d315a1455c67b5d479856d31bc66cc61cd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c0a2c45c65cb3d835c934d24f7dc8d120a51934fb5daa533b9c23dbc47771f
c6ff8f8bf5b6cc962b4b1bebabbee2f67a91f858ec3701177b7358124add5c9d
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c9529f57b94083c65c1cc01970fb27d1b9e87e8cf7ff5c35570396b5d9bbccd1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cb7af12c359572f82f195baef33d545ca71dc04083f7cfd8ef7ee5d50c131bb4
ccab3df7523561a8fc4799ac33ca83d6dd04c0bad69888c91201bb25bcfb6cd8
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a
ce77174eef0423016226ada18c4ff9dd4538c55688c67a4b3aa3b7297fa8dd0e
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c65dd8c31e4530cb7bdc7698e8b9e16480561a7bb3ae75e8e6d738bce6835
d09c134d32af36bc0a0d548c97c280cbab1bdc65f50501726d878413bf48166d
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80
d404457fb49f54e5f4c9c2026cd51aba286197bb419f0f6b271505bd41bebf3d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d817fa127084fff34b0b4222a594485fbaee6cb65bc5e616a0c55d3525d5a79a
d81d2271d28ff156b882ca97e799f253d3a605bf10df1e6f5c9fc0733556548f
d89870adeb8d8ef78a9933261d341ae02671be9ebc88fd82d5c2984b97ba6008
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9d152985eff2984a9e73b6f153f3618a4e75ecce023d8f3417585558a3b0a13
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc38bb9634af1075fbf8a9684f88f08e7792df4e983d3c97ade1749234057929
dd03be2652a58d958488470060225e44c146f7a696933391c355eeee19b7b890
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
e06aa8032fa2e9fd4495643853fa91c3598940f8b45986cb4ae4300e8a2b136c
e38e5cc21222c8d9011f7bfb4fca3cd03da7ce3e45863ef35d1f65eed7867542
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e473efb030c7aa69e5a09e86c8376394de2264613b018c71dad21dd4d1ca0aea
e492f075b6b8306d2f2cf89261baf6ef0905ba4f230a86ec8a7e5e9a0b069b2d
e608b9da1a0304a165d06c483675ab0bfffce60cb40a37994450e3a8cf552945
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8bad44fd1a3479dbf853ad32c297e1dd38ea1d74404173b25b3f43f9bf2f8ed
e93f59058f312b5a89f1f683759f6d5b98d09607af18b6204e92a249e77b18f5
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ea56b1ba0d9c48b98236204ab5a2da35e9a4b1bb06fa68bc65c64cd2f0642a12
ea85d02ded9e4426ae38a608862a739cd2d7806e6a355fdff53654e35fe7c1ee
eb9daebaa2a418a696da6617aaa7d222e6c86815d9bcc3bc2df1a6cff874594e
eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d
f081e07581566638e02d79295bd0b94dca2b67ceedfc9062d52161ea8bbec7fd
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f34058e60af69ef73e774011954ba9d6232b4fa143930e3cec254c1db1722bcf
f3b69d8e55876400796e41ded306f3c224bbd6cddc81b168376100955551ca3b
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f48c942480d880cb38a956105efa2b8dc29804cb96eeb2ae56368a4e1589bd56
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755
f6abcb1c6449bdb41da1368b8dd620f47e40b2d88fcde83e8042e1f455342dbf
f6ebdde04d909c8e45968f20db43c1c8490a1d792611ec0ad53887ea7a2f8ef9
f78c70e057c4847ca4a6237de0d00804aeda78cd158145184c9fb0b7c72e4de4
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519
f8ef786d4f879b47e62f6d1d755b9b770b2e0b3aed6775c2f1b02c3d5b0ecd52
f94ee55945ab1c6c2b41f61204099aa5582b27a38fd5cc39689cb2199cfd68ee
f99bd20323a5c0d2fc57ff9c6c9c504d6dbdd2ed37d4a90ca103095ea71e5f92
fb1282c130fe1dd08d4c2695c1d68e07e93522aeed67ade84f20ec19aff81e55
fc71a238d72eb45640a601e15edc4bc6b8deff4ab0701311b61b95876e5f2589
fd7f7c0eaed7cb376b1595847f7341b572eac89439b6b705d4e39b2ab0878d0b
fd92ff5bcb19ef025cef4f38b293db773544174e222c97c6bccd03fad085670b