urlscan.io logo urlscan.io
SecurityTrails logo

www.upi.com Open in urlscan Pro
38.118.71.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://upi.com/
Effective URL: https://www.upi.com/
Submission: On July 17 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 11 countries across 85 domains to perform 359 HTTP transactions. The main IP is 38.118.71.121, located in United States and belongs to MANAGEDNODES, US. The main domain is www.upi.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 15th 2021. Valid for: 7 months.
This is the only time www.upi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 50 38.118.71.121 36106 (MANAGEDNODES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
6 32 2.18.234.21 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.224.96.72 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
7 68.71.249.118 20093 (ZEROLAG)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
4 13.224.90.44 16509 (AMAZON-02)
8 35.201.103.212 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.192.234.155 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 34.120.133.55 15169 (GOOGLE)
6 14 76.223.111.131 16509 (AMAZON-02)
1 52.17.241.173 16509 (AMAZON-02)
8 142.250.186.34 15169 (GOOGLE)
1 15 52.95.124.165 16509 (AMAZON-02)
2 151.101.13.194 54113 (FASTLY)
2 2600:9000:219... 16509 (AMAZON-02)
5 8 2620:116:800d... 16509 (AMAZON-02)
3 3 185.33.221.90 29990 (ASN-APPNEX)
8 9 185.64.189.216 62713 (AS-PUBMATIC)
23 29 142.250.186.98 15169 (GOOGLE)
11 24 185.64.190.80 62713 (AS-PUBMATIC)
1 3 185.64.189.114 62713 (AS-PUBMATIC)
2 193.122.174.27 31898 (ORACLE-BM...)
1 1 146.0.227.107 29066 (VELIANET-...)
2 2 88.214.206.247 46636 (NATCOWEB)
4 37.252.161.190 29990 (ASN-APPNEX)
14 136.144.58.223 54825 (PACKET)
2 2.18.232.7 16625 (AKAMAI-AS)
4 184.31.84.150 16625 (AKAMAI-AS)
5 24 35.244.159.8 15169 (GOOGLE)
2 18.195.223.2 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 14 185.33.221.15 29990 (ASN-APPNEX)
2 2600:9000:219... 16509 (AMAZON-02)
2 178.162.133.150 60781 (LEASEWEB-...)
2 178.250.0.165 44788 (ASN-CRITE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 1 13.224.96.34 16509 (AMAZON-02)
4 21 34.254.122.11 16509 (AMAZON-02)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (TURN)
3 2.18.233.180 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
5 5 3.126.56.137 16509 (AMAZON-02)
4 4 13.248.245.213 16509 (AMAZON-02)
8 9 37.157.4.23 198622 (ADFORM)
6 2a00:1450:400... 15169 (GOOGLE)
1 5 69.173.144.138 26667 (RUBICONPR...)
22 2a00:1450:400... 15169 (GOOGLE)
4 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 1 18.158.174.89 16509 (AMAZON-02)
2 5 52.46.154.242 16509 (AMAZON-02)
5 5 151.101.14.49 54113 (FASTLY)
1 1 52.45.55.28 14618 (AMAZON-AES)
2 2 135.125.8.70 16276 (OVH)
1 2 35.170.231.210 14618 (AMAZON-AES)
1 68.71.249.120 20093 (ZEROLAG)
5 6 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
7 7 185.29.133.58 30419 (MEDIAMATH...)
5 2a00:1450:400... 15169 (GOOGLE)
4 4 72.251.249.9 29791 (VOXEL-DOT...)
4 4 52.59.102.119 16509 (AMAZON-02)
11 12 3.121.79.35 16509 (AMAZON-02)
2 2 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 54.209.16.83 14618 (AMAZON-AES)
2 2 52.205.83.58 14618 (AMAZON-AES)
2 38.91.45.7 398989 (DEEPINTENT)
2 2 35.156.198.184 16509 (AMAZON-02)
6 6 213.19.147.45 26120 (RHYTHMONE)
4 5 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.138.119 201081 (SMARTADSE...)
1 208.100.17.180 32748 (STEADFAST)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.42 2514 (INFOSPHER...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
4 178.162.133.149 60781 (LEASEWEB-...)
12 12 52.16.214.249 16509 (AMAZON-02)
2 2 199.187.193.192 47043 (SMARTADSE...)
1 1 51.75.146.162 16276 (OVH)
1 178.250.0.163 44788 (ASN-CRITE...)
1 35.244.174.68 15169 (GOOGLE)
1 159.253.128.188 36351 (SOFTLAYER)
1 52.45.128.104 14618 (AMAZON-AES)
1 2 38.67.14.233 174 (COGENT-174)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 34.224.231.148 14618 (AMAZON-AES)
2 2 35.210.178.101 15169 (GOOGLE)
1 2 54.171.173.220 16509 (AMAZON-02)
1 1 35.241.40.233 15169 (GOOGLE)
359 82
50    38.118.71.121 (United States)

ASN36106 (MANAGEDNODES, US)
upi.com
www.upi.com
cdnph.upi.com
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
1    2600:9000:21f3:6c00:f:baea:96c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3terveqlssriz.cloudfront.net
32    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    13.224.96.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-72.zrh50.r.cloudfront.net
cdn.p-n.io
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)
udmserve.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
8    35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com
breakfastboat.com
1    2600:9000:2190:2000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.192.234.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-234-155.compute-1.amazonaws.com
ping.chartbeat.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
14    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    52.17.241.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
8    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
15    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    2600:9000:2190:4200:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
8    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
9    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
29    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
24    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    146.0.227.107 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
4    37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
14    136.144.58.223 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
4    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
24    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
upi-d.openx.net
underdogmedia-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2    18.195.223.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
krk.kargo.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
14    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2600:9000:2190:9e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    13.224.96.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-34.zrh50.r.cloudfront.net
s.ad.smaato.net
21    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
3    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
9    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
22    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
4    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.158.174.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
5    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.45.55.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu
gu.dyntrk.com
2    35.170.231.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-231-210.compute-1.amazonaws.com
um2.eqads.com
1    68.71.249.120 (United States)

ASN20093 (ZEROLAG, US)
PTR: underdogmedia.com
edge.udmserve.net
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
7    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
12    3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
2    54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    52.205.83.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    35.156.198.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.138.119 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    208.100.17.180 (United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    124.146.215.42 (Minato-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
12    52.16.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    51.75.146.162 (France)

ASN16276 (OVH, FR)
ws.rqtrk.eu
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
2    38.67.14.233 (United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    34.224.231.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
a.volvelle.tech
2    54.171.173.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
Apex Domain
Subdomains		 Transfer
50 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
198 KB
50 upi.com
upi.com
www.upi.com
cdnph.upi.com
2 MB
42 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
simage2.pubmatic.com
image6.pubmatic.com
39 KB
32 googlesyndication.com
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
187 KB
31 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
33 KB
24 openx.net
upi-d.openx.net
underdogmedia-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
6 KB
24 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
48 KB
21 gumgum.com
rtb.gumgum.com
6 KB
21 adnxs.com
secure.adnxs.com
prebid.adnxs.com
ib.adnxs.com
21 KB
14 a-mo.net
prebid.a-mo.net
4 KB
14 adsrvr.org
match.adsrvr.org
5 KB
13 rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
18 KB
12 bidr.io
match.prod.bidr.io
6 KB
12 bidswitch.net
x.bidswitch.net
5 KB
10 google.com
adservice.google.com
www.google.com
1 KB
9 adform.net
c1.adform.net
4 KB
9 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
8 quantserve.com
secure.quantserve.com
pixel.quantserve.com
12 KB
8 breakfastboat.com
breakfastboat.com
208 KB
8 udmserve.net
udmserve.net
edge.udmserve.net
8 KB
7 mathtag.com
sync.mathtag.com
3 KB
6 googletagservices.com
www.googletagservices.com
201 KB
6 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
7 KB
5 contextweb.com
bh.contextweb.com
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 indexww.com
js-sec.indexww.com
17 KB
4 1rx.io
sync.1rx.io
2 KB
4 advertising.com
pixel.advertising.com
1 KB
4 lijit.com
ap.lijit.com
2 KB
4 2mdn.net
s0.2mdn.net
457 KB
4 googleusercontent.com
lh6.googleusercontent.com
lh4.googleusercontent.com
111 KB
4 3lift.com
eb2.3lift.com
1 KB
4 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
1 KB
4 gstatic.com
fonts.gstatic.com
79 KB
3 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1 KB
3 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
284 B
3 facebook.net
connect.facebook.net
71 KB
3 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
279 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 mxptint.net
pmp.mxptint.net
967 B
2 criteo.net
static.criteo.net
53 KB
2 creativecdn.com
creativecdn.com
695 B
2 rfihub.com
p.rfihub.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 360yield.com
ad.360yield.com
615 B
2 deepintent.com
match.deepintent.com
60 B
2 ipredictive.com
sync.ipredictive.com
950 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 eqads.com
um2.eqads.com
563 B
2 dyntrk.com
gu.dyntrk.com
1 KB
2 turn.com
ad.turn.com
936 B
2 quantcount.com
rules.quantcount.com
1 KB
2 kargo.com
krk.kargo.com
948 B
2 teads.tv
a.teads.tv
719 B
2 admanmedia.com
cs.admanmedia.com
803 B
2 technoratimedia.com
sync.technoratimedia.com
585 B
2 underdog.media
bid.underdog.media
157 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
78 KB
2 rlcdn.com
api.rlcdn.com
idsync.rlcdn.com
284 B
2 facebook.com
www.facebook.com
248 B
2 chartbeat.net
ping.chartbeat.net
401 B
2 clean.gg
i.clean.gg
104 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 brand-display.com
dmp.brand-display.com
335 B
1 extend.tv
sync.extend.tv
546 B
1 adentifi.com
rtb.adentifi.com
88 B
1 simpli.fi
um.simpli.fi
609 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 socdm.com
tg.socdm.com
835 B
1 emxdgt.com
cs.emxdgt.com
1 33across.com
ssc-cms.33across.com
1 zemanta.com
b1sync.zemanta.com
281 B
1 outbrain.com
sync.outbrain.com
627 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
375 B
1 sharethrough.com
match.sharethrough.com
256 B
1 smaato.net
s.ad.smaato.net
561 B
1 google.ch
adservice.google.ch
853 B
1 admixer.net
inv-nets.admixer.net
472 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 p-n.io
cdn.p-n.io
70 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 cloudfront.net
d3terveqlssriz.cloudfront.net
37 KB
359 85
Domain Requested by
36 cdnph.upi.com www.upi.com
29 cm.g.doubleclick.net 23 redirects u.openx.net
aax-eu.amazon-adsystem.com
eu-u.openx.net
rtb.gumgum.com
22 tpc.googlesyndication.com 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
d3terveqlssriz.cloudfront.net
21 rtb.gumgum.com 4 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
15 aax-eu.amazon-adsystem.com 1 redirects d3terveqlssriz.cloudfront.net
aax-eu.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
ads.pubmatic.com
14 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
14 ib.adnxs.com 9 redirects bid.underdog.media
www.upi.com
14 prebid.a-mo.net www.upi.com
bid.underdog.media
14 match.adsrvr.org 6 redirects js-sec.indexww.com
u.openx.net
ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
eu-u.openx.net
13 simage2.pubmatic.com 2 redirects rtb.gumgum.com
www.upi.com
ads.pubmatic.com
12 match.prod.bidr.io 12 redirects
12 x.bidswitch.net 11 redirects rtb.gumgum.com
12 googleads.g.doubleclick.net www.upi.com
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
12 www.upi.com www.upi.com
d3terveqlssriz.cloudfront.net
11 image2.pubmatic.com 9 redirects ads.pubmatic.com
10 eu-u.openx.net 3 redirects u.openx.net
d3terveqlssriz.cloudfront.net
eu-u.openx.net
9 www.google.com 4 redirects 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
d3terveqlssriz.cloudfront.net
9 c1.adform.net 8 redirects ads.pubmatic.com
9 us-u.openx.net 2 redirects u.openx.net
eu-u.openx.net
www.upi.com
9 image8.pubmatic.com 8 redirects ads.pubmatic.com
8 securepubads.g.doubleclick.net d3terveqlssriz.cloudfront.net
securepubads.g.doubleclick.net
www.upi.com
8 breakfastboat.com d3terveqlssriz.cloudfront.net
7 sync.mathtag.com 7 redirects
7 pixel.quantserve.com 5 redirects www.upi.com
7 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 udmserve.net www.upi.com
d3terveqlssriz.cloudfront.net
6 www.googletagservices.com d3terveqlssriz.cloudfront.net
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
5 bh.contextweb.com 4 redirects www.upi.com
5 pagead2.googlesyndication.com www.upi.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 token.rubiconproject.com 4 redirects aax-eu.amazon-adsystem.com
5 sync-tm.everesttech.net 5 redirects
5 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 1 redirects aax-eu.amazon-adsystem.com
5 ups.analytics.yahoo.com 5 redirects
5 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com d3terveqlssriz.cloudfront.net
5 js-sec.indexww.com www.upi.com
d3terveqlssriz.cloudfront.net
ssum-sec.casalemedia.com
4 sync.go.sonobi.com www.upi.com
4 sync.1rx.io 4 redirects
4 pixel.advertising.com 4 redirects
4 ap.lijit.com 4 redirects
4 s0.2mdn.net 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
4 eb2.3lift.com 4 redirects
4 htlb.casalemedia.com www.upi.com
bid.underdog.media
4 prebid.adnxs.com www.upi.com
4 fonts.gstatic.com fonts.googleapis.com
4 c.amazon-adsystem.com d3terveqlssriz.cloudfront.net
c.amazon-adsystem.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 connect.facebook.net www.upi.com
d3terveqlssriz.cloudfront.net
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 a.volvelle.tech 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 rtb-csync.smartadserver.com 2 redirects
2 static.criteo.net d3terveqlssriz.cloudfront.net
static.criteo.net
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 lh4.googleusercontent.com 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
2 lh6.googleusercontent.com 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 ad.turn.com 2 redirects
2 hbopenbid.pubmatic.com bid.underdog.media
2 bidder.criteo.com bid.underdog.media
2 apex.go.sonobi.com bid.underdog.media
2 underdogmedia-d.openx.net bid.underdog.media
2 rules.quantcount.com d3terveqlssriz.cloudfront.net
2 krk.kargo.com www.upi.com
2 upi-d.openx.net www.upi.com
2 a.teads.tv www.upi.com
2 cs.admanmedia.com 2 redirects
2 sync.technoratimedia.com www.upi.com
rtb.gumgum.com
2 bid.underdog.media d3terveqlssriz.cloudfront.net
www.upi.com
2 confiant-integrations.global.ssl.fastly.net d3terveqlssriz.cloudfront.net
2 www.facebook.com www.upi.com
2 ping.chartbeat.net www.upi.com
2 i.clean.gg d3terveqlssriz.cloudfront.net
2 www.google-analytics.com www.upi.com
2 ajax.googleapis.com www.upi.com
2 upi.com 2 redirects
1 casale-match.dotomi.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 sync.extend.tv 1 redirects
1 gum.criteo.com d3terveqlssriz.cloudfront.net
1 rtb.adentifi.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 idsync.rlcdn.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 ssc-cms.33across.com rtb.gumgum.com
1 ssbsync.smartadserver.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.outbrain.com 1 redirects
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 edge.udmserve.net bid.underdog.media
1 beacon.lynx.cognitivlabs.com 1 redirects
1 match.sharethrough.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 u.openx.net aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 adservice.google.com d3terveqlssriz.cloudfront.net
1 adservice.google.ch d3terveqlssriz.cloudfront.net
1 inv-nets.admixer.net 1 redirects
1 secure.quantserve.com d3terveqlssriz.cloudfront.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 static.adsafeprotected.com www.upi.com
1 api.rlcdn.com js-sec.indexww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.chartbeat.com d3terveqlssriz.cloudfront.net
1 cdn.p-n.io www.upi.com
1 cdn.onesignal.com www.upi.com
1 d3terveqlssriz.cloudfront.net www.upi.com
1 fonts.googleapis.com www.upi.com
359 128
Subject Issuer Validity Valid
*.upi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-15 -
2021-12-26		 7 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
pushlycdn.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
udmserve.net
DigiCert SHA2 High Assurance Server CA		 2019-07-15 -
2021-10-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2021-06-28 -
2021-09-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
breakfastboat.com
R3		 2021-06-26 -
2021-09-24		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
www.underdog.media
DigiCert SHA2 High Assurance Server CA		 2019-07-16 -
2021-10-18		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.google.ch
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-07-08 -
2021-08-25		 2 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.mxptint.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-29 -
2022-07-07		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 51 frames:

Primary Page: https://www.upi.com/
Frame ID: 226020CAD0CB47C834EE5B6E38FFC0BB
Requests: 165 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Frame ID: 7746ABA6F54D681F267DE01D4028BBD1
Requests: 1 HTTP requests in this frame

Frame: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 847BA9E44F75724FD59F9B5AD32511E5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 72A42BD483D97516B9F637AB021C546A
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 2622948DF06CD73BAA1532FF8196615E
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: EAEB92B2C7868DF8597103BC37415D79
Requests: 9 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Frame ID: 2D7E70245E7F9B79E21702E0961B651A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 41A508FF50E6AF4173958F2CBAD6F831
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=districtm
Frame ID: 2559499109B6160A3378997A626035C8
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 310CF7EC41BDF8B4CC6711F8A0384878
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4048867820032136168
Frame ID: 8F5E7D552735B68D8D9D0FC33F0D20D8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 9EC975BC2D340B50E1F762C02BDE176C
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: DD0486FCA2ECCEE42FC8F361AA72B5AB
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-iF4Y2b11l2OoQqLzawDR_K.hmvUYb6w-&
Frame ID: 5A018261A44CFDBA276181CBC604629C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=appnexus.com
Frame ID: 92C3922544E727FCD1793ECED490E9FC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14867232644360973763
Frame ID: C0A2C66AC1E59A75CE1D157AB5481DB7
Requests: 1 HTTP requests in this frame

Frame: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9C81D478D60DE2CF545867648D7A8632
Requests: 14 HTTP requests in this frame

Frame: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7CEC5AE6E6A634B24D31EE5ABC4F7BB2
Requests: 14 HTTP requests in this frame

Frame: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 53B6A9CD520D5DFE196584D43D078BCA
Requests: 13 HTTP requests in this frame

Frame: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC9543A147EF45ED853041516C325097
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DD48EC57770CA83E31672D0293EA1D6D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D4571F1415E720A6FAD36E70D29A6DF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A0D387338E4A703F4071713B1AB95B33
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 45E7D60DB13C6D5E8F6F4A5D12AAFDEF
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1626487973269_403894_185.156.175.109;mid=43264;zzz=1;version=v2.7.8-confiant;cb=0.2811363064145902;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1626487973269_403894_185.156.175.109
Frame ID: C9BA24ABB0EBF7883196BC3C98F27E5D
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: A7356959777610501615FB54E0E6E91D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Frame ID: 97D4072E78E65D22C2A17F157A5098CD
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Frame ID: 7FC1D17CE82C17401156AC9185D0AF9B
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9210FA9629B3CB264F18A00119AB3BE5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 00B73919276688DE7D245B35C51607E9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
Frame ID: 3828E558F284CED3772ED7D3ADB49A97
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
Frame ID: CDC490B14762BFADEBB904616F0206EA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iNDBkZjE2My01YWFlLTQ3ZjEtOTg1OC1jMjZhMTA1ZjljNzY=&gdpr=&gdpr_consent=
Frame ID: EF989B7B418880537254DFA61E98FE4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 21468D9C6D28A9EEB1DBE8D139ADE071
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 56F86218FADE57A088CEB3BA9E345A7B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
Frame ID: CC2FBEA89229FAA1C8917932F742D08A
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 731EE356C709C987A190193DF480AD28
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
Frame ID: 1AC99848D869B3CF0B7D98E8E461B43E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316021662915401
Frame ID: D8884C0543DC71DF6234163F83EAAFEB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
Frame ID: E2F6D7F82D783F3181CDC40A64B1DAD3
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Frame ID: D4918DE38AB6DA72120EA28DCA5AC216
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
Frame ID: E9CBEEDE181D2DE7EA805B884B3C8131
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F6B30F9045D420B02C611E01DAC7AD1C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
Frame ID: A4B9CADB31E32D14B10352567F89489C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: ED0024D8C0CC2613D4D9ADF7EFF77D6F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4C9E5932-6DD2-4C44-AF31-BEF85A292832&ex=pubmatic.com
Frame ID: 67C814471D3D3E79F47AB97CBE62BC4F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
Frame ID: B4B747C2F303CEFDAEDA6A877E8A15CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BAE3AF2DB7CD165026EAF81C1A1D83C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40D135B5D6B38D3DBE68E99FD51107FA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D9A7E36458571906A7B9C100B367367D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B55BB403F180EC3F5581B8A3C4970F09
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://upi.com/ HTTP 301
    https://upi.com/ HTTP 301
    https://www.upi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

359
Requests

100 %
HTTPS

28 %
IPv6

85
Domains

128
Subdomains

82
IPs

11
Countries

3966 kB
Transfer

8147 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://upi.com/ HTTP 301
    https://upi.com/ HTTP 301
    https://www.upi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Request Chain 90
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7310218954674835410
Request Chain 91
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU3RTQxMDQtNTJDOC00Nzg4LUI5MkEtNEM1RTg3MjkwN0My&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU3RTQxMDQtNTJDOC00Nzg4LUI5MkEtNEM1RTg3MjkwN0My&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DD57E4104-52C8-4788-B92A-4C5E872907C2 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=D57E4104-52C8-4788-B92A-4C5E872907C2
Request Chain 93
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;admix=34d6781e9d8048c68da19cf42e51875e
Request Chain 94
  • https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;acu=128ec410fb40a005b7628f3dcf5f4c012252cf21
Request Chain 112
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7310218954674835410
Request Chain 124
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=23cc5672dac2b6560b02
Request Chain 127
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Request Chain 129
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=districtm
Request Chain 131
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4048867820032136168
Request Chain 134
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-iF4Y2b11l2OoQqLzawDR_K.hmvUYb6w-&
Request Chain 135
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=appnexus.com
Request Chain 136
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14867232644360973763
Request Chain 140
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=KypecC55WXcwe1xzeygVcCR-AXYwf15zLntJ-Ulg
Request Chain 141
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5636919828085497005
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTMaFPMhfEBTnZwPXvaryM&google_cver=1
Request Chain 146
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KR74Y0VS-1N-DHD9&gdpr=0
Request Chain 180
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=14867232644360973763
Request Chain 205
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=6c008aa6-e845-45c5-8a19-30026a89570e
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 207
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 208
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 209
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8paPz_8gKevC8S4Co8gAABJ8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJCsccwNOb7Xyza9qKN85l8&google_cver=1
Request Chain 215
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8paPz-8gKevC8S4Co8gAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YPI8paPz-8gKevC8S4Co8gAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL61CzXEOn75qJBDjsWnunE&google_cver=1
Request Chain 217
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YPI8pwAC8tHmCwA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPI8pwAC8tHmCwA4&_test=YPI8pwAC8tHmCwA4
Request Chain 218
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=db2cad8a-8e9a-45d8-9fec-a0c2aaad4646&expiration=1658023976
Request Chain 219
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60f23ca82596d&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60f23ca82596d
Request Chain 221
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 224
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KR74Y1U8-1Z-CIIF&ex=d-rubiconproject.com&status=ok
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRDFjss2-_r3lIs1T8ep-A&google_cver=1
Request Chain 226
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KR74Y1U8-1Z-CIIF&sigv=1&esig=2~4cbbaa67911daef7c09787ad11a92501d61d2f91
Request Chain 227
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8fjnbT74YbNZ-MUjKfKBpsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4967994315958275909
Request Chain 228
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdkZmFjNjExOWNkYTM0ODY5MGE0ZDdiYTdmMDRlM2U5Y2YwYzQ0Nw
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1I3NFkxVTgtMVotQ0lJRg==
Request Chain 230
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPI8pwAC8tHmCwA4
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Request Chain 237
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Request Chain 238
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Request Chain 241
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=sovrn&uid=f6db5458e0c58ee980b0e5a7
Request Chain 242
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D200534c6-7993-4ecf-b5ec-8e1808601b89%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=appnexus&uid=7391310757688800604
Request Chain 244
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89 HTTP 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89&apid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Request Chain 245
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Request Chain 247
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RVvNEkAIyhheCM1DS1uGGUdZkkVeXM5GEFI1l0XT
Request Chain 248
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3117753277195830633
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
Request Chain 252
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Request Chain 253
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=0ddPxNSESM7KhE-Q3tYEwIHWG8HK1U_P0N_BH-SB
Request Chain 254
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3492398545087167213
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
Request Chain 265
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7391310757688800604
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=Ubsx8VToNvtK6DGlXrp69QG6ZfRKuTH6ULMXBNyU
Request Chain 267
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29
Request Chain 268
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=c31a500a-cff4-0c2d-0e8b-b4416e0e4f8b
Request Chain 269
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-06ae8219-6549-49e4-5c2c-f1710d996670$ip$185.156.175.109
Request Chain 270
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-xNycbHBE2peDeKev5PiYxfi.ledU1avTC30W~A
Request Chain 271
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=82832580-e6a4-11eb-98c1-f311d18549d8
Request Chain 274
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 275
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=81318d99-60ad-4495-8a71-a1ac082c8fc8
Request Chain 276
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5111571601 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/97958d5c-c545-4d55-810d-b5fa89491ff0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
Request Chain 277
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=XK7zLj5vN2BP&ev=1&pid=558355
Request Chain 278
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=8855074365182534805&gdpr=1&gdpr_consent=
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
Request Chain 287
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
Request Chain 288
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316021662915401
Request Chain 289
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
Request Chain 293
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=97958d5c-c545-4d55-810d-b5fa89491ff0&pubid=5fa6044d8d
Request Chain 294
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Request Chain 295
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a31f7619-a863-4ba9-b420-86d41a8dc634&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDT3VVN0I1SGtBQUVBUVREYURFUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOuU7B5HkAAEAQTDaDEQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACOuU7B5HkAAEAQTDaDEQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACOuU7B5HkAAEAQTDaDEQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOuU7B5HkAAEAQTDaDEQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8855074365182534805 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACYeE7B5HkAAECoi_ebXA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AACYeE7B5HkAAECoi_ebXA
Request Chain 296
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Request Chain 297
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6d510ca2-56d1-412a-baab-c94240b79ed2&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NXJOelhZaTAyZHNreG03RFlNTTg1Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEA--BEdSLQsch7NpCC0KnqA&google_cver=1
Request Chain 298
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=sovrn&uid=f6bc801ab39a2a42e9a65ce1
Request Chain 299
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f HTTP 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f&apid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Request Chain 300
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159955 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81866b81-9739-4616-9bf4-d80328ccfc71&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 301
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739028400046330
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=81866b81-9739-4616-9bf4-d80328ccfc71&google_hm=ODE4NjZiODEtOTczOS00NjE2LTliZjQtZDgwMzI4Y2NmYzcx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEO0QSLmb8wrz6Z-b6yzQHOk&google_cver=1&ssp=sonobi&bsw_param=81866b81-9739-4616-9bf4-d80328ccfc71 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=81866b81-9739-4616-9bf4-d80328ccfc71
Request Chain 303
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Request Chain 304
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=appnexus&uid=7391310757688800604
Request Chain 310
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbmpFN0I1SGtBQURfTEZ6WHItdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABnjE7B5HkAAD_LFzXr-w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABnjE7B5HkAAD_LFzXr-w&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOuU7B5HkAAEAQTDaDEQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8855074365182534805 HTTP 303
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8855074365182534805&_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
Request Chain 312
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6661306663 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/97958d5c-c545-4d55-810d-b5fa89491ff0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJ5ZMm3STESvMb74WikoMg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM5RTU5MzItNkREMi00QzQ0LUFGMzEtQkVGODVBMjkyODMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97958d5c-c545-4d55-810d-b5fa89491ff0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Request Chain 320
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7738160339778704360&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJir2PcyjMN81Dy55588qF8&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPI8pwAC8tHmCwA4&gdpr=0&gdpr_consent=
Request Chain 323
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=0&gdpr_consent=
Request Chain 325
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P_e8CVFE2uU0gp.a7WuhPgngBbs9g2k-~A&gdpr=0&gdpr_consent=
Request Chain 327
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391310757688800604&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Request Chain 330
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8294d995-e6a4-11eb-8c2d-834054f6d847&gdpr=0&gdpr_consent=
Request Chain 331
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E056A41E_185E58043&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 332
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348&gdpr=0&gdpr_consent=
Request Chain 333
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z8qFD8qZggXUmYVbwMvOC5_L0QrUyIUEzsJOcXD7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 341
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 343
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8shbVNWYtp.kqbRj7hgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YPI8shbVNWYtp.kqbRj7hgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKn3xCRTbIzHJMcMScupDAg&google_cver=1&google_hm=2
Request Chain 344
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP6usWVpRlPQ6I5_vEpE3no&google_cver=1
Request Chain 347
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7888610994366998607
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1409829904870852739&expiration=1627697586
Request Chain 349
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b3bf0707-90bf-4a68-9f85-c85fe6de60d8
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=57183e5a-c59d-464b-bf77-e0f8dbf31a10 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=57183e5a-c59d-464b-bf77-e0f8dbf31a10 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=e32bf1a2-7a27-48e1-8344-a298af024c14&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57183e5a-c59d-464b-bf77-e0f8dbf31a10
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJohG2JTpDeCqijmzbKzoOQ&google_cver=1
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8shbVNWYtp.kqbRj7hgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHXldawM3WG2uVfXkT2vh18&google_cver=1&google_hm=2
Request Chain 355
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Request Chain 356
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr=
Request Chain 357
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=db776c03-a7ab-86f2-ad3faffe
Request Chain 358
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=WoBwDx9eTcRR5UIImRAyH7mcr20
Request Chain 359
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1626574386

359 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.upi.com/
Redirect Chain
  • http://upi.com/
  • https://upi.com/
  • https://www.upi.com/
109 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
4ae038b0e2740851d7ccec5d785ac575444525bb05ab6ac84d5a407be2241815
Security Headers
Name Value
Content-Security-Policy frame-ancestors frame-ancestors 'self'
X-Frame-Options 'SAMEORIGIN'

Request headers

Host
www.upi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:51 GMT
Server
Apache
Pragma
public
Cache-Control
maxage=60
Expires
Sat, 17 Jul 2021 02:13:51 GMT
Content-Security-Policy
frame-ancestors frame-ancestors 'self'
X-Frame-Options
'SAMEORIGIN'
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
X-Cacheable
Y
Content-Encoding
gzip
X-Varnish
257207021
Age
0
Via
1.1 varnish (Varnish/6.6)
X-Cached
0
Accept-Ranges
bytes
Transfer-Encoding
chunked

Redirect headers

Date
Sat, 17 Jul 2021 02:12:51 GMT
Server
Apache
Location
https://www.upi.com/
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
X-Cacheable
Y
X-Varnish
257207018
Age
0
Via
1.1 varnish (Varnish/6.6)
X-Cached
0
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43a53af989b537e12e404d3f2a032228d3319875e413dfb86ffd994864613763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Jul 2021 02:12:52 GMT
server
ESF
date
Sat, 17 Jul 2021 02:12:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Jul 2021 02:12:52 GMT
upi.v162255621.css
www.upi.com/inc/css/ 		278 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
be0758d3636d0a8d39e8d8e724c5d3490da25e755fd072c37ee527490a1e0ac3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.upi.com/
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Content-Encoding
gzip
X-Cacheable
Y
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Via
1.1 varnish (Varnish/6.6)
Cache-Control
maxage=3600
X-Varnish
257207025
Accept-Ranges
bytes
Content-Length
47651
X-Cached
0
Expires
Sat, 17 Jul 2021 03:12:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Jul 2022 02:03:03 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:07:12 GMT
x-content-type-options
nosniff
age
340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253668
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Jul 2022 02:07:12 GMT
jquery.ph_ss.v5.js
www.upi.com/upi/dw/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/upi/dw/js/jquery.ph_ss.v5.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
8d8109ee8bad7d61e66b831ffbd0138ad5a41cbf7e2a97b1ac2dc24ab6477147

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.upi.com/
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Content-Encoding
gzip
X-Cacheable
Y
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Via
1.1 varnish (Varnish/6.6)
Cache-Control
maxage=600
X-Varnish
257372043
Accept-Ranges
bytes
Content-Length
2041
X-Cached
0
Expires
Sat, 17 Jul 2021 02:22:52 GMT
f.v1781483897.js
www.upi.com/inc/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/inc/js/f.v1781483897.js?fp=1&ss=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c3ae3e63a0188892928a6205560015f182ebf4cc2e8e5f3c81fecf512f87e3ea

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.upi.com/
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Content-Encoding
gzip
X-Cacheable
Y
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Via
1.1 varnish (Varnish/6.6)
Cache-Control
maxage=3600
X-Varnish
257594338
Accept-Ranges
bytes
Content-Length
22050
X-Cached
0
Expires
Sat, 17 Jul 2021 03:12:52 GMT
script.js
d3terveqlssriz.cloudfront.net/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3terveqlssriz.cloudfront.net/script.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6c00:f:baea:96c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0da20e06f55ad40ca9eedc09a46fd0ebda248b10188ebe8004219009cb0ca139

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:09:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 14:57:34 GMT
server
AmazonS3
age
237
etag
W/"fae487c888507f108026c1a899274f9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YkixX02ONis_SYcV63sUs5fqJNLqrlEUiuZN74EkXRCaXdT-hb8SYg==
185646-27948212525613.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b421b28dce3e9701b38a2c6e7b309c454af094e19392435fc50b31fd18011673

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:52 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Jul 2021 02:10:30 GMT
Server
Apache
ETag
"905908-930a-5c748355d0dd7"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12787
Expires
Sat, 17 Jul 2021 03:12:52 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
782
etag
W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
66fff2a40d07d6c9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Tue, 20 Jul 2021 02:12:52 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		350 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=si5maBoKqKuV2EnMkReTWgLs2x1JnVyCAxVm
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-72.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c88ff75234fe2e63ea14e92cca5b7f506aef6c9b192fe4702e126da9b2f524c1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:11:10 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 16:10:50 GMT
server
AmazonS3
age
804
etag
W/"94d70861c7f78e51fb4c52ca18392a6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
AvHboCb3XOWwNtEafX2Yz5iUWZH-_ov5h197Ces1FwDovlhfykhySw==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e39aafbfe069794ed20f743f47908a08c9cd3b293c7fdaa0ef9083b4f5cd5994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.upi.com
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RVFUwZsH4uTfltr74lqPRQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
Pv+KrrHiK38Qvx2M7WXLFYplZzVZVCveG6wmzeKBftXcWHB5f7saEGtoswEQqgYkYmUWP7f0v3n5TLQhLvb+tA==
x-fb-trip-id
686109401
x-fb-content-md5
d86b6f3445d0b785c2c3e215b95b1b45
x-frame-options
DENY
date
Sat, 17 Jul 2021 02:12:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"61a79a1cafe9f93d6654ed3149fd04f8"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 Jul 2021 02:32:46 GMT
ss_la.png
www.upi.com/upi/dw/img/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upi.com/upi/dw/img/ss_la.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
38e7a6e16426441763900de1d3d44b17d1a5505b65840e1436d986d2e927263a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Thu, 20 Oct 2016 14:46:11 GMT
Server
Apache
Age
0
ETag
"386-53f4cfc9152c0"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=604800
X-Varnish
257147125
Accept-Ranges
bytes
Content-Length
902
X-Cached
0
ss_ra.png
www.upi.com/upi/dw/img/ 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upi.com/upi/dw/img/ss_ra.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
9b7d7f00f9cfab9ef26c0d958383012cf93149e8a27fc98d0eb76e6ae6d77510

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:57 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Thu, 20 Oct 2016 14:46:11 GMT
Server
Apache
Age
0
ETag
"37b-53f4cfc9152c0"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=604800
X-Varnish
257372048
Accept-Ranges
bytes
Content-Length
891
X-Cached
0
Western-Europe-floods-More-than-125-dead-and-over-1000-missing.jpg
cdnph.upi.com/related/3501626478348/1/v1.2/eaa879731f50c3c3e07b1200ce272fd5/upi_com/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3501626478348/1/v1.2/eaa879731f50c3c3e07b1200ce272fd5/upi_com/Western-Europe-floods-More-than-125-dead-and-over-1000-missing.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c61ce87f5331d86b9875542d040e0de868b02035280ae329b35494e9b1d0822b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:33:30 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257187759
Accept-Ranges
bytes
Content-Length
73521
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
CDC-head-says-COVID-19-is-becoming-pandemic-of-the-unvaccinated.jpg
cdnph.upi.com/related/3501626478348/2/v1.2/977397f3e7ed0aac257fb0ef4136ae31/upi/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3501626478348/2/v1.2/977397f3e7ed0aac257fb0ef4136ae31/upi/CDC-head-says-COVID-19-is-becoming-pandemic-of-the-unvaccinated.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
8b6fbedb47723d0c646f33adae08be260e63526cbb4e12e80fbc8ee111aa5ab0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:33:38 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256271641
Accept-Ranges
bytes
Content-Length
33502
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Texas-judge-orders-federal-government-to-stop-granting-new-DACA-applications.jpg
cdnph.upi.com/related/3501626478348/3/v1.2/10f00e31c65611c518ec832e31136191/upi/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3501626478348/3/v1.2/10f00e31c65611c518ec832e31136191/upi/Texas-judge-orders-federal-government-to-stop-granting-new-DACA-applications.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
e703434666c5b1c57bc70f376a57fd6ebaeab1e31657d3ff30ce03fb569002cb

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:57 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:33:10 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257187761
Accept-Ranges
bytes
Content-Length
81421
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:57 GMT
Weekend-sports-British-Open-NBA-Finals-MLB-and-NASCAR.jpg
cdnph.upi.com/related/3501626478348/4/v1.2/68ab6ebeb0846a494d00208f4ba6dd7d/upi/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3501626478348/4/v1.2/68ab6ebeb0846a494d00208f4ba6dd7d/upi/Weekend-sports-British-Open-NBA-Finals-MLB-and-NASCAR.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
0b88e4978204648bdd7b44633e2fa5ccb386dafe1e202e04e2ae96b6c0aa0e26

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:33:05 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257207030
Accept-Ranges
bytes
Content-Length
42348
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Schitts-Creek-vets-Sarah-Levy-Tim-Rozon-reunite-for-Surreal-adventure.jpg
cdnph.upi.com/related/3501626478348/5/v1.2/16256051501923/i/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3501626478348/5/v1.2/16256051501923/i/Schitts-Creek-vets-Sarah-Levy-Tim-Rozon-reunite-for-Surreal-adventure.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
0cd4ab131d3ad8e5baf968a361da3479dd4156c848dcb2ba7a3501e4d3115af3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:33:21 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256271643
Accept-Ranges
bytes
Content-Length
35317
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Survey-COVID-19-income-loss-put-many-in-medical-debt.jpg
cdnph.upi.com/related/8461626461900/1/v1.2/81695dd018618b215f7fb39f6ad242b1/upi/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/8461626461900/1/v1.2/81695dd018618b215f7fb39f6ad242b1/upi/Survey-COVID-19-income-loss-put-many-in-medical-debt.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
42e926ff14a2269b4161ab10d98720ed0483f0abe39ec445ac2194f3da9268c0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:59:24 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257623730
Accept-Ranges
bytes
Content-Length
36896
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Hungary-approves-third-shot-of-COVID-19-vaccine-after-Sinopharm-rollout.jpg
cdnph.upi.com/related/8461626461900/2/v1.2/593babba513ec4087e89d5a9ae1702ed/upi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/8461626461900/2/v1.2/593babba513ec4087e89d5a9ae1702ed/upi/Hungary-approves-third-shot-of-COVID-19-vaccine-after-Sinopharm-rollout.jpg?sm=t
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
a3c881f41e8dca57417f813f314e9e74c14f5eec47c87edc465d8e548042e6ee

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:59:29 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257207028
Accept-Ranges
bytes
Content-Length
3753
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Smart-default-enrollment-policies-under-ACA-can-help-consumers-save-study-finds.jpg
cdnph.upi.com/related/8461626461900/3/v1.2/61282f7a432e5426370a07170c50e475/upi_com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/8461626461900/3/v1.2/61282f7a432e5426370a07170c50e475/upi_com/Smart-default-enrollment-policies-under-ACA-can-help-consumers-save-study-finds.jpg?sm=t
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
54cd6fbb7034f86f2a30e3a5a0efb46ffc09b48436932722d05aaa62f494a8ce

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:59:19 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090090
Accept-Ranges
bytes
Content-Length
3976
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
South-Korea-to-evacuate-anti-piracy-unit-after-COVID-19-outbreak.jpg
cdnph.upi.com/related/8461626461900/4/v1.2/7f706a9e5cbeed01a37ac5d5fb2f9e1b/upi_com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/8461626461900/4/v1.2/7f706a9e5cbeed01a37ac5d5fb2f9e1b/upi_com/South-Korea-to-evacuate-anti-piracy-unit-after-COVID-19-outbreak.jpg?sm=t
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
6693b087fb428ba4b305759d55126204673614f514a201e6a6177868b93a4fad

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:57 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:59:24 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257372054
Accept-Ranges
bytes
Content-Length
3518
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:57 GMT
Eiffel-Tower-reopens-in-Paris-after-longest-closure-since-WWII.jpg
cdnph.upi.com/related/8461626461900/5/v1.2/f3f41f5a163fbce910b14eab58e0ee40/upi_com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/8461626461900/5/v1.2/f3f41f5a163fbce910b14eab58e0ee40/upi_com/Eiffel-Tower-reopens-in-Paris-after-longest-closure-since-WWII.jpg?sm=t
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
00b15b3667c8baa97215e6a24f11ff33668c70582524dfae6fbfa68924574f8e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:59:25 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257147130
Accept-Ranges
bytes
Content-Length
3663
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:52 GMT
Survey-Most-South-Koreans-dont-believe-North-will-denuclearize.jpg
cdnph.upi.com/ph/st/th/3671626415039/2021/upi_com/4502b5f2f54ab0279f3efe5cd733bfae/v1.5/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/3671626415039/2021/upi_com/4502b5f2f54ab0279f3efe5cd733bfae/v1.5/Survey-Most-South-Koreans-dont-believe-North-will-denuclearize.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
dd3dc2a7a22663ae6f18d78f92a1a813f8d79ecf83aaf1120be276cdb51ce330

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 07:35:42 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090092
Accept-Ranges
bytes
Content-Length
54055
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
3-men-tied-to-Missouri-duck-boat-capsizing-face-manslaughter-charges.jpg
cdnph.upi.com/ph/st/th/1771626463405/2021/upi/6437d2cf9c413c3b9662c25609377e33/v1.5/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/1771626463405/2021/upi/6437d2cf9c413c3b9662c25609377e33/v1.5/3-men-tied-to-Missouri-duck-boat-capsizing-face-manslaughter-charges.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
46290e79361db1467eabc4eaafa9a79d7d882e32b0db411e9ee509d30be8ec7b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 17 Jul 2021 00:50:01 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257207033
Accept-Ranges
bytes
Content-Length
96993
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Felicia-becomes-a-major-hurricane-in-East-Pacific-as-Atlantic-stays-quiet.jpg
cdnph.upi.com/ph/st/th/3231626480024/2021/i/16264814499941/v1.5/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/3231626480024/2021/i/16264814499941/v1.5/Felicia-becomes-a-major-hurricane-in-East-Pacific-as-Atlantic-stays-quiet.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
edd099e45f95a2a2cbec9ad68b1308b71f66a6f81b8a2c25fefd65f8c073b96a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 17 Jul 2021 00:25:55 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257623732
Accept-Ranges
bytes
Content-Length
84535
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Tanya-Tucker-undergoes-hip-surgery-A-bad-hip-cant-keep-me-down.jpg
cdnph.upi.com/ph/st/th/1151626456770/2021/upi/5e01b283d922bf61a74c080253eaf3f1/v1.5/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/1151626456770/2021/upi/5e01b283d922bf61a74c080253eaf3f1/v1.5/Tanya-Tucker-undergoes-hip-surgery-A-bad-hip-cant-keep-me-down.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
cc0300ead055ea86e39eae88be528976b6157c5e858cafcb2031666cd2b78a83

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 17 Jul 2021 01:42:42 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257372057
Accept-Ranges
bytes
Content-Length
72725
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Uber-Eats-driver-wins-250000-in-lottery.jpg
cdnph.upi.com/ph/st/th/1851626461119/2021/upi_com/f6e024fcc86e250769f68b21a40fa16a/v1.5/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/1851626461119/2021/upi_com/f6e024fcc86e250769f68b21a40fa16a/v1.5/Uber-Eats-driver-wins-250000-in-lottery.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c43d5320d7d154ea9d67083552e37b7fd0e635e1d0ee9b135a7d16675e06c24c

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:56:20 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256924153
Accept-Ranges
bytes
Content-Length
42813
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
CDC-reports-record-number-of-ER-visits-during-Pacific-Northwest-heat-wave.jpg
cdnph.upi.com/ph/st/th/3731626446968/2021/upi/03184194855aedf4368d1ac01f3558e2/v1.5/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/3731626446968/2021/upi/03184194855aedf4368d1ac01f3558e2/v1.5/CDC-reports-record-number-of-ER-visits-during-Pacific-Northwest-heat-wave.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
f1013a295b1dfd00a08161a8b63a35b367cb92c0a0caea5db8edaa6c8904e3b6

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 15:42:06 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257308582
Accept-Ranges
bytes
Content-Length
62269
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Viral-parasites-fuel-evolution-of-drug-resistant-super-bugs.jpg
cdnph.upi.com/ph/st/th/9601626454158/2021/i/16264662914580/v1.5/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/9601626454158/2021/i/16264662914580/v1.5/Viral-parasites-fuel-evolution-of-drug-resistant-super-bugs.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
7d87f290fecefca4b265f446d64a5471c491fc57ce23dfa5f30684202a021df1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 20:19:31 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256271649
Accept-Ranges
bytes
Content-Length
96371
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Maj-Gen-Michael-Guetlein-nominated-to-lead-USSF-Space-Systems-Command.jpg
cdnph.upi.com/ph/st/th/5451626462984/2021/i/16264633108202/v1.5/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/5451626462984/2021/i/16264633108202/v1.5/Maj-Gen-Michael-Guetlein-nominated-to-lead-USSF-Space-Systems-Command.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
6e3265a3e82225d4b08882468add9e5e394a874fb07a91eecfac72090ec5aa2e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 19:30:55 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090099
Accept-Ranges
bytes
Content-Length
50095
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Louis-Oosthuizen-sets-36-hole-record-at-British-Open-leads-by-two-shots.jpg
cdnph.upi.com/ph/st/th/4571626442303/2021/upi/93b0c9fca0320077aff12e9fe9059af5/v1.5/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/4571626442303/2021/upi/93b0c9fca0320077aff12e9fe9059af5/v1.5/Louis-Oosthuizen-sets-36-hole-record-at-British-Open-leads-by-two-shots.jpg?lg=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
bf2e267ecb95273750a639fd26f3d54ea7d632f5bb8cf3f270a3da91c237cac3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:58 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 23:32:28 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257372060
Accept-Ranges
bytes
Content-Length
30224
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:58 GMT
50-Cent-attends-the-Power-Book-III-Raising-Kanan-premiere_1_1.jpg
cdnph.upi.com/cvc/fp_ss/upi/12725/8f48537972402f19c0028931fbf9ff6a/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/cvc/fp_ss/upi/12725/8f48537972402f19c0028931fbf9ff6a/50-Cent-attends-the-Power-Book-III-Raising-Kanan-premiere_1_1.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
7c05a6e6bbefd6a418b31be09e5044d83cbb39d1f70e4af0b6ff37a690f3b4d7

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 13:39:54 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257308584
Accept-Ranges
bytes
Content-Length
58743
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
clear.gif
www.upi.com/upi/dw/img/ 		42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upi.com/upi/dw/img/clear.gif
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:52 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 25 May 2012 18:56:59 GMT
Server
Apache
Age
0
ETag
"2a-4c0e0eed534c0"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=604800
X-Varnish
257147127
Accept-Ranges
bytes
Content-Length
42
X-Cached
0
Bradley-Whitford-Whitney-Cummings-attend-How-It-Ends-premiere.jpg
cdnph.upi.com/related/4061626452412/2/v1.5/8fc6241f901bdde0562d818d4e6f0ff8/upi/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/4061626452412/2/v1.5/8fc6241f901bdde0562d818d4e6f0ff8/upi/Bradley-Whitford-Whitney-Cummings-attend-How-It-Ends-premiere.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
994cce785a730109615198c010aa986c951cc7c631be9215c0b676ad87498ab0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 16:20:46 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090101
Accept-Ranges
bytes
Content-Length
49999
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Moments-from-the-2021-British-Open-golf-championship.jpg
cdnph.upi.com/related/4061626452412/3/v1.5/c710e7b92a7cede1551db9e0ff280137/upi/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/4061626452412/3/v1.5/c710e7b92a7cede1551db9e0ff280137/upi/Moments-from-the-2021-British-Open-golf-championship.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
21a9c568e122bb4c603d80ad5cd64c90e982d164e2d9290e5bc5e278b74b96f9

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 16:20:45 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257429975
Accept-Ranges
bytes
Content-Length
28119
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
German-Chancellor-Angela-Merkel-makes-last-official-visit-to-US.jpg
cdnph.upi.com/related/4061626452412/4/v1.5/a5d9aabaad28961e271a64f4689daed1/upi/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/4061626452412/4/v1.5/a5d9aabaad28961e271a64f4689daed1/upi/German-Chancellor-Angela-Merkel-makes-last-official-visit-to-US.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
e6586bb5b51363cb9e680ec61995c929f338cdb3973e0f04c77dd0f7a3b6654a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:58 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 16:20:51 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090103
Accept-Ranges
bytes
Content-Length
64480
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:58 GMT
FDA-approves-first-lymphoma-drug-for-dogs.jpg
cdnph.upi.com/ph/st/th/3781626458854/2021/i/16264592453778/v1.5/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/3781626458854/2021/i/16264592453778/v1.5/FDA-approves-first-lymphoma-drug-for-dogs.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
6db248bb4aac8e0f36d2aef4b5b763f5fa9dfa3cc0d5d7bf8700df00e0cfbde1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 22:00:36 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257429977
Accept-Ranges
bytes
Content-Length
9655
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
South-Korean-politician-cautions-Chinese-diplomat-against-election-interference.jpg
cdnph.upi.com/ph/st/th/4111626456976/2021/upi_com/e833f597d46c23b8dc3b90e52494d1df/v1.5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/4111626456976/2021/upi_com/e833f597d46c23b8dc3b90e52494d1df/v1.5/South-Korean-politician-cautions-Chinese-diplomat-against-election-interference.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
aeb24f1aa8eb9753fd72940c3c4abf0ed6c7ab8e5f6fa59b9ee9292d08bd322b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:22:05 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257308586
Accept-Ranges
bytes
Content-Length
13178
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Biden-administration-seeks-to-reverse-Trump-rule-on-showerheads.jpg
cdnph.upi.com/ph/st/th/1481626455038/2021/upi/3484ebac91e85af98497f596d1839c4f/v1.5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/1481626455038/2021/upi/3484ebac91e85af98497f596d1839c4f/v1.5/Biden-administration-seeks-to-reverse-Trump-rule-on-showerheads.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
57ce4f4bba63f2bfb18180f81bf1c6ed0c2f9e81d3651fc5ae8f9c084174807f

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:18:40 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256895392
Accept-Ranges
bytes
Content-Length
10021
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
First-woman-completes-Navy-Special-Warfare-training-qualifies-for-elite-units.jpg
cdnph.upi.com/ph/st/th/8251626451194/2021/upi/22d85984801e3716c23d2952ff420562/v1.5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/8251626451194/2021/upi/22d85984801e3716c23d2952ff420562/v1.5/First-woman-completes-Navy-Special-Warfare-training-qualifies-for-elite-units.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
807e049abda9cbd699383be46b11accd093ba82949da28cefb06daa0e4527b68

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:58 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 19:58:50 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257090105
Accept-Ranges
bytes
Content-Length
10096
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:58 GMT
Adopted-Roseville-woman-searches-for-identical-twin-sister.jpg
cdnph.upi.com/ph/st/th/5911626453150/2021/i/16264532805777/v1.5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/5911626453150/2021/i/16264532805777/v1.5/Adopted-Roseville-woman-searches-for-identical-twin-sister.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
62a2b2d8b39d69baaad2d89b676abcb96a98e5f35ac9ac4860a88679abefe431

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:56:11 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256924155
Accept-Ranges
bytes
Content-Length
9119
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Ford-recalls-800000-Explorers-F-350s-Lincoln-Aviators-over-safety-issues.jpg
cdnph.upi.com/ph/st/th/4581626450470/2021/upi/5ddb0d72ebf5286540d2f2abbba8ca81/v1.5/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/4581626450470/2021/upi/5ddb0d72ebf5286540d2f2abbba8ca81/v1.5/Ford-recalls-800000-Explorers-F-350s-Lincoln-Aviators-over-safety-issues.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
23be00f633eedf3f481c8a2203c0bcb569c1b9db8b822656726a2979b79258c4

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 17:31:01 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257594340
Accept-Ranges
bytes
Content-Length
10621
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
North-Korea-warns-of-heat-waves-impact-on-crops.jpg
cdnph.upi.com/ph/st/th/5801626449786/2021/upi/2f280d1af039177c77b87ee0227783fc/v1.5/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/5801626449786/2021/upi/2f280d1af039177c77b87ee0227783fc/v1.5/North-Korea-warns-of-heat-waves-impact-on-crops.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
f5717be6694dc7763e2661704ed0f7a391d923d51aac91162964200d761f8b37

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:58 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 16:30:49 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256895394
Accept-Ranges
bytes
Content-Length
11464
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:58 GMT
Carnegie-Melon-professor-develops-real-time-learning-four-legged-robot.jpg
cdnph.upi.com/ph/st/th/7871626448726/2021/i/16264493693954/v1.5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/7871626448726/2021/i/16264493693954/v1.5/Carnegie-Melon-professor-develops-real-time-learning-four-legged-robot.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
ca9b6fed153bdf0e09d2edf53959f5ac7bc548d9465f5e7f635679870205f984

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 18:18:34 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257308588
Accept-Ranges
bytes
Content-Length
13101
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Pope-Francis-restricts-performing-of-old-Latin-Mass-in-parishes.jpg
cdnph.upi.com/ph/st/th/4671626446963/2021/upi/de21a420374628e6e6fb181cc030fd23/v1.5/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/4671626446963/2021/upi/de21a420374628e6e6fb181cc030fd23/v1.5/Pope-Francis-restricts-performing-of-old-Latin-Mass-in-parishes.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
4559121cd8559a31c9dee509d53ebd83cbd4efa8840e4ebe410bafade10a9b5e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 16:19:28 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257527087
Accept-Ranges
bytes
Content-Length
12622
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Greenland-halts-oil-exploration-mining-due-to-effects-of-climate-change.jpg
cdnph.upi.com/ph/st/th/9051626443898/2021/upi_com/2d5c9ff539b3ba7f8cf21bd0d0ebda65/v1.5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/9051626443898/2021/upi_com/2d5c9ff539b3ba7f8cf21bd0d0ebda65/v1.5/Greenland-halts-oil-exploration-mining-due-to-effects-of-climate-change.jpg?sec=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
36ddf945c918423d7c453b3f97b0b205459fa327b8728a595f7849ffc58d53da

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:58 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 15:51:14 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
256271653
Accept-Ranges
bytes
Content-Length
9890
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:58 GMT
On-This-Day-US-tests-first-atom-bomb.jpg
cdnph.upi.com/ph/st/th/7241626400935/2021/upi_com/a14b0f11e735e17c15a1708dd08c7245/v1.5/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/ph/st/th/7241626400935/2021/upi_com/a14b0f11e735e17c15a1708dd08c7245/v1.5/On-This-Day-US-tests-first-atom-bomb.jpg?rc34=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
e0282b5104f94e89b3fba2a7738afafeadfa7f9355f25f838c8215d7258b9aa3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 07:00:33 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257147136
Accept-Ranges
bytes
Content-Length
8344
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Hulu-Whats-coming-and-going-in-August-2021.jpg
cdnph.upi.com/related/9331626438617/1/v1.2/3cb736f2cc2d15bf918ae6caa747d4cb/upi/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/9331626438617/1/v1.2/3cb736f2cc2d15bf918ae6caa747d4cb/upi/Hulu-Whats-coming-and-going-in-August-2021.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
8208470be22b97ea7da8ab175ff88335e31c9466c07604a75462f20a64a2a622

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 12:53:34 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257147138
Accept-Ranges
bytes
Content-Length
22583
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
Some-younger-evangelicals-are-leaving-the-faith.jpg
cdnph.upi.com/related/3681626438629/1/v1.2/7e708c48f545978cec523e50b442d1b3/upi_com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnph.upi.com/related/3681626438629/1/v1.2/7e708c48f545978cec523e50b442d1b3/upi_com/Some-younger-evangelicals-are-leaving-the-faith.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
7f9c631643f51f908ee10fb8916070eb9a69dea3f72a59638aa97f776690a75a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sat, 17 Jul 2021 02:12:53 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 16 Jul 2021 12:30:56 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=10800
X-Varnish
257527089
Accept-Ranges
bytes
Content-Length
18239
X-Cached
0
Expires
Sat, 17 Jul 2021 05:12:53 GMT
img.fetch
udmserve.net/udm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=6;
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
489610f3c59dd8daf155cc172bad8f6bcf81cf6ee6276e3510e2637691fcf16e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
clear.gif
www.upi.com/img/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upi.com/img/clear.gif
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 20:33:29 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Thu, 07 Jun 2012 11:52:02 GMT
Server
Apache
Age
365962
ETag
"2a-4c1e08307bc80"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=604800
X-Varnish
257372052 239391750
Accept-Ranges
bytes
Content-Length
42
X-Cached
1
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4913
date
Sat, 17 Jul 2021 00:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sat, 17 Jul 2021 02:50:59 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.upi.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 17 Jul 2021 02:12:52 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 20:57:41 GMT
content-encoding
gzip
server
Server
age
18910
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
HJDQ_J13MpB0okrd1UAc4euAMZtdyOJl
x-amz-cf-id
ayn42lTdCnUMYg1_N_lf_preRWXUIiiATHGC6JhL-YJ6PveKnuQ9vg==
v2tmtNjHaNWqWogkdH9c1h0_CLtY8ZxZ_k98OPFtHHhviH8esrcrqB4RH905x13Mo
breakfastboat.com/ 		581 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2tmtNjHaNWqWogkdH9c1h0_CLtY8ZxZ_k98OPFtHHhviH8esrcrqB4RH905x13Mo
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
a0b80d2ead83713a30f563fa7f435cf4827e3bc9ad1a41a8a79bef78f20713ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"4b22f528c20a822e1570245ca02dd55f7ba131b117a62caaa072ff183e4bc78a"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sat, 17 Jul 2021 02:12:52 GMT
timing-allow-origin
*
v2yri_nFKoRUYF-RWtIwpLP3oHo9j-RNxcJwpOlIO7_E2ld5Zl16p7b-7nWBecafzOEDxCpM4GqguRzQIog
breakfastboat.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2yri_nFKoRUYF-RWtIwpLP3oHo9j-RNxcJwpOlIO7_E2ld5Zl16p7b-7nWBecafzOEDxCpM4GqguRzQIog
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
53349822b11871b7600db7e533e6149cadcdeb304159d6d0ea2280b5a97d71f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"b6263dcd47b36a6a4a44736692832839579517935440a5186fe3ff60159b2c16"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sat, 17 Jul 2021 02:12:52 GMT
timing-allow-origin
*
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 16:13:07 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:11:37 GMT
server
nginx
age
35985
etag
W/"60e79439-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
or4hDJA79NvUFpirsoEZB7ZqHYgdIcGYBoiziwTbJdMhytErZ95buQ==
expires
Sat, 17 Jul 2021 16:13:07 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e39aafbfe069794ed20f743f47908a08c9cd3b293c7fdaa0ef9083b4f5cd5994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RVFUwZsH4uTfltr74lqPRQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
Pv+KrrHiK38Qvx2M7WXLFYplZzVZVCveG6wmzeKBftXcWHB5f7saEGtoswEQqgYkYmUWP7f0v3n5TLQhLvb+tA==
x-fb-content-md5
d86b6f3445d0b785c2c3e215b95b1b45
x-frame-options
DENY
date
Sat, 17 Jul 2021 02:12:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"61a79a1cafe9f93d6654ed3149fd04f8"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 Jul 2021 02:32:46 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v17/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v17/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 11:16:44 GMT
x-content-type-options
nosniff
age
312968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18332
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 23:11:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 11:16:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 00:16:41 GMT
x-content-type-options
nosniff
age
352571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 00:16:41 GMT
DroidSerif-BoldItalic.woff2
www.upi.com/inc/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/inc/fonts/DroidSerif-BoldItalic.woff2
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c3f5ba16538a2446ea66a6c5f0ea35b3a76b999e145bd56383c8585272af9c4c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 20:33:34 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Wed, 21 Mar 2018 15:49:22 GMT
Server
Apache
Age
365962
ETag
"5f6c-567ee227c4480"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
257372050 239428815
Accept-Ranges
bytes
Content-Length
24428
X-Cached
1
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 21:27:07 GMT
x-content-type-options
nosniff
age
362745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:27:07 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 14:01:00 GMT
x-content-type-options
nosniff
age
303112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 14:01:00 GMT
fontawesome-webfont.woff2
www.upi.com/inc/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/inc/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 20:33:30 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Mon, 02 Oct 2017 03:49:40 GMT
Server
Apache
Age
365962
ETag
"12d68-55a88439d7d00"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
257372051 239391752
Accept-Ranges
bytes
Content-Length
77160
X-Cached
1
sdk.js
connect.facebook.net/en_US/ 		232 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4a8e8bddbec7110fad3bfca08bf188e5
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77b88f946555be01fc59c32bc49a6db664a5c06ff5bc8186178ff619da7cf6c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.upi.com
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hheZuhyQ6O6vu5nssvUAGw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69093
x-fb-rlafr
0
x-fb-debug
1Uvam+A156wCYsZ9y2VGMwQ6Yghrvi6muzscLgHwYPrckDP7xpCjAxBB0vKcOkq+5Wx4EjwFf9a5Jnm6Z9B/Ig==
x-fb-content-md5
14ac69c704408d034612e09edab20a5d
x-frame-options
DENY
date
Sat, 17 Jul 2021 02:12:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e89008898b0d12c715ac9dad830afa2c"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 17 Jul 2022 01:32:15 GMT
rnd_social.png
www.upi.com/upi/dw/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upi.com/upi/dw/img/rnd_social.png?v1
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
d81eccf8f3e0161155c82d3b8924f7346bcc39c0d3c9320d66c9d2ab76208b46

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828
Connection
keep-alive
Referer
https://www.upi.com/inc/css/upi.v162255621.css?fp=1&ss=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 20:33:30 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Mon, 02 Jul 2018 13:40:32 GMT
Server
Apache
Age
365962
ETag
"6a9b-5700457657400"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=604800
X-Varnish
257623729 239391757
Accept-Ranges
bytes
Content-Length
27291
X-Cached
1
collect
stats.g.doubleclick.net/j/ 		1 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1342607-1&cid=1558638374.1626487973&jid=995353117&gjid=787941993&_gid=282000561.1626487973&_u=IGBAgEABAAAAAE~&z=216487730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Jul 2021 02:12:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=560300762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upi.com%2F&ul=en-us&de=UTF-8&dt=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26%20U.S%20News%20-%20UPI.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=995353117&gjid=787941993&cid=1558638374.1626487973&tid=UA-1342607-1&_gid=282000561.1626487973&z=885795709
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 18:42:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27005
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=upi.com&p=%2F&u=BBBUliC73Pe3CkMI5O&d=upi.com&g=4027&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4748&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2089&t=D4RH5vCMcAiODfnJKuBODnXqBQTdf6&V=128&i=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26%20U.S%20News%20-%20UPI.com&tz=-120&sn=1&sv=Ci6JMkvcxasDaXyN6y49oKgiAR1&sd=1&im=0603040f&_
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.234.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-234-155.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.upi.com%2F&pubid=0ade278c-0ca3-4360-94f3-b0471254a243
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.upi.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
5yps2VeF0pUMAATzq2jMPufOhS_mLuf2cwcIt1lNo7qkpclvgW3sVA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
33181
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Fri, 16 Jul 2021 16:59:52 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
hD2G8syrTqpfJZaGh3ls4PdUIeCQ3Ebjo25SQTSlRPTPVO8hhk8g6w==
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=130795020312660&ev=fb_page_view&dl=https%3A%2F%2Fwww.upi.com%2F&rl=&if=false&ts=1626487972874&sw=1600&sh=1200&at=
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Jul 2021 02:12:52 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=130795020312660&ev=fb_page_view&dl=https%3A%2F%2Fwww.upi.com%2F&rl=&if=false&ts=1626487972876&sw=1600&sh=1200&at=
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Jul 2021 02:12:52 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		1 KB
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.upi.com%2F&pid=VWqj4ET1Vaw3h&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%221009753%2FUPI_728x90_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%221009753%2FUPI_728x90_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_R%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_R1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%221009753%2FUPI_160x600_Flex%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_InRead_ROS_Desktop%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%221009753%2FUPI_468x60_sticky_footer_desktop%22%7D%5D&cfgv=0&pubid=0ade278c-0ca3-4360-94f3-b0471254a243&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
0e865037fc1966976dbcbd219e7f03114e2b529a014937e4915a0ab8568bb3ba

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
573
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-id
J8Y87HlKC26nLNslNNN0SbmSEFnkCAd6uS_Qr9dwbWogYVmb2AqD_g==
identity
api.rlcdn.com/api/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185646
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
b2b35bc43f4bb3c3fa7ce21270c8ffd3770abf1fa0b2bbb9d470d82f64a3ca98

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 16 Aug 2021 02:12:53 GMT
acv.json
breakfastboat.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/acv.json
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Sat, 03 Jul 2021 04:31:05 GMT
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:53 GMT
vary
Accept-Encoding, Origin
x-hostname
a26589ac
content-type
application/json
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
10144603
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
acv.json
breakfastboat.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/acv.json
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Sat, 03 Jul 2021 04:31:05 GMT
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:53 GMT
vary
Accept-Encoding, Origin
x-hostname
a26589ac
content-type
application/json
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
headerstats
as-sec.casalemedia.com/ 		0
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=289693&u=https%3A%2F%2Fwww.upi.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.upi.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Sat, 17 Jul 2021 02:12:53 GMT
prebid.v161978761.js
www.upi.com/inc/js/ 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upi.com/inc/js/prebid.v161978761.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
1a85e7d37f466f7aa77b74252a8deb14ced805a195e607fd6a7cbab9bc775f58

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.upi.com/
Cookie
_upi_uid=b28cb574-1bb6-4b0d-84c0-b711def00828; _ga=GA1.2.1558638374.1626487973; _gid=GA1.2.282000561.1626487973; _gat=1; _cb_ls=1; _cb=BBBUliC73Pe3CkMI5O; _chartbeat2=.1626487972826.1626487972826.1.Ci6JMkvcxasDaXyN6y49oKgiAR1.1; _cb_svref=null; usprivacy=1---
Connection
keep-alive
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 17:30:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 15:06:01 GMT
Server
Apache
Age
290552
ETag
W/"369c7-5c11dd560613a-gzip"
X-Cacheable
Y
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Via
1.1 varnish (Varnish/6.6)
Cache-Control
max-age=864000, public, must-revalidate
X-Varnish
257372059 243297809
Accept-Ranges
bytes
Content-Length
67704
X-Cached
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
71f756359addc7b0d08506c6935b8563b4cb375a6b3dbc3d680155d69119f88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"932 / 725 of 1000 / last-modified: 1626473418"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24132
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:53 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 7746
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
308 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d47ef60a38d010abfc868b8b2806a493e51f7653724fc09fef645b33b1482afd

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
235
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 02:12:53 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 02:12:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Set-Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 02:12:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
pubads_impl_2021071301.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 08:39:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117314
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		102 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.upi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f6049c28f02d1e920e087b0cadc21750a4388e1c5cbaa0980b1a91b0e7ccf706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:53 GMT
config.js
confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/ 		276 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ffed9095db80564dadc0480f156f2b78365af6e929eafbded15dfc26a4beb4b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Age
3030
X-Cache
HIT
Connection
keep-alive
Content-Length
49624
x-amz-id-2
RbtPPq82/cqT8v7St4KK0a+kmp6YEFMQt/g5oCkjrf724TwS5mNkkl0j/T/r6whyy2Q9LUgTXVc=
X-Served-By
cache-fra19166-FRA
Last-Modified
Fri, 16 Jul 2021 23:06:24 GMT
Server
AmazonS3
X-Timer
S1626487973.453620,VS0,VE0
ETag
"2c871dbb95ca4e5476d4e0b9d52fd2f8"
x-amz-request-id
5TKH8WWG0HYKJ2CV
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
17
udm-r3_v2.7.8.js
bid.underdog.media/ 		463 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.7.8.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d60ffa6e3f840ca755dc1c3221056a05110b671db785c9841ce0dd69ed9549c4

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:45:20 GMT
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 20:38:43 GMT
server
AmazonS3
age
106054
etag
"5d25afb091b401f4a883e33940cf9adc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
144433
x-amz-cf-id
KPdzLfaJ7Tcit8InwwXDGZ3ZI495ZQi_hVh_p395rk_SrIfyGjDM2g==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 24 Jul 2021 02:12:53 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7310218954674835410
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7310218954674835410
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:53 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8342189d-cf5a-41d9-aecf-f3ebac772ebf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7310218954674835410
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU3RTQxMDQtNTJDOC00Nzg4LUI5MkEtNEM1RTg3MjkwN0My&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU3RTQxMDQtNTJDOC00Nzg4LUI5MkEtNEM1RTg3MjkwN0My&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DD57E4104-52C8-4788-B92A-4C5E872907C2
  • https://udmserve.net/udm/fetch.pix?pmid=D57E4104-52C8-4788-B92A-4C5E872907C2
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=D57E4104-52C8-4788-B92A-4C5E872907C2
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:59 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=D57E4104-52C8-4788-B92A-4C5E872907C2
date
Sat, 17 Jul 2021 02:12:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
services
sync.technoratimedia.com/ 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
527165167
access-control-allow-origin
https://www.upi.com/
access-control-allow-credentials
true
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
  • https://udmserve.net/udm/fetch.pix?dt=1;admix=34d6781e9d8048c68da19cf42e51875e
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;admix=34d6781e9d8048c68da19cf42e51875e
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:53 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sat, 17 Jul 2021 02:12:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://udmserve.net/udm/fetch.pix?dt=1;admix=34d6781e9d8048c68da19cf42e51875e
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
  • https://udmserve.net/udm/fetch.pix?dt=1;acu=128ec410fb40a005b7628f3dcf5f4c012252cf21
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;acu=128ec410fb40a005b7628f3dcf5f4c012252cf21
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:54 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://udmserve.net/udm/fetch.pix?dt=1;acu=128ec410fb40a005b7628f3dcf5f4c012252cf21
Date
Sat, 17 Jul 2021 02:12:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
cookie_sync
prebid.adnxs.com/pbs/v1/ 		933 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c978f347c47062a30bcf41e3d7cd9682802f67174dd05b682db7c9ce5def8556

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		201 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
5e1ab0b6985e2579b88c0e4127f5bad2f96e5e6aed1a0f2066f090c364c99a19

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
201
Expires
0
c
prebid.a-mo.net/a/ 		861 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8203bf46a327bcffaeafa0e523386bd44628a263a7b6a6d2d981d36c9cb14fa4

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
47
content-length
355
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 17 Jul 2021 02:12:53 GMT
cygnus
htlb.casalemedia.com/ 		25 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=213852&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224651d33be93c997%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2286bfc630-6f44-4f94-a35e-4abc21e49bc9%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-17T02%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224745f4cebca5d03%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248e58457e347516%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249fb3014b681bbd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250c6c9f7b0fb77%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251f17f57990d54a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22529e2833533d113%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22535ce926677cea4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225423373dc3ec93%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255bb14ef8995979%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2256d1185c927785c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249fb3014b681bbd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6095751d52fdfa7660a8f5e4879a39bd5449173497ee575307a118ba43c5db59

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.upi.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 17 Jul 2021 02:12:53 GMT
arj
upi-d.openx.net/w/1.0/ 		172 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=960cfe69-5852-44d2-9b2d-bd9782c1f251%2Cd4a5af1d-f719-4ba1-94fd-e17747eb1295%2Cd0c46b32-56ea-4ca6-b010-bba18618fffb%2C010f0ded-4cfa-460d-b8d5-84910a5117ec%2C222ab3c7-b5fe-4434-b79d-17f35931ca72%2Cb835d3da-7529-4d11-ad56-18a943693e03&nocache=1626487973408&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!ascendeum.com%2Casc90189%2C1%2C%2C%2C&aus=728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60&divIds=div-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop&auid=539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
2bfe62c2d13e9ec17dc51dd7dcb1210927584015c0b7c0943f56099f2a855014

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%223d51d964-a46a-4806-8e80-115bc8468ec0%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1626487973409%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2265b55dbb26c606d%22%3A%22_lO6ArzuweK%22%7D%2C%22bidSizes%22%3A%7B%2265b55dbb26c606d%22%3A%5B%5B468%2C60%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%22b835d3da-7529-4d11-ad56-18a943693e03%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%2265b55dbb26c606d%22%2C%22bidderRequestId%22%3A%2264b24359c3842ae%22%2C%22auctionId%22%3A%22fd27ee3e-2990-4ea9-8c7e-d1ad26b9c47e%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		656 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
f5993c915e34cdcb86d906e492435185186af1bf0679f50ce2b8067503759d2b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
656
Expires
0
arj
upi-d.openx.net/w/1.0/ 		172 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ee571239-c024-46c0-8365-f17fc25c9976%2C32dec00c-efb1-45a5-b718-5d9cf99df690%2C250f58ae-3746-4d5a-97f5-2b41311fbe49%2C83c6f224-ecaf-4b52-92ef-c54ee4ff4a78%2Cb1d54653-de2e-42ec-a921-b161aa6826eb%2C12139211-cdd0-4992-af91-e830802ee696%2C78d91fe8-2f1e-4bbd-9559-37c45ea14cc8%2C1dbb0403-59b0-4306-bd8c-76d5eb97b59d%2Cbf217666-e8c5-4d43-8078-e70ed1d96b7f%2C3d5a166f-05c9-4f6c-9073-11318cfaafed%2C629d2adf-d238-4912-bd47-02744c546e78%2Cf37f9ebe-0cf4-4204-b407-958178726b39&nocache=1626487973422&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!ascendeum.com%2Casc90189%2C1%2C%2C%2C&aus=728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60%7C728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60&divIds=div-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop%2Cdiv-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop&auid=539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643%2C539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
76b279e58f9e1e977b0b2c6a49d74d8237abffe9dc4c50638245128306fdc121

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=213852&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214792141a2f4a1b2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A10%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2286bfc630-6f44-4f94-a35e-4abc21e49bc9%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-17T02%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214850b8ec20e086e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221496f9c175a61002%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22150e22e19ba15fa9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215182c6b61ee9fc3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221525254b66578532%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22153a6ebe0ecf3119%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22154de878e5471455%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22155d079e7502b6bd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221561350d63b5d70e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215772d43963fad33%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215811c3064f5a43f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221595cc8051a792d2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22160baec63efce8c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221614128fb4e19dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22162cc83066e8fc67%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22163182e272b0b39d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216461d7356af4fcf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22165972c83ddab5af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221665162754f33714%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221679f4fe6b202e62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22150e22e19ba15fa9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22160baec63efce8c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cebd2f4cc38a8f471a77fe840cb3ba7a35e27d6b20053705a82452fa2a402b0d

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.upi.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
46
x-ak-client-geo
12
expires
Sat, 17 Jul 2021 02:12:53 GMT
bid-request
a.teads.tv/hb/ 		16 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 17 Jul 2021 02:12:53 GMT
bid
krk.kargo.com/api/v2/ 		2 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%223d51d964-a46a-4806-8e80-115bc8468ec0%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1626487973427%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%221725e12c2541ab11%22%3A%22_lO6ArzuweK%22%2C%2217387695a6b60445%22%3A%22_lO6ArzuweK%22%7D%2C%22bidSizes%22%3A%7B%221725e12c2541ab11%22%3A%5B%5B468%2C60%5D%5D%2C%2217387695a6b60445%22%3A%5B%5B468%2C60%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%2212139211-cdd0-4992-af91-e830802ee696%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%221725e12c2541ab11%22%2C%22bidderRequestId%22%3A%22171eccbe36e2e655%22%2C%22auctionId%22%3A%22b0dcea3c-98c9-4327-8b27-87c13906cfdc%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A3%2C%22bidderRequestsCount%22%3A3%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%22f37f9ebe-0cf4-4204-b407-958178726b39%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%2217387695a6b60445%22%2C%22bidderRequestId%22%3A%22171eccbe36e2e655%22%2C%22auctionId%22%3A%22b0dcea3c-98c9-4327-8b27-87c13906cfdc%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A3%2C%22bidderRequestsCount%22%3A3%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
c
prebid.a-mo.net/a/ 		861 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
62b70d9495626e964b1784a48329c27db0efc8a1fa91824b6e893deceaa49dbd

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jul 2021 02:12:52 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
93
content-length
356
integrator.js
adservice.google.ch/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.upi.com
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.upi.com
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		468 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3126714824678482&correlator=336520683243564&output=ldjh&impl=fifs&eid=31061181&vrg=2021071301&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210717&iu_parts=1009753%2CUPI_728x90_ATF%2CUPI_728x90_BTF%2CUPI_300x250_R%2CUPI_300x250_R1%2CUPI_160x600_Flex%2CUPI_300x250_InRead_ROS_Desktop%2CUPI_468x60_sticky_footer_desktop%2CUPI_1x1_ROS%2CUPI_1x1_Sponsored&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%7C970x250%2C728x90%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%7C160x600%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%2C468x60%2C1x1%2C1x1&prev_scp=amzniid%3DInH-tOJEyCzXhRZrafvljzkAAAF6sjzlYgMAAAJYAZ4k9fQ%26amznp%3Dvl6xhc%26amznsz%3D970x250%26amznbid%3D1q6g5xc%7Camzniid%3DIh9cshcHFRigxmoYZZaddYIAAAF6sjzlYgMAAAJYAa9VxIY%26amznp%3Dvl6xhc%26amznsz%3D728x90%26amznbid%3Dyfkrnk%7Camzniid%3DIpktAcMhQSKItOcZ3FnIeQUAAAF6sjzlYwMAAAJYASUUpD0%26amznp%3Dvl6xhc%26amznsz%3D300x600%26amznbid%3Dpjxreo%7Camzniid%3DIuhuAFuWv2Gxx2M4kjdDc3MAAAF6sjzlYwMAAAJYAWI6bs0%26amznp%3Dvl6xhc%26amznsz%3D160x600%26amznbid%3Dpjxreo%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C&cust_params=refreshTest%3Dtrue%26refreshIteration%3D0%26floortest%3Dfalse%26Section%3Dhome&cookie_enabled=1&bc=31&abxe=1&lmt=1626487973&dt=1626487973490&dlt=1626487972040&idt=1410&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9%2C1034%2C1034%2C1034%2C-9%2C-9%2C-9%2C-9&adys=163%2C-9%2C846%2C2504%2C1943%2C-9%2C-9%2C-9%2C-9&adks=2786708225%2C1802100661%2C4285528634%2C2149122340%2C1258098792%2C3758348931%2C161048266%2C3045956223%2C1618421751&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upi.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90%7C0x-1%7C336x0%7C336x0%7C336x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1600x90%7C0x-1%7C336x0%7C336x0%7C336x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1558638374.1626487973&ga_sid=1626487973&ga_hid=560300762&ga_fc=false&fws=0%2C2%2C0%2C0%2C0%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C1%7C2%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
52041ba8482d5f107d3a9aecf21074177cb59f89b878f83d1c262c182cb06f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56124
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 847B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Jul 2021 02:12:53 GMT
expires
Sun, 17 Jul 2022 02:12:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7310218954674835410
0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7310218954674835410
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Server
nginx/1.19.0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
45dce055-519d-4279-8eb8-932437c9bdb0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7310218954674835410
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:9e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 14:16:04 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
age
43010
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
17eMSTkzqrSEdIplRQ624V0TauzVRsOTeGvL88gON8dnsBbU5HaFDQ==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:9e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 01:46:47 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
age
1567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
9i0cWpjzvNHk0vcLaReOAO8NC85CLwd3Q2ZSq7S7Hz-vGqp5GGp2kA==
prebid
ib.adnxs.com/ut/v3/ 		488 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d0cea81abcfade3edf819884266facfb39295304343d73da8b724542a9a9dfce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
55ef549e-bbbd-410b-a674-b1b32ed1daea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
488
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
underdogmedia-d.openx.net/w/1.0/ 		174 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b07fd7fc-7fb3-410b-8c90-828fc32448a4%2Cb07fd7fc-7fb3-410b-8c90-828fc32448a4%2Cb07fd7fc-7fb3-410b-8c90-828fc32448a4%2Cb07fd7fc-7fb3-410b-8c90-828fc32448a4&nocache=1626487973558&schain=1.0%2C1!udmserve.net%2C2952%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C728x90&divids=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90&aucs=%2C%2C%2C&auid=540857115%2C540857115%2C540857115%2C540857115&aumfs=76%2C76%2C76%2C76
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
d8b2319d1c508e47cbe1966ced4f83fee53e9c885113880726171cfb1148c7f6

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		841 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221248a3f5272fc16%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07291666666666666%22%2C%2213b0a109be1e15a%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07291666666666666%22%7D&ref=https%3A%2F%2Fwww.upi.com%2F&s=621ceb64-773d-4582-953f-b20b330082df&pv=210db69f-c2f7-4b48-9ac4-213ca72742f2&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
d366545d6e658a2495a89f8fd319f26d9cc58d845dde64acb836c71d798afbf0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
490
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0&cb=35556373075
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sat, 17 Jul 2021 02:12:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
c
prebid.a-mo.net/a/ 		861 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
eb2b426fcd53ced3b52c05f35e93569189ad1efcc53c66ce3241b17dd9c3f5c0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
50
content-length
356
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=659180&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223d878ee41db196%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2286bfc630-6f44-4f94-a35e-4abc21e49bc9%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-17T02%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2224dc9b8f7877aa7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22659180%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9d016594f7d61eb1d28f0041a74a771b8c0f5c40ae2bb4cd8e86a51c4cdf2e1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.upi.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 17 Jul 2021 02:12:53 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202107141603/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202107141603/wrap.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0620f9060a4e83aa1d25e863d3451ac713cf20daf3ceb2c915a5e73b99629c1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Encoding
gzip
Age
782
X-Cache
HIT
Connection
keep-alive
Content-Length
29448
x-amz-id-2
d2saPQgq4bSM2YKtI3O4+DtxBbyygGrEhs3w/J+alddOEwmpAz0MzzbRN0ZbWLuD9p3wz2aqdOw=
X-Served-By
cache-fra19166-FRA
Last-Modified
Wed, 14 Jul 2021 20:12:39 GMT
Server
AmazonS3
X-Timer
S1626487974.717849,VS0,VE0
ETag
"5d1db64b12b0814616f9924454587540"
x-amz-request-id
DQFGV0GDNA3J85QA
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
31
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 72A4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
55bde95b2799179e90823abc34606a9df66b9e6a3c53c6e64f6251b89fbd5985

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
774
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 72A4
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=23cc5672dac2b6560b02
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=23cc5672dac2b6560b02
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:54 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 17 Jul 2021 02:12:53 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=23cc5672dac2b6560b02
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
jRYeUTYam3wowSJCNoiPYLq-F7tyXlkRhRtl2Fc86NL6MIsaWa5VUA==
amzns2s
rtb.gumgum.com/usync/ Frame 2622 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fc4b6ffadbb2922ba4db55c7db12b978be8ca260d6e3325edcb1524e7ff0de63

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76; Domain=.gumgum.com; Expires=Sun, 17-Jul-2022 02:12:56 GMT; Path=/; Secure; SameSite=None
etag
W/"025b4fe5c0560502b5772d5d2a8e4710a"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame EAEB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c50734ab933b955f10ae6d572c28724b162d1a6aae3205b4e1e4eb18c027031d

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YPI8pWDyPKUB; CMID=YPI8paPz-8gKevC8S4Co8gAA; CMDD=AAoM+AE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|88|40|8|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1750
Expires
Sat, 17 Jul 2021 02:12:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YPI8paPz-8gKevC8S4Co8gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:12:55 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:12:55 GMT CMPRO=1183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:12:55 GMT CMDD=AAoM+AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Jul 2021 02:12:55 GMT CMRUM3=2760f23ca70b40&f160f23ca705a0&5860f23ca705a0&0860f23ca705a00&2d60f23ca705a0&e660f23ca72760&2860f23ca705a00&c460f23ca705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:12:55 GMT CMST=YPI8pWDyPKcB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Jul 2021 02:12:55 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2D7E
Redirect Chain
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx
Date
Sat, 17 Jul 2021 02:12:53 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
admtr=128ec410fb40a005b7628f3dcf5f4c012252cf21; path=/; domain=.admanmedia.com; expires=Sun, 17 Jul 2022 02:12:53 GMT; max-age=31536000 ;SameSite=None; Secure
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
cm
u.openx.net/w/1.0/ Frame 41A5 		628 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
2d9afa2c1915812b01481719b6fc53326d2e670bfc9ac369662a4baf6ccfd30b

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=570bde8e-faa9-0644-27b4-2ba7b9417d0f|1626487973
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=570bde8e-faa9-0644-27b4-2ba7b9417d0f|1626487973; Version=1; Expires=Sun, 17-Jul-2022 02:12:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626487973|gen0vNiygu; Version=1; Expires=Sun, 01-Aug-2021 02:12:53 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Jul 2021 02:12:53 GMT
content-type
text/html
content-length
390
content-encoding
gzip
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2559
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=districtm
AN-X-Request-Uuid
e1dcd54b-bc35-4a42-9d3f-dbee88776468
Set-Cookie
uuid2=7310218954674835410; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 15-Oct-2021 02:12:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 310C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 17 Jul 2021 02:12:53 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8F5E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4048867820032136168
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4048867820032136168
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=4048867820032136168; Domain=.turn.com; Expires=Thu, 13-Jan-2022 02:12:53 GMT; Path=/; Secure; SameSite=None
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4048867820032136168
content-length
0
date
Sat, 17 Jul 2021 02:12:53 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9EC9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; SyncRTB3=1627689600%3A220; ipc=156505^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID^1^0; KADUSERCOOKIE=D57E4104-52C8-4788-B92A-4C5E872907C2; chkChromeAb67Sec=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=84431
expires
Sun, 18 Jul 2021 01:40:08 GMT
date
Sat, 17 Jul 2021 02:12:57 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DD04 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Jul 2021 02:12:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5A01
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-iF4Y2b11l2OoQqLzawDR_K.hmvUYb6w-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-iF4Y2b11l2OoQqLzawDR_K.hmvUYb6w-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Sat, 17 Jul 2021 02:12:54 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1zaq;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Mon, 18-Jul-2022 02:12:54 GMT;Secure;SameSite=None A3=d=AQABBKY88mACEFpn8D1uFOpKEpQeHNSZ_0oFEgEBAQGO82D8YAAAAAAA_eMAAA&S=AQAAAoutVXhTdudYTvP_rA1TG8Y; Expires=Sun, 17 Jul 2022 08:12:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=4lvspqhgf4f56&b=3&s=vj; Expires=Sun, 17 Jul 2022 08:12:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-iF4Y2b11l2OoQqLzawDR_K.hmvUYb6w-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 92C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sat, 17 Jul 2021 02:12:53 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7310218954674835410&ex=appnexus.com
AN-X-Request-Uuid
3a36d9b7-13be-42b5-9021-4c027b387daf
Set-Cookie
uuid2=7310218954674835410; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 15-Oct-2021 02:12:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C0A2
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14867232644360973763
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14867232644360973763
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=14867232644360973763
set-cookie
tluid=14867232644360973763; Max-Age=7776000; Expires=Fri, 15 Oct 2021 02:12:54 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel;r=180517832;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=1;fpa=P0-1954981753-1626487973702;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=upi.c...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=180517832;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=1;fpa=P0-1954981753-1626487973702;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=upi.com;je=0;sr=1600x1200x24;dst=1;et=1626487973702;tzo=-120;ogl=site_name.UPI%2Cimage.%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-fb%252Epng
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1619393597;labels=edge.1%2Csid.16304;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=0;fpa=P0-1954981753-1626487973702;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1619393597;labels=edge.1%2Csid.16304;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=0;fpa=P0-1954981753-1626487973702;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=upi.com;je=0;sr=1600x1200x24;dst=1;et=1626487973704;tzo=-120;ogl=site_name.UPI%2Cimage.%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-fb%252Epng
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 41A5 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=dc719daa-4f84-8249-bd6c-61d8b5558512
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:53 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 41A5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=KypecC55WXcwe1xzeygVcCR-AXYwf15zLntJ-Ulg
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=KypecC55WXcwe1xzeygVcCR-AXYwf15zLntJ-Ulg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=KypecC55WXcwe1xzeygVcCR-AXYwf15zLntJ-Ulg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 41A5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5636919828085497005
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5636919828085497005
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5636919828085497005
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 41A5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=84a7e1d7-532e-39b3-7d62-e34fdd664ef2&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 41A5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YThjODMyMWQtOWE1OS02NzE3LTY4ODItYjlmNjE3ODQ4MDky
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 41A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTMaFPMhfEBTnZwPXvaryM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTMaFPMhfEBTnZwPXvaryM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTMaFPMhfEBTnZwPXvaryM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e366bfaf9fa41bcb0c5e940fd0a73e74b00681f27668dd0f422cb4b7589eef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"932 / 656 of 1000 / last-modified: 1626473478"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24150
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:53 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KR74Y0VS-1N-DHD9&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KR74Y0VS-1N-DHD9&gdpr=0
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:54 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4a1df86a-ba03-4da5-b27d-6b2207c87766
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KR74Y0VS-1N-DHD9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
container.html
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C81 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Jul 2021 02:12:53 GMT
expires
Sun, 17 Jul 2022 02:12:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CEC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Jul 2021 02:12:53 GMT
expires
Sun, 17 Jul 2022 02:12:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 53B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Jul 2021 02:12:53 GMT
expires
Sun, 17 Jul 2022 02:12:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Jul 2021 02:12:53 GMT
expires
Sun, 17 Jul 2022 02:12:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434913869424"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28061
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:54 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 9C81 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 22:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12646
x-xss-protection
0
server
cafe
etag
18353003104956614534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:56:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9C81 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 10:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 10:01:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 9C81 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
6317884472378718772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:04:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 9C81 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:02:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C81 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434926419779"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 9C81 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 01:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6221
x-xss-protection
0
server
cafe
etag
7452675974595557415
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 01:58:22 GMT
l
www.google.com/ads/measurement/ Frame 9C81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzc_OAtMTqyRn8u4wrOgiYB5ySp9cvOzzYa4_BloM8ScA40zmzADeqB7VW_C61b-6rR_FWsdkRdQQ_VkS5EItfIPWThg
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 7CEC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 22:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12646
x-xss-protection
0
server
cafe
etag
18353003104956614534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:56:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7CEC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 10:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 10:01:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 7CEC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
6317884472378718772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:04:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 7CEC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:02:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7CEC 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434926419779"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 7CEC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 01:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6221
x-xss-protection
0
server
cafe
etag
7452675974595557415
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 01:58:22 GMT
l
www.google.com/ads/measurement/ Frame 7CEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3u4kROTVD92y5-dsIuPaIocA7iEhXQDo5wGjbEG7W5tPSsRri5qf7LU92rntjidPkElWTM59Ha8FNbEZeU6GH3I-aEg
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 53B6 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 22:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12646
x-xss-protection
0
server
cafe
etag
18353003104956614534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:56:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 53B6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 10:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 10:01:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 53B6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
6317884472378718772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:04:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 53B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:02:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53B6 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434926419779"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 53B6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 01:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6221
x-xss-protection
0
server
cafe
etag
7452675974595557415
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 01:58:22 GMT
l
www.google.com/ads/measurement/ Frame 53B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKyC6B7I-iHE3F6Gd5p7rvVnx56zV41_1catlnZ3BFOJAnGRrWiScjJX7MmZSEc7wAOUqmJEx31wBLg3-gZSklYDOFLg
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame AC95 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 22:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12646
x-xss-protection
0
server
cafe
etag
18353003104956614534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:56:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AC95 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 10:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 10:01:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame AC95 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
6317884472378718772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:04:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame AC95 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 02:02:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC95 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434926419779"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:12:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame AC95 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 01:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6221
x-xss-protection
0
server
cafe
etag
7452675974595557415
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 01:58:22 GMT
l
www.google.com/ads/measurement/ Frame AC95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI99BsdIl-yT3Rd6KQyRgxM1YEDm6r3UfWAwYJ7lYFnK2QlDT4Q2dL1cryKAGfiAVNufynvfqS3Rl4Qek12munEKxm5A
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=14867232644360973763
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=14867232644360973763
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:54 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f1779226-2835-4cae-b024-b7241b37bc11
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=14867232644360973763
date
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vEUuyKy9zfjPjKx5VrvfFKwz6dq9W2wGQJ_-T_1h99BjqRKxZcZ-CIX4WGA5lo8UYbfL19Z73WC32Baf-SGuQEvOsfIhi7o=w195-h102-rj-pd-pc0x00e9e9e9
lh6.googleusercontent.com/proxy/ Frame 9C81 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/vEUuyKy9zfjPjKx5VrvfFKwz6dq9W2wGQJ_-T_1h99BjqRKxZcZ-CIX4WGA5lo8UYbfL19Z73WC32Baf-SGuQEvOsfIhi7o=w195-h102-rj-pd-pc0x00e9e9e9
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dccd3f570db173df33985621460bf3edbcc317103bafb2d2a918f8cce188ab62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6506
x-xss-protection
0
expires
Sun, 18 Jul 2021 02:12:54 GMT
15456460560498310049
s0.2mdn.net/simgad/ Frame 9C81 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15456460560498310049
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7b0cc1ed60c09bf209109c6006e008e5437bcabb2e801d22cbe54af4c925f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 06:36:57 GMT
x-content-type-options
nosniff
age
329757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25680
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 13:33:14 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 06:36:57 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9C81 		42 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9vrfbPRb9pxYyy56dtgCgSn0Mmlcyy-_QhhrmmEOB9NShCnxZsuv4Klr-DotV2apn5LuK_u3RKSTwo9cNnXVSciIlBUlh-CTQNevs6-Q6CI7MV7VanSogffdrOOe7byvuaaEZcT1yS3_RkXWQlqeXE_QJgw&dbm_d=AKAmf-B3q2I5VWv0P2cSfFh10vnoS7-0N4SKQ77A4EuvwOTIt3voO4AVYfHHhydmlAa_QU5L0COqWwLTjZKf4CovxLDgl0W-obpKpzHVwl0ojWpieg9Gnlud1ONHjONxyZTCrNda8vXr-jD48G6ekh4Ifc7JA6c2iGOGpsSTsbVR9frTy_cpB572TFeprZx4fuybhqHpvz9NlydKOBStHCTFt0ziQIHQv7rbsuMUzqrJJYS-5lzoOG_pPo9H_HKImdSA9CNZeZ4YtXAzE6ZV2zMobfhp-q5stnb7Ga3kRPa5hs5uuZhT7bAjciJB8jqliuKBHN92kwWs4IjFMgWljutvVaa7WZi8WMkrsWoEUarYSiSHhz2_t3TgroOLnwuiG8RcUmxDrryVm4umkFQt8-xaWTp_2jVQkRtWHLSG8IuBrgOXQyX_ZX-1-jENPTr-FTqlluVj0wqza2IFSZog1FC83WAqSbE93e2P_NHF_8UgbenlssrA1GCdxScFJUUGqr7LU2CJwdd6JBsH5bvjZXVV_kQ-pc1U7EHhr64r8mandD_UANEq0okaqmz2guovlKqw4ctdi-5Kd32a70KPITlt9iP0q42qXXXQ_HQ0ZBnemnIQhyhrBdIsIDk7JdIWzafFtvdu9YmMniy6ijAMmg6OMYVSXJclMAx6bcyjiDhqc3V2xlydjIiTEcvRc_ezOQ8MAq5YaUBX23eWhcQWeGuer2M0nC38JdjI9irkTKe5FSyl8lPsJv9L3EBgqPBrHC8mC1CN6HFJYQSmPCrIygAbscgffY3dIXhdFvrxu-lgOau1yxx0m16Yk_viHVij88WMYKhnFqzl6IxfcWsP78bPt5ptBguFscZX3-DgDeCrX4llalkiupf2LS88SkeD1psKdDbQEJ5IRas0LFhYOaoLrnaaWPVfUS2F083Oa7VkoGsFhAOy3oUbikWT-M-OI6xWKdowTrHeMYX6QDsFCJx6rS8xV_IB83dbSRgGMFlbCKfeo21ujEsy7dv04k_T1ceaUzHEOHTBncLUeP9FtCHbjndSlDKoOKVKYFVzMFwS_wDXPUJV_EIZ7gDKe0o7Qz1OCYgUWMKXxBALA5DKX8-mGw2THTH53tRk-TYkmpmjnytTWOhhpH5AEbWr6ZZi--MXpHt7sC5CyjTYjPgDkEdF9HVruySl7e3WIx6l-XXiwf6dXoUToHT-v4QYccWr43WmuhMIXYjHPH_OnoLP4L59cfATL5pjJ54C3HMUpzrBjUpzTQMoavV17IFAhgM8pD0RCPET6lAOhftZEaEcc22Jvm5Kc7-5Hfcl_KfyQbjAXXgAcMlt4NLwkc8W88Bmtqs-g2adTEwqdoFYeDaQl0wvYdqG7MuhTki_4SBq8t7Wew73y5YCoYeVzzLJ4MLkHOJr7QxBqSeWoswNbzvqNvXXvBhQh56x45oLIdakTQ8T81BqHuyAvcRbMtvXIcBBSNl_94rj2T764NH6WLtMIQufDOLoEgqxoPO2pqKhca_Q-X9SF75sg6XvOOPxvD6ma82Ixb0DNKbbdVRHhCmwur-fdV1hpwrtLHDzigrlioyAH37GPapO8UkbxZgBelIXKXhFG9CJyzKtoKN6X-vXSocfhBHMi6TVE8FU-arTgPF0HH-f8PKsQt_e-b87NSKY3e-1ice76JMkpF_DufKgR69hFu2ZK_wNXcrwRBGn077UdKgmO6z30gkRif1VwCfW9O1g-E2PYn8PDCmoTdrxDb6-7HoEd-1-od8_3QgDXpspY9Ih2qD0gQObA3R4L3HhpbAtvJvgTK7G393k03egHidaaP6HFt8Oq-WGBQnx28SJApqk0THB6kJVWk9UJvfDBgXqUk7n2XyIHvpD0JJbPQ8x_FEkf9Nd2z5rFq8WklnSrfar28KLWETCbK-947LWnK9AS8mycitmq_WK1lcs_oieHm9W0QZr4LgjcPjuDdwbc1BaRd1LV5fmSDA5e4WaMvE3zyKeP9dWqrgECbtx8ouc7-iAvNmYDMwTM8zPr96noiG0HdkTV1XX-tvdXna_2lHHOnrr3UAp_R6UPxGTEAr1fPcdiO1EFf7OlTSrdWrFkFIWEPAmctKt7NxwyRVqhbThYY2p7hf_zLFIaU3NKHcdqsu36ERfD1wWFovJH7Gsoq1HvRG1fXiAKStm0ztw-x36KVAvUldLOrwm8dRRCxPznaYNIw93_LP3O62tGZsh7rWmTAB7jeVLX9N-LDDleDOKZAiViyzhEt1kVd0xDXafQoXDaU_OPx_Rm9O9TTTUaSp-q7wRiWaluqhP9UBhFjknl80iOSVuyuI-b7ESNlGbNR8_VTfU3hP1CT5dZ3U28ZkqBlNcKn6j1XE0ydy0b2-8qjmbgnXJy5XHCRrX2GqWZNVpfAPR4Ugvu2Ktgpt0_y35MKFKmm8Ek16KanJ2lMckPAHT40K2pq7v-qqjR2Ukx-Yrh-CWlia6t8g2aMKdbV6d5vTJsIgYRunl6gFqQGRR4jDv1BEWS-f1-uP2wTsp4s8OBs2QqQBMFZpGr8TyF4E0rEb30OZNbBnhL005bjx49ZHUH1ifpLuubzHE9Sav7RK5H4h5SnwXRLD-1J8dLpaZATA8L7wI8kzvGiUNF3UvrbQxKfwgHMpJ_RSjbHpQZNxWJ00o4yQbIKJwaxfpGx2yFHz0pq8v7cmuSQIGQggIney0qxyB0rKZHIXChssxNNq-Ad73pfnxDrq7AXXWRv8IN14VMOdeQR1XbfvP6B-qJ9HaQAb3uA-1YWyQ40S_KYFN8QlAeZu0VIJb-CsRwALVqv1dOluWQ6_VX_HdGRuYyXJ_sFmGHfYiuqFGXd0auum3x3kDFeAieYpiPbHxdXkOqTeZojGmsAZ6Wswt19EmjBgLS20VtuRyQ8Qykwsio6H-KECKCshqJqi9kM_IjqKbVHQLuzkhAm2nE1JV-hMmgiQvKzklGIeIR4IfMAkGHOEFrAe5z-N4mcQ8cX3od9La-QfSp5yHYQCAWusLYXoYvSH-0KMGKcoIaR9H1A5isN8sCbmjDDKW_QuCGOR_PHbM6rWqckg5BEzq10gu05OZuiOGwtD6EfVJ9rCFOc4ZtuiJfQUvBQ&cid=CAASFeRoBX6STCRlXn4f9QrVEzvqQd1OAg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9C81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfpXUpTzyYND6IbSElQeZwY7gC_q58-Zjg4GY04QOj9-ivcABEAEg2Y35F2D1lc6B4ASgAYbQ2qsCyAEGqQIBjihFfT-yPqgDAcgDmwSqBNEBT9AmM9Mj3K8rZ4SpGj4bzIPV9qMgmyIT8kBR20NAPxmPiOMiQ2imSbjDfPezRVSI1xy8EgQw3u6hhoqNopy5ruLWFD6FeKmy06nAcZkM48SHJXyvJCNSQU6XPWfzITENOO0GtntuypI5tRP3YyV1HBcP6FAOG7vUybWIFoIFIP1TpqMpFsUvrLbtnqhynWXY1fAJRERXe69YVEcmbAmgIhq7pujr6yj5E8_T_D5uN48fgFGrqqBND0EWDpnK7JYb7CceYzDgiu_Jn3xFFzWs3D3ABNvzg77PA-AEA4gFqNXgtzKSBQYIAxABGAGSBQsIIhACGAFIvt6KAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH4q-l1AGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHChCDxTYYu7GwrQHSCAcIiGEQARgdgAoDyAsBsBOg3oAMyBPL56ndA9gTDdgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=T31EBQv3y8A&cid=CAQSPgCNIrLMK25gTs0GWt1ylwcYcYAjXuS5zUHt1x6DLemH0-q-hQJryrQaBla7LMlHkwGiNRKSOzsNpdxwgcsO&template_id=509&vt=10
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
15456460560498310049
s0.2mdn.net/simgad/ Frame 7CEC 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15456460560498310049
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7b0cc1ed60c09bf209109c6006e008e5437bcabb2e801d22cbe54af4c925f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 06:36:57 GMT
x-content-type-options
nosniff
age
329757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25680
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 13:33:14 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 06:36:57 GMT
vEUuyKy9zfjPjKx5VrvfFKwz6dq9W2wGQJ_-T_1h99BjqRKxZcZ-CIX4WGA5lo8UYbfL19Z73WC32Baf-SGuQEvOsfIhi7o=w400-h209-rj-pd-pc0x00e9e9e9
lh6.googleusercontent.com/proxy/ Frame 7CEC 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/vEUuyKy9zfjPjKx5VrvfFKwz6dq9W2wGQJ_-T_1h99BjqRKxZcZ-CIX4WGA5lo8UYbfL19Z73WC32Baf-SGuQEvOsfIhi7o=w400-h209-rj-pd-pc0x00e9e9e9
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a0fcc75ebbb4fd6caa03572ef7e53959d37629784087290ad99a6ca9bb6fff0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20310
x-xss-protection
0
expires
Sun, 18 Jul 2021 02:12:54 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7CEC 		42 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6ratRNayWchTvEGC1T4LMWY4EZ2Sa6USh_tp5tiJkAz6ay2QRIxYugjpRZ3cMeEKKa6AhryhB2XGzhGSPNpCbRXKLkuXo1lGJEnpwlsnzxAu9nR6L4K-7Nbw7dKJrclKFuvRJaZCa4tyUI00KPmuO_fVySQ&dbm_d=AKAmf-AgaZkwLUebXpOrGgdKHvfmltf2WzIqURc7l2XrIwWqCBv2b6bukTK2rghg6DhjOKjl32cvllYEJt-FeKzhYmOXli0F06PyMp4jZ3tSx9fRMUPrS7AHJLnznIEJTNzXcHQVLwbsyYHFWaL7hwDTQ6DLy-ltiLYeckELhnQTMItNWYxph6VlCEPo4ALVd_PY6MxX4qRd7ORpbTqh5tmVzk2-6hae12yxxO23Uk8vmbGf064VyCClIRSsY06K5jMqeb4zGr0bxGEbcxgfkPcwwu2O32Wy97AY5jw50VlHIEvRx6F9rhrmZOTeZYLwLOScGR23dvbTNSQEdVdsC33vszeISbGVG9KLE1zQaybsAQKhS6WXheQULfPkx4UrInPAh9FEhLmBXC4lijYWg6xVAhtmLI10SYHOHqdCjZWZ_0DgcNUPOPt0Q7GmqGNt_xyVJvorueeV_4b6mP2xiyrtTXP_UVcnXjm4CfN4fid4qb1nEDbU-KOg8cIjrDOKQnU1bku57E2nnzECMlFVCNfpGqwN1qppYsd2gm2E_fU_yq0qVXASEaV_vAK3X27fnSRzdXKBwIR6ZDoA8z4JBJpCBsiTRk-Q6wu_8LzJHN2F_CpejacQP97Zrgsf__QiEUSqGKbl135YtmxEkCJfuOqYdlEqlYJ0zaaLobOHQZpFU1tX3tD_vb1We0oKhsH5dWzvcqLkn4dbzb-hRnaRQxl9kuZjISGRl7WhwY7YbAwnt8fOoKSLJejJ7aXhDq27IRnJQxTIvrRajG8s1zmm2gC-hVlFhUDWQ0v8qiCtPDLafwsDB5XYkHfsQNRnhUsJrlWo3In4w4vH-Isix0RXezMLEH13qLIr4ePgwOapGAfMo45_xe3_2bW17PGGQXqTf4D-HBh0ufx9xxtuLUwO1H1o1lVljzkD0T2_yI9q5Fu3E8wIIbgDRoUPTlNRplLQQLScp85nF4fo71CxSrrzSAynIvrndXBR5Syl26Wad37QPOC_m1ippmR6SHydyhTRgE1WbGx9u1tGdgLkWZ9obmlae9kAzWSkK9w9yNj7NfNGrflbnFTYj_Z4zt6vXtoKAVLDTWFfOJ8hDuwXS9jiBhvz1ce-_3ngluWhRc3LMUZQiL87-B44OjqoI97oquRHGnYq2VH75ii3UrC9Wau-UMe-tQD8O_8NKpSL37TRA43HHwfA3drZpVqYafYZNaeKhI_8lDLQhGkXRAC-3B9RyTIun-TCk_TqFU6wX67YCIpdXJSYfhK4JkfFK-4ylJST66aezv8QqksszbBEMhMnuCRlpgJXIj4tp7TZJCWP8C1bnzTHjCTnKy_7OMnyFXc3w0UqeshRTm1h0WC5Bs8fJ8YSehmnokpZobjo-S0qda7rx-kxCbF9T1We24ia8GayVScsAjt7GCGyI0qLm4zAfcCGpcCPeC7GTxf7jPKNQQPCzxRS-9s94FUUt0edbUj9DZ2NJ7OkC7rZnf9mZ28E7I5BtYTcEXyDKdZM28VhH3a1ONEEuDmqcnNHwu-AAW5i9N9J6kLEO1o30aX8qG4y5C-7RgYuEYKwOxW1dZr99DVmILjKK6zdVq3878jSvQoF0PfqBCcvEzV4BL70j4p3lPSpEWfyW2egLO_3dm4OiNcBPLpo30jhTcrkGwcsFJ1a2fesWIQjOffyh4M56Fh83DtWOik2xrlcxJJ37J-3akMTF015mgRDhHM1MpeCRBHitioVKA4CUvNAExTNmq0uRjzkQl--g4bLhi2SdrcOUzklEXz7iZSbywgEmoVQZXCer-n6e-XrlgL5quQr3nfwUDpKh9yciExnRweEmBOa_-0O16MJjBybui0ahSJTUaErZTG-8Sfv6wtuGef0oYFA6mlTD75oBrnY6gbOkFtrJzGO6pno50h9JoLWHx1rqvOwaI7yYA_h_oNqzp7LNnuzyeif-8EYPftyFGCyCAQLMQPCmmqV-L8tKxiUgKc_vuyBlh5w5lu9h_czOISUv9kvG6Ff-IzOxGsKHJZrcXww6VuZmI_WMJcaXA74qzJ-I5igzwL-MBZnV7vtzrP_qw2hDT3-kDNJP_7BWTsu1zj3Gw5VaNVHItCQMxcueS9PFj1lBCRIPTxwZ1FLcuWLudns-7IBD2hT9cj4V02K6KhHUE6AktRlh5MrwLvPWDE1PmQHc_g2Natp3UQV4Be_QJcqmsIombKYktJb-U8pUjCRpZfcvLG3it9S2jHb3XdPv-TSufIHfE2pa4WpWOPJ7pXZ6jb0izV28Tfp49yQymW-BGKisOFZoF1hdl40ItdUF0Yj411_E5FxyvnstMCWS4xkcO_Wn8UqBie4tvPujnWVutE_Wm9JjVUIqBEY2HJDf5dPzfnqj4H12R5fnqS6ouMl7s9KjTrz74HdVZsXj4WuW4Th4jc23Wzpfi1K9e26Rz12qaLCoAAYt69Jsk8OI8i14p_9jZYRcz05XrQgr4xKUNbxVS13BhmN-HYtz5-bo3hSBfgMFK8HFo7NqGargm2G9vmPOzG_3cbB272vUWC80oEeB2tjl0rieF4sSskY7FtjmgDCbBgadIFAMnex9cuTiUz9vjHtC__AltNmERZwgXR71NyzW-hTBjPM5ffrEc0zq41HVRbKD4q8fyql-g1b41CpcCYWku--5d829UjY6-k_3Uyao6EdOdx7juDsApFE8XbmycC7_sxk2msuBQ75W29N8sxg3cDiiTWZNLdtxNZp8rewVBV_CyjETr1cLw_fX16vrnzkx5VS9y8sfi7RC6s62za9P2wN5sS10aWiP07PqgxJybLay81cn6DmtbmjdJoYF3QJorYpJH-DhRLcv32BBU29g7AnzfBBX_2NNPfr2aUkI7cDWJKvuRkN8aIyqOqm65BqqYW4NPnvMW01d52Mm1gphb6Nv9RErOsW8uGsdwMe6_fUy49LXafoySAnRbSNph9GJlKsfIuOfVTe6PlphNhAMlnFP_Td17_S06QTY6whE2m5DVT2LWCQh1Ik0QbuPcr7Mip_T6JuWDZLSwAcRIrjhghpHkY5sZA7idTGBIAJWqG4O4s0sbCpnJCbWcXwTwZHH1RZYxWW1iOdQ3sY0LLmZoP-yQaV4MGYAM4kt3kNZfYT_ET6M2ikHYoL3CEXeiEIiFTd&cid=CAASFeRoyPPQDoMXJycp3KwXILqdiESvZw
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7CEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMfqOpTzyYNz8IbSElQeZwY7gC_q58-Zjg4GY04QOj9-ivcABEAEg2Y35F2D1lc6B4ASgAYbQ2qsCyAEGqQIBjihFfT-yPqgDAcgDmwSqBNgBT9BT-QQSpMzrHJw_Y7m4YP2nH40Qr_Q4gnICaOF41IPPS0YCKyD9UA4t2a-lf93OathTV8m5i5wj1aXANboF6WNren5O2XX7Y-tVXWSLy8sR9dzQKQfNZAL0VK3YzlmiNe2t87CchvfgdcWA59PdgWgFIf6ZK8c_kXNuck1LChxh6hCQIPXYOnMe9omp9LmsZPBfxtxcENgXf4f_Ztiea0sBJyQHDQ7LwVwDSL_MVGVFVJ2Fbxx08lE1hiX2dRnl-glRFifPGyt7v9mcD-qYcQ_gAfC3dQUWwATb84O-zwPgBAOIBajV4LcykgUGCAMQARgBkgULCCIQAhgBSL7eigGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB-KvpdQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwHyBwoQqJM2GLuxsK0B0ggHCIhhEAEYHYAKA8gLAbAToN6ADMgTy-ep3QPYEw3YFAHQFQGAFwGyFxoKGAgAEhRwdWItMjI3MzIwNDA3NjUzMjU1NA&sigh=gwGDGJoxung&cid=CAQSPgCNIrLMK25gTs0GWt1ylwcYcYAjXuS5zUHt1x6DLemH0-q-hQJryrQaBla7LMlHkwGiNRKSOzsNpdxwgcsO&template_id=509&vt=10
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bfD0lyhZv3xZItXkKZMeJ2dXx69Dg5x9hw8hdRx2_99AS60_ClbRpowqZ9G6YdipSrLywj5_peSFVNRiL_tqsi01YpjLTgVk=w400-h209-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 53B6 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/bfD0lyhZv3xZItXkKZMeJ2dXx69Dg5x9hw8hdRx2_99AS60_ClbRpowqZ9G6YdipSrLywj5_peSFVNRiL_tqsi01YpjLTgVk=w400-h209-rj-pd-pc0x00e9e9e9
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7bd4ebb3186d9264227d5eeafa880f2c243e8035b0dba03d0a990431e81e7133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47599
x-xss-protection
0
expires
Sun, 18 Jul 2021 02:12:54 GMT
11197846874590778021
s0.2mdn.net/simgad/ Frame 53B6 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11197846874590778021
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
318b8dfa1ea500dc3c786a253d60063590afe029fb90b84c703b0f903917f223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 03:11:05 GMT
x-content-type-options
nosniff
age
342109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207998
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 22:55:17 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 03:11:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 53B6 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtYoDaxBaq4i0aGjdWYFv1IGlYyVTiJTAMQIT_GzCmfXuUSLO395eFWHFUZl7CpxjHS2tWYGHXTCWa4V3xrYyg-HA4WQ44YP2d3uKpX0Bks9ktWL6o4J8ZGWjBo4peKZhgO57Olz4jyqRtz4AWSR1IHrZbcg&dbm_d=AKAmf-A5WfMwxDmIEc_iWSFBuny94TwZpjzMHdJOzCfgeGpiMMMXkhUKtuEn92ucobX4jiKoz7FYPrA0IokwjGPnNqyz-Z5EnP0YYwbCkwbKW1laG1Otomm-QxuACKu73fyJggAlfDMp0xOST2kuasJOtGteMSGSbRN2ko_qGj3Wi5_-zhmyUjcaVmOSVefcYUiydUtOLXjthXKlaYCbb5w0TvKZrMjJQd57rFcF-GrgorekW9W01JrAczGIodrKQjr6lXSwlaEY-bc3HU_-QkcxRblzUp29wOKHK7L3qiExberx2NYpLMzOpm-AvGkdN1lFTBrXsDfjYOHQTntjR9kDCe9NJCni8oj399bDceDvXasach-x5ieIuVfQNjeak06R5npUCPKPMvCLVW_95mx7P4YcIMePANKw0UM0uji2SbxcmrXu80QhKVwsIKvfQOurayH1GcjhxnSucKUZT1263pGD4YxkNN2EGy1UwtcFtWqQf_CFUCAsc321ho6owTyFAU0Vmuv-CaOC0K3YXfdbi-YZqIgJdtAWr_VNqg3UunjKLhADJwc9m07g1iHEIHqUL6ZLUqmpv18zMtKv6AiGN2jkAp2hcfCYTWmZv7C1ku3a1jqLkCl7sLFiFGAApu3xsYN2susALYgGY-osA5PChV76GnhnLCi8cgFdOosQdxA6-eCVtCEWSpUP3xKf0QlPNwK3ZR9piJ2ovdC67KBfnVCPVyM72fBelfKPeErvpLeJnPjBOsM4Ut8jU6FuV8aayTUjyATexcydWcMB_8PxP0NcD85MVQY2LxQEMVCFmzN6DnTZAHC81pUIfbBvsJqGLlbR-HnX4pTqHCmyEFCJbRtSQMt_Sl7C6pkFUlAvm5OzOzdC16Wg-gWbllr6Zxp3dMIV7HiWpmBOC9OOWNr64lzNZRTbKzUGOF7p7wkb-0L4UrkfOKgPJZSdHehyJv6QArMKZv5racJxkbooclYOT053ZWJ6GcJSbOM5mdbLynkDRzKcfnV2OhOYPx1-oAu9E60yJ6lG47vfSdZuNz-QQHyP74Ifvw8A7ziFFGpFyO-TKH2IaDjuWWluwDfBc6mHpTN2gBZS70WCj3k6HSlgq-VjqMhWmOtg6F2iCRXm8DXH9HJwQ7txIXnZ87HyrIXnACAGgT3dKfNpjeGyyeyTv4Vrb-ZlNRjZenHnI8nIxaexYFQtf_bWMDrVwE7oRbneezXZD8-01tmPhinra9ei5ivcUtLZdfw551ChPhmqXPP0iRBuyBd6tjXMEQQ-rOcUU_20-iFRIvHRy9hktP1l1QSUcZjXvXVoxHDqoWgY0WZ987qjg106CbS3-GAINDEuhSdr_2lAsGHB08avJQDhdfpBe-7ThBrHklAtp-cl42IipdYQ5fryMO2YnIn49l_JI8HynUBNnkftUzaC_OHsSvODQ50RD76n_bmtmzqVhFbCU9YGwx3iEiBto-KQpW4HVROymKOv8rQckTkuDMJVYy18oVZQyFfpDm3WyfmZPyWdpziqqpAjAkha-yh-jdr20f40VXJxsna4fqiX4i5e5TWzY39Lq53WRnzxhVUQ4g2bSzssogdcN20YiaM3_mkCk-eEgYEnacJ8R71YdQCFUwdS2TR3yzsmOzFV6JQKTOrS40xxWiYZx917dVTlyWs5O7LkurK62KeJuGEuZ5oda1LBw6Y6kf8CflAjZxayZOksgJCoiItTi_1ZMZkRvXH1u5V2EVIH7rRJJjv_mPy3EhlESerVfXT42zASxV2DwL3QTAfAei0qXj9w8UCJfAo7d7Tg_L3HuhbVSF5qODeI7DRSmiRSYM4rDb2ugcXLLG1jvFqML7riA4B1KOdp31SreFTgbUE5Rq38ojvzAGFGUM9hyZqjhAoKhbyMfENpm6E0f_do_pGogvvmyIlvTOm0MgjYBgA73vAkbC8TClLNg45WV48dHsG9jK2_fK9vudAr1ETkrtyp4ATmKMA8CwtFbXO1E_V784CvYwyaio0u6F9rZLH_d0ispr3ir9XTi8X4rN93B0fQnioS6jXAaoLVBrEkRYADWHuaDa9VjOmeMcT1NtRFgpPcZiJ2QvG58qv-kKNLkZZCRkqsRqed-aoRykrciEqLlBMFl2vkpO7RUlAYLKaYqc5q9d4RRNHPEkPuCq5c_XvpYzI5DDta0shHL8qzKj0nmuS_morLBXZnyrQyJHjFnDVEb0UpsrFuit8KkC6kg-kkN73vUDQPT0KznC0wrTCJHstXqm8JNBMdcOYitMEnrJGmpRazQPWCD0_9KUqEwvd-2Zst0ZqTuqVLpUAWPW1HzypBzA6GFht997fgk5jDjnyEBj2zIMSksOnNMDPmVcJyJdN9tIYV6LIqL2ccO1GS2MhXbnZP_FpY34K6Jah-gyAxSedanMacA3m4Jd8kv-SgL2-pYaxDGAMxGcb_UZF0lYVKEoi5OywfpR3pWslSjb55UfOcPfY05jqD0u1BkWTuwjpykivt45RK4DhvzftrkExCnUAmYAWITccT_lFLFY_MAAADeCjQOYE6jMr3lMO_HAAxaxkICtp2vGEgMRCTblZFdqNejeSesiIG-CUfI9nxEWOZGZcjuujYaclu192Tanbvzgi0S7Lhq5-p2G5C_zBkPHy2W2fp1reNvRoqUGNBeOD0E92Qsm4Dkyhb7qYP_TKgspt8vEyrhZxvutunNzzDWRhh8gf_SjedCtLT3E1sdZNlF1HHlPpPwMtMouBNoCbYfU_tJScCEozwSsAFT99yBUrywANAMPnxAEIac3QintLSAsuYZkNhPsbG7wf_yyu7z57_ZE0f3_c7EYtCAJvI10m9Yz-VrddtjLrEZVYR9zncuIlrDdE6yeHywG7_Cfnr7eFSQbdp7MKYfgalluIbN4LWo-XqtX6yc_xUGsCxwiL-wzBlf2JT5WD_r8HcnO03A-BHbe-pGQBQOFZObgUH5Eo66-TctXDNvazAxokhkV-TGF4V9XZAm8SdUHdvUn6bG4a0seN933zyDq-wbna0_Weqq-a33xalAeXTgJWV1L_6U7rtzW2FDlJ3sWWTLALs6LRG32KpFkdtqOJA29Lum0kg2LUc2UgDGioxyRsPIodQjtVh_q7yR6hnZkk&cid=CAASFeRompRXkKp5oApUgtYGiU92kMUuAg
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 53B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CG5ERpTzyYNP9IbSElQeZwY7gC4CHscdj3-2f6dQOv7vBuMEJEAEg2Y35F2D1lc6B4ASgAcXmqNoCyAEGqQIBjihFfT-yPqgDAcgDmwSqBNQBT9DWBYyeujgp0jlDssBx9itklHJx-cu0aUCweVh5G6dBXC0_p03bpbHk3ebyajaDodA9IXVZjmp8R5Rr1h3L6_TSvHyrtacDEugIYnNg8OZO0dHYHdcTnF6AVqxgNbuIJfugskFdsvSwiN53ZBAh_fxNOvGyo0KDp1q677WlTCRAxOu7akZ3OW5CmuVaW0Lr62BdjzNZuKj_4fOR8SrhKPO3GF_-r3qGiKNfBffxEcLbv2dV7sLyjKRrD_yjFZgee9AkVbdvGUYoLZsgLeact_ah1DXABO2wkubIA-AEA4gFgcmYkDOSBQYIAxAFGAGSBQYIGxACGAGSBQsIIhADGAFI25yLAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHo5nXpQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHChDpqDMYndyNrwHSCAcIiGEQARgdgAoDyAsBsBPnqYkMyBOuzMHdA9ATANgTDYgUAdgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=cb_MEaF51yE&cid=CAQSPgCNIrLMK25gTs0GWt1ylwcYcYAjXuS5zUHt1x6DLemH0-q-hQJryrQaBla7LMlHkwGiNRKSOzsNpdxwgcsO&template_id=509&vt=10
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame DD48 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Jul 2021 01:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9C81 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c94d59648a7e37a0667c90fd731634488a1c3645a58dc994a801f37ac008c7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
3qfN9_N98x6MdhcZj2k-yMPNo1nHBIVzIuB9rAs3aFkseLPAcWXqudq4nyB0Y_pG4s7n-GEZvs8OXFY2eZTVR0IEDvn1894D=w300-h300-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame AC95 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/3qfN9_N98x6MdhcZj2k-yMPNo1nHBIVzIuB9rAs3aFkseLPAcWXqudq4nyB0Y_pG4s7n-GEZvs8OXFY2eZTVR0IEDvn1894D=w300-h300-rj-pd-pc0x00e9e9e9
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
477b2706328e999434403b37e511b6d2086ae24baceab75c41b5b57f29bc854d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38388
x-xss-protection
0
expires
Sun, 18 Jul 2021 02:12:54 GMT
181138698061188953
s0.2mdn.net/simgad/ Frame AC95 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/181138698061188953
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
318b8dfa1ea500dc3c786a253d60063590afe029fb90b84c703b0f903917f223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 06:11:00 GMT
x-content-type-options
nosniff
age
331314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207998
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 22:55:22 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 06:11:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AC95 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv-yxPDvImuuikJvqXrFrcRt71LxwLVXQg6pkENWBEFQ0etMADCuSiW4_ekoJnCx8Z0WiXVzMqqopQjoNG8Ov-x529g0-yOG54IgKnmgd6sF-ycrlQIhzrcuJAGM18YR9pttb2QLHKLfgkDINAsDc0Ta84FA&dbm_d=AKAmf-B_EqsGdbV3sJhk-MWsoXquOUqEC7UglYMBRyGygPtxDAHB7JnysuNkR40pORsIAwziEsllUGglYuBW_idyNFwu7IbjZDlbP5jZtS_OEN9CjsPq9B3TOwCXlKkggeRxnBTmaIruilr0gi6nfPScS7JGuhCB31NfaJ9pXTFmboFVPaJUXtHASRJHH6bpul0aWYYq2z_qgQCgrcfwrX2F1qfIT31RWgYNtXu2sgYDbnAgyExFRalhhw3m1mpuQD5TlaqR-a0GI1Fg5B0FiZZr4FYIduFSVNIiPHjCd-nKAknei02pns-vvYhhlDnTwVoCT9P0HWNpSGAgEiVQHVPt7I66XTFsqpiQjKme5H3NfKcHMYZKUVdsbmoOrXeJnJub9tY1AvjQN4wTGfK09WStmPg2s8mmpjXb6k8XohuOOtsaRrlGn9XIE6sQNHG-Ylw0GMTCniFhHK0OCiWNrxaFhiqe5N21pmNoFgQgSEda4WVmRyYYOHFlEYm2jymcFBvh0pmaLNMO8Cd7erwLPShR93xtT4_5cHLGmycIwU8rgVlCBSItPh5E0X-xXS1kF4KfpxbCnUk9OO4fd0R0jatc-J8hn8re1Tu1ziF7uje3di8x9QgtADjVQviQNUykEbBu_uerX1lXKSoQ1c-BAJmZYfRathLhn_wHaKlWAA4D4Lcia6YFNgWnQikBhol0AjxrttMAyIjJFsyyztesZP9GSsOsqHlH3Y_VaUuasVy4yg4GABQ2DB0YsEcRUyxRUBRsMyPcuzinVariuXP0RE8bXYnhes3F7n4Z1MmGCeZWGbu7vjFMf4RcEtFw3j4ei-Es5ysbAxfiXyt8gmlbypLBORtrUGNpeBkfLtzLPmxWppAwm7BehNvbxMGIuebQlYlF--cmfOHrMAcePvHnmdvYgqTAGPHDBCG8tM1zTbYdGFv9rcxvn5S954tV6bgloZ--m0ScU5PGgXQq9E97ojUXj546OicZFqCyNOOj0g4fq29zEwsejBeTR9Y2MspHXTZWRYhLHKP-8SPTqUWgcs2XXY9gRfe1SlFqnQghx5slI87ZDKD2k8CYpxUMHW3VkGpyY8mLhX66HitpGIwY65d4OmcB8UrMT7d56DIRLJ-OiNeLSMnEBk3i8bceZAB5KhsjxHiRV1-JAjaCsr3IkPagqIzZY7dY1S8EHETWjGGzjr2K6UAnFQa3jtAjmWMkthl32ji-s8Xk4jGnE0FoeJoGwhsIrELkGTGDHWlFVgtqJ5UBQp97N0VNSlbzyj2R2rm3LYQ-vy1cQDY3_xDkX6547gKtKYe06eBzbdlXEORqaf05waCxime1LYhBKdoW6g3OAFZMdVQeoYfPWKtQbripmRoLtMLrHzd_eSN7RTk7ysognwT0hT9nHKm9oJcYUfEVBMPfPcLmidhYLRk7di81TReEtn5vAlkdLBHNOQ1gAkVNUhyxQVpLAieUzStep6fC6Hub5pnS3FBcbgPbXVOtKjARd1-ZrHD5lz8RDCI33c4t1s2nd6ZpnauUmcIqkBsx8asv8jxEhr8mXZhQTaVbtN7z_c-Aw9l8iJ5NCO_8XqnjiS-N6lXTk5gtS733Y24Xj9IoUHt0sh_3fL5WVGV8x6iuB24wvd6hE86xQVNdymWR18hDjOyQyYaZC9NlqTBA87zRL5mEwo-P7WxoM3IAB_0yixzwslYb_-_MTdMB8IsB54ofl3EZHvvxLboFntuOWJxnuYdLjehrOqsYs_hn2jrDd-ULx1ojF4HRsKUyToD3HObUI5dIjpUmYO3VGITHwQWqVg8X-Oo09UdeKdXi8njZrBiMitVcw2Hc4apz3Gl2OhGl61IaQVvZkTLBxEjtzbGGW4chRSdVV_rwPNmH4di9BG6KtTIW7IlQd8t37uVyrjCKmIyHzd3wQg4afRNNCHF3FRK2hn5XihHc1OUEOPZ3kyFsIAcdNphmzLpzBYp-7h6t7t417az2wqerEayCrulQcj3Op0ROnnhqM25vcTjrrRmpg-LinHaSpQPngb9oZ9nnsFfz3YquRkUCgAOQSmZme-Jr6bndiOzRu493kDPjE7xNYLN6YR3nuT3zHopteuXAUn1JPiVxwxoggUBsw-wa3XXydShxX72iHtPjUsaS-obmIbbHs4TaP1iFJW5hTTvDfyreSep4_b7EeVFSaUWLLE0U91ly3nkebX5MeoRanNkvmV2tV0MqsZVC40I0eJyU8MtlvnqvYFY_mP5LO78xVOWQ8X8l3T-iHlH1znjG4l45mopC7EWrqtV6aZ30nAQsxw7glsUW7j9U2HWgGhV67TjJYgXsJxIRVSiCQKMpF6409FSfsddIrHmV4PH0Po5tZM6F-3-6kaELs4wRyh7pRAv2HrtO7SjvFzalqPv3WmkpklogG6ASfrQ4d0p7nIeqvYEAOafcLaMsGv6ob6bjsZf4HVXJjKP0V-OR6F2PS3FtLq2E2xtfTWRUowROIqGnWNIPkunD9fWeB3afHypaefsVSWxy4aNHiGyWhe_OmgjtMSwzBkwjNvheIGM25WHoU0BQalaAWDxhhaMrqThWxzoL_fYote7VR0k_Xu3kpasudGWliwYimhS5zCoFBnD148fX6efWku4AFeEA6cvLrn3rA_j_zTzj-NPlShDMZ-QjL3l0vK9azlKcEiN910l4-up0iCOMe3PfDS_AazwV57D04s9DvuCP9EwHBvH58jc8aaY_ipROKNKyZVJW4CEmWzJ3_RIqGH9ZlfL8cWtgJD-58-NuqhRS0H7GMYHGNOFDHNA7XWIJubskq2f3qNNMoQncAJArO4XDWcC7PG3gWZS8AafduO9hxtXcfNbf3U7Can6zQA_VHSR5dgyi7nb2HibfGEiS31giHHZFLucPIpBllWPvSnEjO2jT68Ui8KQTN3GGGtdnrrMYg2k7q-sUAvL5yFij_15YAqwjRNnR51KqVDU30lWIEOV156svLSL0q_85LHuGlaFElXxK3RtLs9mCUS1TfdjGDMZZzgq3QLCnPz3dU0agAY7c1_dVOCluNqMLUPbUSXYV7faduohY7gEXDcByATodfozZuFr48fiCREgQqXMHTwovgXf202QPAs8XsdyA8OjMlpc1Qu65ICM&cid=CAASFeRoUSJHgAPkGohyILAMw-J1WY3h2A
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AC95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtldfpTzyYNT-IbSElQeZwY7gC4CHscdj_-6f6dQOv7vBuMEJEAEg2Y35F2D1lc6B4ASgAcXmqNoCyAEGqQIBjihFfT-yPqgDAcgDmwSqBNQBT9AM4aG0RysfhmcOAO-pbplIUXFOkLe85J86cBxu1VBfDBvytka7Zdj6MKYXe16PtXmL7D4r0Tge4eZKCDeVcWEcV3JocWU1teThRaHRhMuH9s0ZPAQVHipj-KjqU38jsw8jkqicAVo9gjUlkd6546q7Gomviku8zVvn-vd797tWth-coOkImQ1MGDbO7Bij-v0hy13936K89LES90YsVnB48jcMZUxaJGXVBEM2Y8X9s-rid9UfvCs2Ah6rlsj8_7ixh4OTK1D0s6kd3MLZ6H7HhaLABO2wkubIA-AEA4gFgcmYkDOSBQYIAxAFGAGSBQYIGxACGAGSBQsIIhADGAFI25yLAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHo5nXpQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHChDg_SkYo5uMrwHSCAcIiGEQARgdgAoDyAsBsBPnqYkMyBOuzMHdA9ATANgTDYgUAdgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=W9diN_trHU8&cid=CAQSPgCNIrLMK25gTs0GWt1ylwcYcYAjXuS5zUHt1x6DLemH0-q-hQJryrQaBla7LMlHkwGiNRKSOzsNpdxwgcsO&template_id=509&vt=10
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame D457 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Jul 2021 01:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7CEC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f484934e48c55494a3a9e55bd3c20a2c226f40b82f639b4da64c3fe235002239

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame A0D3 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Jul 2021 01:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 53B6 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f0e39fbc9eed2cdedec70db46faae08413084683af3fbe2eae6335ce6ee9ae1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 45E7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Jul 2021 01:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame AC95 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7b079e9f6f3455fc17d1528d58bd9ae2a168390cdefc91424bc2bec33a922cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=6c008aa6-e845-45c5-8a19-30026a89570e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=6c008aa6-e845-45c5-8a19-30026a89570e
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:54 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9f9975b6-952b-49bf-b7ea-38ce56155ce8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=6c008aa6-e845-45c5-8a19-30026a89570e
date
Sat, 17 Jul 2021 02:12:54 GMT
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD48
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Jul-2021 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame D457
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Jul-2021 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame A0D3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Jul-2021 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 45E7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
URL: https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUls8_zEdQm-ti2pN249LngmEHnAhEjnzPNG5bTsw6VvPsPa3PRg8BOXEzFDHk0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Jul-2021 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Jul 2021 02:12:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Jul 2021 02:12:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img.fetch
udmserve.net/udm/ Frame C9BA 		0
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1626487973269_403894_185.156.175.109;mid=43264;zzz=1;version=v2.7.8-confiant;cb=0.2811363064145902;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1626487973269_403894_185.156.175.109
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:54 GMT
Expires
-1d
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
0
Content-Type
application/x-javascript
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 16:13:59 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
age
295136
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
15804
x-amz-cf-id
tnSwMjGkjdtMuXSP9hZRbssVrqd7EqBAuRP9kiG0ygjx3RlQzsvKnA==
usync.js
eus.rubiconproject.com/ Frame DD04 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2b49cb2c821bc17897cf88be60373b50b5c85ee9b14fa39dc0254f26090286b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:12:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32444
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9356
Expires
Sat, 17 Jul 2021 11:13:38 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EAEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8paPz_8gKevC8S4Co8gAABJ8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJCsccwNOb7Xyza9qKN85l8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJCsccwNOb7Xyza9qKN85l8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJCsccwNOb7Xyza9qKN85l8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EAEB 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8paPz_8gKevC8S4Co8gAABJ8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SYKHSX8A990G5TTZYTMY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EAEB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8paPz-8gKevC8S4Co8gAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YPI8paPz-8gKevC8S4Co8gAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL61CzXEOn75qJBDjsWnunE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL61CzXEOn75qJBDjsWnunE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL61CzXEOn75qJBDjsWnunE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EAEB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YPI8paPz-8gKevC8S4Co8gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame EAEB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YPI8pwAC8tHmCwA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPI8pwAC8tHmCwA4&_test=YPI8pwAC8tHmCwA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPI8pwAC8tHmCwA4&_test=YPI8pwAC8tHmCwA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1626487975.452393,VS0,VE0
x-served-by
cache-fra19125-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPI8pwAC8tHmCwA4&_test=YPI8pwAC8tHmCwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame EAEB
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=db2cad8a-8e9a-45d8-9fec-a0c2aaad4646&expiration=1658023976
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=db2cad8a-8e9a-45d8-9fec-a0c2aaad4646&expiration=1658023976
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=db2cad8a-8e9a-45d8-9fec-a0c2aaad4646&expiration=1658023976
date
Sat, 17 Jul 2021 02:12:56 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EAEB
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60f23ca82596d&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60f23ca82596d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60f23ca82596d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:56 GMT

Redirect headers

date
Sat, 17 Jul 2021 02:12:56 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60f23ca82596d
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EAEB 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YPI8paPz_8gKevC8S4Co8gAABJ8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame A735
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-231-210.compute-1.amazonaws.com
Software
/
Resource Hash
80338ab54b9f8338eebd0843e497a527628ffe97e9520ace739a9a2bb91bf68c

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=736e3195-febc-41d6-b6ee-6c7db58725e5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 17 Jul 2021 02:12:56 GMT
pragma
no-cache

Redirect headers

date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=736e3195-febc-41d6-b6ee-6c7db58725e5; Path=/; Domain=eqads.com; Expires=Sun, 17 Oct 2021 02:12:56 GMT; Secure; SameSite=None
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 17 Jul 2021 02:12:55 GMT
Content-Length
20
Content-Type
application/json
khaos.jpg
token.rubiconproject.com/ Frame DD04 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DD04
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KR74Y1U8-1Z-CIIF&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KR74Y1U8-1Z-CIIF&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:55 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KR74Y1U8-1Z-CIIF&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DD04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRDFjss2-_r3lIs1T8ep-A&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRDFjss2-_r3lIs1T8ep-A&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRDFjss2-_r3lIs1T8ep-A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame DD04
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KR74Y1U8-1Z-CIIF&sigv=1&esig=2~4cbbaa67911daef7c09787ad11a92501d61d2f91
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KR74Y1U8-1Z-CIIF&sigv=1&esig=2~4cbbaa67911daef7c09787ad11a92501d61d2f91
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:55 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KR74Y1U8-1Z-CIIF&sigv=1&esig=2~4cbbaa67911daef7c09787ad11a92501d61d2f91
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DD04
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8fjnbT74YbNZ-MUjKfKBpsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4967994315958275909
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4967994315958275909
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Sat, 17 Jul 2021 02:12:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4967994315958275909
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DD04
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdkZmFjNjExOWNkYTM0ODY5MGE0ZDdiYTdmMDRlM2U5Y2YwYzQ0Nw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdkZmFjNjExOWNkYTM0ODY5MGE0ZDdiYTdmMDRlM2U5Y2YwYzQ0Nw
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdkZmFjNjExOWNkYTM0ODY5MGE0ZDdiYTdmMDRlM2U5Y2YwYzQ0Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DD04
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1I3NFkxVTgtMVotQ0lJRg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1I3NFkxVTgtMVotQ0lJRg==
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1I3NFkxVTgtMVotQ0lJRg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DD04
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPI8pwAC8tHmCwA4
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPI8pwAC8tHmCwA4
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1626487976.501052,VS0,VE0
x-served-by
cache-fra19125-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YPI8pwAC8tHmCwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame DD04
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Sat, 17 Jul 2021 02:12:45 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:44 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame DD04 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_pm-db5_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9C81 		42 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubcC2jAV_rQ_j5tqrd4CC5EDe6-gatGR-4QthJ807jB2fFtr4EUWiTe_rk22PGBHB-GDtLphox6BflOiyJYnyz52U0cD6qk2haEIteRFWdZem8IQKLox2Llt8&sai=AMfl-YSMmE_pz_QYXVPjd3S3FUEFIpcm_pHcjs2JB4W-V_0sjFXju_MRkhzMWqSK1fNYyhSgBIggcJbjUQjpQlofUpCSP4b4hE--gKbIcgCz5Rn9YuWSjSu3Kf1RpnEPG4U&sig=Cg0ArKJSzIolPBd5wOB6EAE&cid=CAASFeRoBX6STCRlXn4f9QrVEzvqQd1OAg&id=lidar2&mcvt=1000&p=164,437,209,1165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=2786708225&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626487974114&dlt=10&rpt=407&isd=0&msd=0&r=v
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7CEC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrU3r27WZ9OaJhGy_9yMbiH7TvHndOPGP88XDgsBqzRgVv5s-BN7QmPm-Tcsru8sYYsRNF5aSsPjcim_f9aR6tJ_6NrMc3_VSJ_mTGvqg5SH1Mv57csenOYsw&sai=AMfl-YR0y6FQUHIjh2_J_jCPnk7NdF9ULUTOfK5B1vp3ONSV6MkyXiBnoifzGX4Wgq2nKNBJmlzxXMOBigI4uvj5hCcXDwn_5RJpK8g8WNJ4NEPmHpSA5ZbMwVBJnI87LnU&sig=Cg0ArKJSzApxzpKLsfNhEAE&cid=CAASFeRoyPPQDoMXJycp3KwXILqdiESvZw&id=lidar2&mcvt=1003&p=794,1053,1007,1353&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=4285528634&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626487974117&dlt=14&rpt=437&isd=0&msd=0&r=v
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A735 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=736e3195-febc-41d6-b6ee-6c7db58725e5&expiration=1634436776
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:12:56 GMT
img.fetch
udmserve.net/udm/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=6;cb=28e89a2a83254a4;refresh=2;
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
f1bbff6aba9bcdd7f019892952b9df69d7e7e8e28d60d1f9d5dbcc7aaba0ac08

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
Content-Encoding
gzip
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Content-Length
949
Expires
0
pd
eu-u.openx.net/w/1.0/ Frame 97D4
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
668 B
717 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
2e7d9964855bb30258718bf1242d56811f2e53784d7ec82e94342ccbc0411599

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e78bcb23-4e66-0b8c-3326-6c44c2797d30|1626487976
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e78bcb23-4e66-0b8c-3326-6c44c2797d30|1626487976; Version=1; Expires=Sun, 17-Jul-2022 02:12:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626487976|gekin0vNiygu; Version=1; Expires=Sun, 01-Aug-2021 02:12:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=e78bcb23-4e66-0b8c-3326-6c44c2797d30|1626487976; Version=1; Expires=Sun, 17-Jul-2022 02:12:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
date
Sat, 17 Jul 2021 02:12:56 GMT
content-length
0
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 7FC1
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
2e7d9964855bb30258718bf1242d56811f2e53784d7ec82e94342ccbc0411599

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e78bcb23-4e66-0b8c-3326-6c44c2797d30|1626487976
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e78bcb23-4e66-0b8c-3326-6c44c2797d30|1626487976; Version=1; Expires=Sun, 17-Jul-2022 02:12:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626487976|gekin0vNiygu; Version=1; Expires=Sun, 01-Aug-2021 02:12:56 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=b8ab2c4b-8ea3-0c14-2b7c-b2093c018859|1626487976; Version=1; Expires=Sun, 17-Jul-2022 02:12:56 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
date
Sat, 17 Jul 2021 02:12:56 GMT
content-length
0
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 9210 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 17 Jul 2021 02:12:56 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 00B7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 17 Jul 2021 02:12:56 GMT
Connection
keep-alive
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=sovrn&uid=f6db5458e0c58ee980b0e5a7
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=sovrn&uid=f6db5458e0c58ee980b0e5a7
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=sovrn&uid=f6db5458e0c58ee980b0e5a7
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

location
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D200534c6-7993-4ecf-b5ec-8e1808601b89%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=appnexus&uid=7391310757688800604
0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=appnexus&uid=7391310757688800604
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1b848383-5803-4718-ac1a-7003cdebd7a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=appnexus&uid=7391310757688800604
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89&verify=true
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=200534c6-7993-4ecf-b5ec-8e1808601b89&apid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sat, 17 Jul 2021 02:13:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D200534c6-7993-4ecf-b5ec-8e1808601b89%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=200534c6-7993-4ecf-b5ec-8e1808601b89&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sat, 17 Jul 2021 02:12:59 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7FC1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jul 2021 02:12:46 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 7FC1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RVvNEkAIyhheCM1DS1uGGUdZkkVeXM5GEFI1l0XT
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RVvNEkAIyhheCM1DS1uGGUdZkkVeXM5GEFI1l0XT
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RVvNEkAIyhheCM1DS1uGGUdZkkVeXM5GEFI1l0XT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7FC1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3117753277195830633
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3117753277195830633
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3117753277195830633
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7FC1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3427f47a-e7e1-347b-69f0-a4aca65e4ecd&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7FC1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0ODI3YjAtMmU5Ni02YWRmLTdjMTAtZmUxNTZjYmM4MGFk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7FC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 97D4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jul 2021 02:12:46 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 97D4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=0ddPxNSESM7KhE-Q3tYEwIHWG8HK1U_P0N_BH-SB
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=0ddPxNSESM7KhE-Q3tYEwIHWG8HK1U_P0N_BH-SB
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=0ddPxNSESM7KhE-Q3tYEwIHWG8HK1U_P0N_BH-SB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 97D4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3492398545087167213
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3492398545087167213
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3492398545087167213
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 97D4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3427f47a-e7e1-347b-69f0-a4aca65e4ecd&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 97D4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0ODI3YjAtMmU5Ni02YWRmLTdjMTAtZmUxNTZjYmM4MGFk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 97D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLv0JN30Q2t3kwzStMA0iQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		492 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7dbac16c6846d54777e87ecdf090d7db07928aabec7105547448a184e04590fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a4a633f5-6fae-4e4c-9581-a9394a3f3008
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
492
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
underdogmedia-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=df7d0091-9633-4338-8e77-5f7720d9f841%2Cdf7d0091-9633-4338-8e77-5f7720d9f841%2Cdf7d0091-9633-4338-8e77-5f7720d9f841%2Cdf7d0091-9633-4338-8e77-5f7720d9f841&nocache=1626487976908&schain=1.0%2C1!udmserve.net%2C2952%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C728x90&divids=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90&aucs=%2C%2C%2C&auid=540857115%2C540857115%2C540857115%2C540857115&aumfs=76%2C76%2C76%2C76
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
ef8b1ab315659c4faaf76e2537c2c75c2783ea5eab70b651e31f354bd5360e79

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		841 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2240b79c8b6f56871%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07291666666666666%22%2C%2241e6c7e494b38cf%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07291666666666666%22%7D&ref=https%3A%2F%2Fwww.upi.com%2F&s=1e5af550-b338-40e7-adbd-076ec1903c1e&pv=210db69f-c2f7-4b48-9ac4-213ca72742f2&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c2769a8eaff48cb567e9473449e12c994a3ee8ad318847ca22d029f27dc54457
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
493
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0&cb=93723534018
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sat, 17 Jul 2021 02:12:56 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
c
prebid.a-mo.net/a/ 		861 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
eff069d023234d0ca7f190e1b1c1dc36eab6bf4dffd2012b3e845e39c8cb08a2

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
26
content-length
355
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sat, 17 Jul 2021 02:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=659180&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225186edb98cfb80f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2286bfc630-6f44-4f94-a35e-4abc21e49bc9%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-17T02%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252ab2dc93d2a5ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22659180%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.7.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53d68ffa66c3f528f960ca379d6b63fa0db95f404a665eba306e7a89bd6a7ebe

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.upi.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 17 Jul 2021 02:12:56 GMT
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7391310757688800604
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7391310757688800604
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:56 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ce6efc61-1867-4fa8-abea-813054f9f88e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7391310757688800604
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 2622
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=Ubsx8VToNvtK6DGlXrp69QG6ZfRKuTH6ULMXBNyU
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=Ubsx8VToNvtK6DGlXrp69QG6ZfRKuTH6ULMXBNyU
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.79.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=Ubsx8VToNvtK6DGlXrp69QG6ZfRKuTH6ULMXBNyU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jSYJjFENWL9JA4f48UW0eftZsYtezPHo9eFakOvXX6BIyaGbIIv0a_fI8OmhECES%29
Date
Sat, 17 Jul 2021 02:13:00 GMT
Connection
close
X-TraceId
58dba50dd5ca0b0e410ccdb924e2e670
Content-Length
0
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=c31a500a-cff4-0c2d-0e8b-b4416e0e4f8b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=c31a500a-cff4-0c2d-0e8b-b4416e0e4f8b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:56 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 17 Jul 2021 02:12:56 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=c31a500a-cff4-0c2d-0e8b-b4416e0e4f8b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-06ae8219-6549-49e4-5c2c-f1710d996670$ip$185.156.175.109
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-06ae8219-6549-49e4-5c2c-f1710d996670$ip$185.156.175.109
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-06ae8219-6549-49e4-5c2c-f1710d996670$ip$185.156.175.109
Date
Sat, 17 Jul 2021 02:13:00 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-xNycbHBE2peDeKev5PiYxfi.ledU1avTC30W~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-xNycbHBE2peDeKev5PiYxfi.ledU1avTC30W~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:57 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 17 Jul 2021 02:12:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-xNycbHBE2peDeKev5PiYxfi.ledU1avTC30W~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=82832580-e6a4-11eb-98c1-f311d18549d8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=82832580-e6a4-11eb-98c1-f311d18549d8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=82832580-e6a4-11eb-98c1-f311d18549d8
Date
Sat, 17 Jul 2021 02:13:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
82832581-e6a4-11eb-98c1-f311d18549d8
services
sync.technoratimedia.com/ Frame 2622 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
921771377
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 2622 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b40df163-5aae-47f1-9858-c26a105f9c76&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=81318d99-60ad-4495-8a71-a1ac082c8fc8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=81318d99-60ad-4495-8a71-a1ac082c8fc8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=81318d99-60ad-4495-8a71-a1ac082c8fc8
date
Sat, 17 Jul 2021 02:13:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/ Frame 2622
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5111571601
  • https://sync.1rx.io/usersync/tradedesk/97958d5c-c545-4d55-810d-b5fa89491ff0
  • https://sync.targeting.unrulymedia.com/csync/RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
date
Sat, 17 Jul 2021 02:13:00 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbe82f29194854c7dba222840b48d7fb0003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=XK7zLj5vN2BP&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=XK7zLj5vN2BP&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=XK7zLj5vN2BP&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-whqwl
expires
-1
usersync
rtb.gumgum.com/ Frame 2622
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=8855074365182534805&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=8855074365182534805&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=8855074365182534805&gdpr=1&gdpr_consent=
date
Sat, 17 Jul 2021 02:12:58 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2622 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_b40df163-5aae-47f1-9858-c26a105f9c76
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 3828
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 17 Jul 2021 02:12:46 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3810 5cb7d7e master zrh-pixel-x31
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=&gdpr_consent=
Expires
Sat, 17 Jul 2021 02:12:45 GMT
usersync
rtb.gumgum.com/ Frame CDC4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YPI8pwAC8tHmCwA4&gdpr=&gdpr_consent=
accept-ranges
bytes
date
Sat, 17 Jul 2021 02:12:56 GMT
via
1.1 varnish
x-served-by
cache-fra19125-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1626487977.948177,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame EF98 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iNDBkZjE2My01YWFlLTQ3ZjEtOTg1OC1jMjZhMTA1ZjljNzY=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9iNDBkZjE2My01YWFlLTQ3ZjEtOTg1OC1jMjZhMTA1ZjljNzY=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnk2kqw1d-A2qqfG9mRu611aQiVDrUAX_L5E7q0Wvp53rU0ed_AEEcqzuS9O8o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sat, 17 Jul 2021 02:12:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2146 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=true; KADUSERCOOKIE=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=84431
expires
Sun, 18 Jul 2021 01:40:08 GMT
date
Sat, 17 Jul 2021 02:12:57 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 56F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2020008
server
33XP005
date
Sat, 17 Jul 2021 02:12:59 GMT
usersync
rtb.gumgum.com/ Frame CC2F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=97958d5c-c545-4d55-810d-b5fa89491ff0&t=1629079977
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=97958d5c-c545-4d55-810d-b5fa89491ff0; domain=.adsrvr.org; expires=Sun, 17-Jul-2022 02:12:57 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwi-jcz847TkORAFOAE.; domain=.adsrvr.org; expires=Sun, 17-Jul-2022 02:12:57 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 731E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sat, 17 Jul 2021 02:12:59 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 1AC9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:13:01 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sat, 17 Jul 2021 02:13:00 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YPI8rMCo8YQAAPY9mBsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YPI8rMCo8YQAAPY9mBsAAAAA; path=/; expires=Mon, 17-Jul-23 02:13:00 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
3
X-SO-HostName
a-ad40300.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":30,"gdpr":false,"ipv4":"185.156.175.109","key":"YPI8rMCo8YQAAPY9mBsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40300"}
X-SO-Key
YPI8rMCo8YQAAPY9mBsAAAAA
X-SO-IP
185.156.175.109
X-SO-Cluster-ID
30
X-SO-Upstream-ID
a-ad40300
usersync
rtb.gumgum.com/ Frame D888
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316021662915401
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316021662915401
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316021662915401
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 17 Jul 2021 02:12:59 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQzM7I0NDUxMBTiM9TNDNB1tAgJcguzLDOV4jU0MzIzsTC3NLc0MzMDAGnO8VM0AAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 11 Aug 2022 02:12:59 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQzM7I0NDUxMBTiM9TNDNB1tAgJcguzLDMFAHWjktUlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRmYmFuaW5pZmYGACahniUQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 11 Aug 2022 02:12:59 GMT; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316021662915401
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame E2F6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b40df163-5aae-47f1-9858-c26a105f9c76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 17 Jul 2021 02:13:00 GMT Sat, 17 Jul 2021 02:13:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=GfIQ93Px0nChuGi5Ykz0&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9EC9 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60405974&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
61a4e930e85e1ca5b3411ac4a69c99232e6190fc1de63a33b81afe9f068d8145

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:58 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jul 2021 02:12:57 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:57 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jul 2021 02:12:57 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=97958d5c-c545-4d55-810d-b5fa89491ff0&pubid=5fa6044d8d
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=97958d5c-c545-4d55-810d-b5fa89491ff0&pubid=5fa6044d8d
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=97958d5c-c545-4d55-810d-b5fa89491ff0&pubid=5fa6044d8d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
0
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=index_rtb&uid=YPI8paPz-8gKevC8S4Co8gAA%261183
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sat, 17 Jul 2021 02:12:59 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a31f7619-a863-4ba9-b420-86d41a8dc634&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDT3VVN0I1SGtBQUVBUVREYURFUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACOuU7B5HkAAEAQTDaDEQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACOuU7B5HkAAEAQTDaDEQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACOuU7B5HkAAEAQTDaDEQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOuU7B5HkAAEAQTDaDEQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8855074365182534805
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACYeE7B5HkAAECoi_ebXA
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AACYeE7B5HkAAECoi_ebXA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AACYeE7B5HkAAECoi_ebXA
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:01 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AACYeE7B5HkAAECoi_ebXA
date
Sat, 17 Jul 2021 02:13:01 GMT
via
1.1 google
server
OXGW/16.210.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Jul 2021 02:12:49 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:48 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6d510ca2-56d1-412a-baab-c94240b79ed2&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NXJOelhZaTAyZHNreG03RFlNTTg1Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEA--BEdSLQsch7NpCC0KnqA&google_cver=1
49 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEA--BEdSLQsch7NpCC0KnqA&google_cver=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-whqwl
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEA--BEdSLQsch7NpCC0KnqA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=sovrn&uid=f6bc801ab39a2a42e9a65ce1
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=sovrn&uid=f6bc801ab39a2a42e9a65ce1
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=sovrn&uid=f6bc801ab39a2a42e9a65ce1
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f&verify=true
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=068a0277-9326-4b23-a21c-34f09433ae2f&apid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy

Redirect headers

Date
Sat, 17 Jul 2021 02:13:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP820717c7-e6a4-11eb-9e00-02b4ef8cd078&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159955
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81866b81-9739-4616-9bf4-d80328ccfc71&gdpr=&gdpr_consent=&gdpr_pd=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81866b81-9739-4616-9bf4-d80328ccfc71&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:425
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81866b81-9739-4616-9bf4-d80328ccfc71&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739028400046330
49 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739028400046330
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=875739028400046330
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=81866b81-9739-4616-9bf4-d80328ccfc71&google_hm=ODE4NjZiODEtOTczOS00NjE2LTliZjQtZDgwMzI4Y2NmYzcx
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEO0QSLmb8wrz6Z-b6yzQHOk&google_cver=1&ssp=sonobi&bsw_param=81866b81-9739-4616-9bf4-d80328ccfc71
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=81866b81-9739-4616-9bf4-d80328ccfc71
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=81866b81-9739-4616-9bf4-d80328ccfc71
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=81866b81-9739-4616-9bf4-d80328ccfc71
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

location
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=pubmatic&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D068a0277-9326-4b23-a21c-34f09433ae2f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=appnexus&uid=7391310757688800604
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=appnexus&uid=7391310757688800604
Requested by
Host: www.upi.com
URL: https://www.upi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:12:59 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
aa19405d-0917-46a6-bdd8-67f51201c702
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=068a0277-9326-4b23-a21c-34f09433ae2f&D=&bidder=appnexus&uid=7391310757688800604
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2zsgisQuuaa5RdFXPJ04enfLHDBejOImLK3Wa6sTgVO9w1HlY3E1NWnID-ffJezzp_kFwOHfwCU5lsHg
breakfastboat.com/ 		215 B
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2zsgisQuuaa5RdFXPJ04enfLHDBejOImLK3Wa6sTgVO9w1HlY3E1NWnID-ffJezzp_kFwOHfwCU5lsHg
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
aa3f15df57c22ed541af64edb1ca6730d1aa361b33966fa0c14fa78f665750e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:59 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
215
expires
Sat, 17 Jul 2021 02:12:58 GMT
v2zsgisQuuaa5RdFXPJ04enfLHDBejOImLK3Wa6sTgVO9w1HlY3E1NWnID-ffJezzp_kFwOHfwCU5lsHg
breakfastboat.com/ 		216 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2zsgisQuuaa5RdFXPJ04enfLHDBejOImLK3Wa6sTgVO9w1HlY3E1NWnID-ffJezzp_kFwOHfwCU5lsHg
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
38b9ac865ad9d5ae3ced7ef704d5386852515389b124285cf65ee882c2ae3528
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:59 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sat, 17 Jul 2021 02:12:58 GMT
v2ouzTM0NrYTFEAxyZORJchgo-DDSg4oYb62UB7Zf56pN_EdExYLYBPPiAJ1CbJdDCDl0M__6h6B4o_Mg
breakfastboat.com/ 		994 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2ouzTM0NrYTFEAxyZORJchgo-DDSg4oYb62UB7Zf56pN_EdExYLYBPPiAJ1CbJdDCDl0M__6h6B4o_Mg
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
036985ad38a08748cdaa0663a8a7173d5636fbdc095d437b5bcba6151ddad767
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:59 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
994
v2ouzTM0NrYTFEAxyZORJchgo-DDSg4oYb62UB7Zf56pN_EdExYLYBPPiAJ1CbJdDCDl0M__6h6B4o_Mg
breakfastboat.com/ 		994 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breakfastboat.com/v2ouzTM0NrYTFEAxyZORJchgo-DDSg4oYb62UB7Zf56pN_EdExYLYBPPiAJ1CbJdDCDl0M__6h6B4o_Mg
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
cd081503331b4b2b145c0b2a95223d9c2f6034cb405a2e8a6e6a5955259045fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 17 Jul 2021 02:12:59 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
994
match
c1.adform.net/serving/cookie/ Frame D491 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=3492398545087167213
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 17 Jul 2021 02:12:59 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3492398545087167213; expires=Wed, 15 Sep 2021 02:12:59 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E9CB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbmpFN0I1SGtBQURfTEZ6WHItdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABnjE7B5HkAAD_LFzXr-w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABnjE7B5HkAAD_LFzXr-w&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACOuU7B5HkAAEAQTDaDEQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8855074365182534805
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8855074365182534805&_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
42 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_188=3189-5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348; PugT=1626487980; PUBMDCID=3; KRTBCOOKIE_594=17105-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003&KRTB&17107-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003; KRTBCOOKIE_279=22890-8294d995-e6a4-11eb-8c2d-834054f6d847&KRTB&23011-8294d995-e6a4-11eb-8c2d-834054f6d847
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 17 Jul 2021 02:13:01 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AACYeE7B5HkAAECoi_ebXA; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 16-Aug-2021 02:13:01 GMT; path=/ PugT=1626487981; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 16-Aug-2021 02:13:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 15-Oct-2021 02:13:01 GMT; path=/
x-lat
lhrpug009:0:440
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Sat, 17 Jul 2021 02:13:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7B5HkAAECoi_ebXA
Server
nginx
set-cookie
bito=AACYeE7B5HkAAECoi_ebXA; Domain=bidr.io; expires=Mon, 15 Aug 2022 22:13:01 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Mon, 15 Aug 2022 22:13:01 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame F6B3 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 17 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1359
date
Sat, 17 Jul 2021 02:12:59 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame A4B9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6661306663
  • https://sync.1rx.io/usersync/tradedesk/97958d5c-c545-4d55-810d-b5fa89491ff0
  • https://sync.targeting.unrulymedia.com/csync/RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
42 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_188=3189-5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348; PugT=1626487980; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003&KRTB&17107-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 15-Oct-2021 02:13:00 GMT; path=/ PugT=1626487980; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 16-Aug-2021 02:13:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 15-Oct-2021 02:13:00 GMT; path=/
x-lat
lhrpug008:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 17 Jul 2021 02:13:00 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003%22%7D; path=/; expires=Sun, 17 Jul 2022 02:13:00 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
etag
RXbe82f29194854c7dba222840b48d7fb0003
141
match.deepintent.com/usersync/ Frame ED00 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 17 Jul 2021 02:12:59 GMT
server
a
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 67C8 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4C9E5932-6DD2-4C44-AF31-BEF85A292832&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1YWPRE0C0Pgr0KDnZd450E; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Sat, 17 Jul 2021 02:12:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9EC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJ5ZMm3STESvMb74WikoMg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=84429
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 18 Jul 2021 01:40:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 9EC9 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:00 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 17 Jul 2021 02:12:49 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM5RTU5MzItNkREMi00QzQ0LUFGMzEtQkVGODVBMjkyODMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
date
Sat, 17 Jul 2021 02:12:59 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97958d5c-c545-4d55-810d-b5fa89491ff0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:408
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
date
Sat, 17 Jul 2021 02:12:59 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7738160339778704360&gdpr=0&gdpr_consent=&us_privacy=
1 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7738160339778704360&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:445
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7738160339778704360&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJir2PcyjMN81Dy55588qF8&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
date
Sat, 17 Jul 2021 02:12:59 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPI8pwAC8tHmCwA4&gdpr=0&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPI8pwAC8tHmCwA4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:442
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1626487980.542151,VS0,VE0
x-served-by
cache-fra19125-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPI8pwAC8tHmCwA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=0&gdpr_consent=
42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 17 Jul 2021 02:12:49 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3d3d60f2-3ca7-4e00-a70c-4b19ee0d3d38&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Jul 2021 02:12:48 GMT
4C9E5932-6DD2-4C44-AF31-BEF85A292832
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9EC9 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4C9E5932-6DD2-4C44-AF31-BEF85A292832?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C9E5932-6DD2-4C44-AF31-BEF85A292832&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P_e8CVFE2uU0gp.a7WuhPgngBbs9g2k-~A&gdpr=0&gdpr_consent=
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P_e8CVFE2uU0gp.a7WuhPgngBbs9g2k-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Sat, 17 Jul 2021 02:13:01 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 17 Jul 2021 02:13:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P_e8CVFE2uU0gp.a7WuhPgngBbs9g2k-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
pubmatic
um.simpli.fi/ Frame 9EC9 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 16 Jul 2021 02:13:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391310757688800604&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:498
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b40df163-5aae-47f1-9858-c26a105f9c76
date
Sat, 17 Jul 2021 02:12:59 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9EC9 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4C9E5932-6DD2-4C44-AF31-BEF85A292832&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 9EC9 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8294d995-e6a4-11eb-8c2d-834054f6d847&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8294d995-e6a4-11eb-8c2d-834054f6d847&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:325
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8294d995-e6a4-11eb-8c2d-834054f6d847&gdpr=0&gdpr_consent=
Date
Sat, 17 Jul 2021 02:13:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
8294d996-e6a4-11eb-8c2d-834054f6d847
sn.ashx
pmp.mxptint.net/ Frame 9EC9
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E056A41E_185E58043&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.67.14.233 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-309474781; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:01 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-309474781; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 17 Jul 2021 02:13:01 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:461
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348&gdpr=0&gdpr_consent=
42 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:330
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:12:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 9EC9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z8qFD8qZggXUmYVbwMvOC5_L0QrUyIUEzsJOcXD7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:12:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 17 Jul 2021 02:12:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:389
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2abc94add097301f0c3864b47cd091deb15b6e19f3e59ea18ba7193ac6f8939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Jul 2021 02:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8438
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B4B7 		291 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2028
set-cookie
uid=89c37cf3-b8e9-4939-a64e-394c177441a5; expires=Sun, 17 Jul 2022 02:13:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sat, 17 Jul 2021 02:13:02 GMT
content-length
321
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Jul 2021 02:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 17 Jul 2021 02:13:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BAE3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 16 Jul 2021 20:11:12 GMT
expires
Sat, 16 Jul 2022 20:11:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 40D1 		783 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f795d2218f846a3d9c9d8838ae81bcdf26a7e8bafa2e140186b9a3e4f7dec9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SonaAB10c/4Tm4DWO4XQ9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

expires
Sat, 17 Jul 2021 02:13:02 GMT
date
Sat, 17 Jul 2021 02:13:02 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SonaAB10c/4Tm4DWO4XQ9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
pagead2.googlesyndication.com/bg/ Frame BAE3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 11:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13247
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Jul 2022 11:12:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=3126714824678482&bg=!PD-lP3vNAAZjFomlYxY7ACkAdvg8Wks08kMUPf_X5uF5B9Di1N3qsCrQbeIkk0U1wI0HZLgirUVDdQIAAABkUgAAAApoAQcKALfnWJVkwJuK-DtOirzevan81hWFthOZk-vjZvc2hkXX50MFBaUELzqomrjzeasyFdZDYhgUTPyCYEINI-a9p7Uheivs1SNeOwdZNh1gA2pOYCMmee9qIM0iwOiSZsBmfC8VRix_0y-UgCgPZd6u-dh-1fysAXIG7I47eotfx0NykLuCCcDQ4r3XDwjtZTTlDOXeFR7ekDuHbGC5XDD28fBRw6vCXWTDnKU-puL3sY3pBNTvh6mQT-KZAmlrnkPrHDQupuO9FLBDYvXe5PYCZqh-gqTHVCUOrehD_HF9Eh9qqmmXdBz2V76zJMT5lgqtxvqSA_OXGP8kdNB3WPOh7zysErzuf385somko_tRxPH6k-qSLVihdExvIQ9NbAe9FtXDNQf6dFS8Y6p2pvE7AH6QmpHSzANrjGY-fRm5e-TqUaoWtnqiUrWag3h18DPznvkrZ-LnTiLOsAIsvpDROXAZq3RGkd5bGsKeMNnZeOUm_q-e2EvhvrHUCBe6eosjEd4xy1VH1xbUoWYQJ5IPwruV-e04_JAyHc-vDRKnhIkK5CnJCbWx45RWPuBR4BYWy8_rBZ0_ooZYeoB9akgg3gaTCLOLmSNGiUEqnkcmxyc1GqAG4mJxX3RtiVrfa7r-plHBJndHAcB78g2_9urvCfW1Bty5L_wvej52T0lbVkAOYOOZX2DfbG5FXV07nW1jyULCchw60-VM3qcaGqAVr8X8HIrzmf8JxRWCal2HG605KmSpBgvzWX3reufJ5ijsE7TWMjZCY7xEQN-8HtQqD_EcfIwT933OLkgFCFPXdq-mmsYlJgEKylIKwTlIsS_9anUTEk6EtCFmXSpDFs8syV985kt4y5RBD1-pyBQaYXYiXAK4Xpo_xbnSsd1gl9KOStgb5B5buupepsM1Y8naimxGjQhEBlViX0yvR2sZMY3UcvLaGHL95UYG9sAnLS1U3vL14YoYiRd8Hki1ndD9132ii3l7HqdqUicwVTLDvLUeCGvakS3MrHFfJDHDc7RR5EoKqE2IiHV7t_M2crHQpZST9GDBtqeLM2uoT1A5nznuVlU2Kw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c6245f2849ef8384291f1a011dd48958945dfd7c03080beffec1386ce305346

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YPI8shbVNWYtp.kqbRj7hgAA; CMPS=3204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|190|111|152|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1628
Expires
Sat, 17 Jul 2021 02:13:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YPI8shbVNWYtp.kqbRj7hgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:13:06 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:13:06 GMT CMPRO=1161;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:13:06 GMT CMRUM3=9860f23cb205a00&e660f23cb22760&6f60f23cb205a0&2d60f23cb205a0&3360f23cb205a0&be60f23cb205a0&2760f23cb20b40&f160f23cb205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:13:06 GMT CMST=YPI8smDyPLIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Jul 2021 02:13:06 GMT

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 17 Jul 2021 02:13:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YPI8shbVNWYtp.kqbRj7hgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:13:06 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:13:06 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B55B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19f808e0023ccbb645dc9370220b3eff047a8df9f62b646d7e86f9ac0b9e15a4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YPI8shbVNWYtp.kqbRj7hgAA; CMPS=3204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|221|191|123|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1716
Expires
Sat, 17 Jul 2021 02:13:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YPI8shbVNWYtp.kqbRj7hgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:13:06 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:13:06 GMT CMPRO=1161;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 15 Oct 2021 02:13:06 GMT CMRUM3=f160f23cb205a0&2760f23cb20b40&2d60f23cb205a0&dd60f23cb22760&e660f23cb22760&bf60f23cb205a0&7b60f23cb205a00&4160f23cb205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Jul 2022 02:13:06 GMT CMST=YPI8smDyPLIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Jul 2021 02:13:06 GMT
crum
dsum-sec.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8shbVNWYtp.kqbRj7hgAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YPI8shbVNWYtp.kqbRj7hgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKn3xCRTbIzHJMcMScupDAg&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKn3xCRTbIzHJMcMScupDAg&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKn3xCRTbIzHJMcMScupDAg&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D9A7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0GYWF3N5WC5HMTH3J9HP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W616HSTV1W0J7ZTBAFYB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP6usWVpRlPQ6I5_vEpE3no&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP6usWVpRlPQ6I5_vEpE3no&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:06 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP6usWVpRlPQ6I5_vEpE3no&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D9A7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YPI8shbVNWYtp.kqbRj7hgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7888610994366998607
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7888610994366998607
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
733cc744-9ad9-4d91-8c7e-e4412ed12135
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7888610994366998607
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1409829904870852739&expiration=1627697586
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1409829904870852739&expiration=1627697586
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:06 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1409829904870852739&expiration=1627697586
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b3bf0707-90bf-4a68-9f85-c85fe6de60d8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b3bf0707-90bf-4a68-9f85-c85fe6de60d8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b3bf0707-90bf-4a68-9f85-c85fe6de60d8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame D9A7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=57183e5a-c59d-464b-bf77-e0f8dbf31a10
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=57183e5a-c59d-464b-bf77-e0f8dbf31a10
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=e32bf1a2-7a27-48e1-8344-a298af024c14&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57183e5a-c59d-464b-bf77-e0f8dbf31a10
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57183e5a-c59d-464b-bf77-e0f8dbf31a10
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57183e5a-c59d-464b-bf77-e0f8dbf31a10
date
Sat, 17 Jul 2021 02:13:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D9A7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPI8shbVNWYtp.kqbRj7hgAA%261161
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:13:06 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1294
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:34:40 GMT
casale
match.adsrvr.org/track/cmf/ Frame B55B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPI8shbVNWYtp.kqbRj7hgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B55B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJohG2JTpDeCqijmzbKzoOQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJohG2JTpDeCqijmzbKzoOQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:06 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJohG2JTpDeCqijmzbKzoOQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B55B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPI8shbVNWYtp.kqbRj7hgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHXldawM3WG2uVfXkT2vh18&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHXldawM3WG2uVfXkT2vh18&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHXldawM3WG2uVfXkT2vh18&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B55B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N40VNYWJ0JPXN5FEHA7J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9192WTX1KYXYCR2FW39P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPI8shbVNWYtp-kqbRj7hgAABIkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame B55B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr=
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr=
49 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.234
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPI8shbVNWYtp.kqbRj7hgAA%261161?gdpr_consent=&us_privacy=&gdpr=
cache-control
no-cache
x-server
10.45.20.105
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B55B
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=db776c03-a7ab-86f2-ad3faffe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=db776c03-a7ab-86f2-ad3faffe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

date
Sat, 17 Jul 2021 02:13:06 GMT
via
1.1 google
server
nginx/1.21.1
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=db776c03-a7ab-86f2-ad3faffe
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
146
rum
dsum-sec.casalemedia.com/ Frame B55B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=WoBwDx9eTcRR5UIImRAyH7mcr20
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=WoBwDx9eTcRR5UIImRAyH7mcr20
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:07 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=WoBwDx9eTcRR5UIImRAyH7mcr20
Date
Sat, 17 Jul 2021 02:13:07 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame B55B
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1626574386
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1626574386
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jul 2021 02:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Jul 2021 02:13:06 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1626574386
pragma
no-cache
date
Sat, 17 Jul 2021 02:13:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B55B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YPI8shbVNWYtp.kqbRj7hgAA%261161
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Jul 2021 02:13:06 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1294
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Jul 2021 02:34:40 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=upi.com&p=%2F&u=BBBUliC73Pe3CkMI5O&d=upi.com&g=4027&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6242&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2089&t=D4RH5vCMcAiODfnJKuBODnXqBQTdf6&V=128&tz=-120&sn=2&sv=Ci6JMkvcxasDaXyN6y49oKgiAR1&sd=1&im=0603040f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.234.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-234-155.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jul 2021 02:13:07 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| EID function| divFill function| divFillPI function| dfpi function| st function| ht function| sht function| postFill function| pf function| getValuesByClass function| gvbc function| getElementsByClass function| cUc function| upi_pn function| upi_log_io object| upi_ol function| lic_photo function| upicc function| upirc function| wnd_xy function| wnd_sr function| upi_sb function| it_bl_hv function| fn_cxy function| mn_init function| prc function| generateUUID number| wnd_st number| wnd_y number| wnd_x number| doc_x number| doc_y string| mo_xy object| result function| c_stat function| upi_pt function| upi_ev function| upi_pt_c object| enl_cfg object| apstag number| adsStart function| detectWidth number| TIMEOUT object| googletag object| pbjs object| adUnits object| a9Slots boolean| a9BidsBack function| initAdServer string| dfpNetwork number| len object| OneSignal function| admiral function| __tcfapi function| __uspapi object| PushlySDK function| pushly object| _sf_async_config function| fbAsyncInit function| latest_lm object| adrfd object| r1st function| rc_ad object| FB number| _swclk_ number| _swsts_ function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| nho_match_height object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| upi_gallery object| slot_st_gallery object| upi_slider object| rcst object| eosp boolean| apstagLOADED object| headertag function| 4dm1r11545242527 object| ggeac object| google_js_reporting_queue object| udm_ads_queue boolean| udm_confiant_init object| confiant boolean| udm_edge_init object| _qoptions object| _qevents function| pbjsChunk object| dfpAdunitsToRefresh object| _pbjsGlobals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gam_top object| gam_right object| gam_right1 object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| quantserve function| __qc object| ezt function| qtrack function| udm_r3Chunk object| udm_r3 function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| Criteo string| pubcidCookie object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag object| criteo_pubtag_prebid_110 object| Criteo_prebid_110 object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: SPugT
Value: 1626487981
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B4D6AEE1-E2CF-4AC9-9338-B300AFD9E432
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1D531_E056A41E_185E58043&KRTB&23092-R1D531_E056A41E_185E58043
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACYeE7B5HkAAECoi_ebXA
.pubmatic.com/ Name: PugT
Value: 1626487981
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-5c2f2c12-f5be-44f7-89f1-57880b9af30b-60f23cac-4348
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-8294d995-e6a4-11eb-8c2d-834054f6d847&KRTB&23011-8294d995-e6a4-11eb-8c2d-834054f6d847
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003&KRTB&17107-RX-be82f291-9485-4c7d-ba22-2840b48d7fb0-003
.openx.net/ Name: i
Value: b797b49e-0921-4348-8c7a-36eab9155dc5|1626487981

14 Console Messages

Source Level URL
Text
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Initial check, __tcfapi is function
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Initial check, __tcfapi is function
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-r

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors frame-ancestors 'self'
X-Frame-Options 'SAMEORIGIN'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3655070c7f67300e40f43153ec21426c.safeframe.googlesyndication.com
a.teads.tv
a.volvelle.tech
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
breakfastboat.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.onesignal.com
cdn.p-n.io
cdnph.upi.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d3terveqlssriz.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.udmserve.net
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
krk.kargo.com
lh4.googleusercontent.com
lh6.googleusercontent.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
udmserve.net
um.simpli.fi
um2.eqads.com
underdogmedia-d.openx.net
upi-d.openx.net
upi.com
ups.analytics.yahoo.com
us-u.openx.net
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.upi.com
x.bidswitch.net
104.109.78.125
124.146.215.42
13.224.90.44
13.224.96.34
13.224.96.72
13.248.245.213
135.125.8.70
136.144.58.223
142.250.186.34
142.250.186.98
146.0.227.107
151.101.13.194
151.101.14.49
159.253.128.188
178.162.133.149
178.162.133.150
178.250.0.163
178.250.0.165
18.158.174.89
18.195.155.181
18.195.223.2
184.31.84.150
185.184.8.65
185.29.133.58
185.33.221.15
185.33.221.90
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.80
185.86.138.119
193.0.160.128
193.122.174.27
198.148.27.139
199.187.193.192
2.18.232.7
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
208.100.17.180
213.19.147.45
2600:9000:2190:2000:18:1fcd:34f:cdc1
2600:9000:2190:4200:5:c4ab:c3c0:93a1
2600:9000:2190:9e00:6:44e3:f8c0:93a1
2600:9000:21f3:6c00:f:baea:96c0:21
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c08::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.79.35
3.126.56.137
34.120.133.55
34.192.234.155
34.224.231.148
34.254.122.11
34.95.69.49
35.156.198.184
35.170.231.210
35.201.103.212
35.210.178.101
35.241.40.233
35.244.159.8
35.244.174.68
37.157.4.23
37.252.161.190
38.118.71.121
38.67.14.233
38.91.45.7
51.75.146.162
52.16.214.249
52.17.241.173
52.205.83.58
52.45.128.104
52.45.55.28
52.46.154.242
52.59.102.119
52.95.124.165
54.171.173.220
54.209.16.83
64.202.112.159
66.155.71.150
68.71.249.118
68.71.249.120
69.173.144.138
69.173.144.165
72.251.249.9
76.223.111.131
88.214.206.247
00b15b3667c8baa97215e6a24f11ff33668c70582524dfae6fbfa68924574f8e
036985ad38a08748cdaa0663a8a7173d5636fbdc095d437b5bcba6151ddad767
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b88e4978204648bdd7b44633e2fa5ccb386dafe1e202e04e2ae96b6c0aa0e26
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd4ab131d3ad8e5baf968a361da3479dd4156c848dcb2ba7a3501e4d3115af3
0da20e06f55ad40ca9eedc09a46fd0ebda248b10188ebe8004219009cb0ca139
0e865037fc1966976dbcbd219e7f03114e2b529a014937e4915a0ab8568bb3ba
0ffed9095db80564dadc0480f156f2b78365af6e929eafbded15dfc26a4beb4b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f808e0023ccbb645dc9370220b3eff047a8df9f62b646d7e86f9ac0b9e15a4
1a85e7d37f466f7aa77b74252a8deb14ced805a195e607fd6a7cbab9bc775f58
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21a9c568e122bb4c603d80ad5cd64c90e982d164e2d9290e5bc5e278b74b96f9
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23be00f633eedf3f481c8a2203c0bcb569c1b9db8b822656726a2979b79258c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bfe62c2d13e9ec17dc51dd7dcb1210927584015c0b7c0943f56099f2a855014
2c94d59648a7e37a0667c90fd731634488a1c3645a58dc994a801f37ac008c7e
2d9afa2c1915812b01481719b6fc53326d2e670bfc9ac369662a4baf6ccfd30b
2e7d9964855bb30258718bf1242d56811f2e53784d7ec82e94342ccbc0411599
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
318b8dfa1ea500dc3c786a253d60063590afe029fb90b84c703b0f903917f223
36ddf945c918423d7c453b3f97b0b205459fa327b8728a595f7849ffc58d53da
38b9ac865ad9d5ae3ced7ef704d5386852515389b124285cf65ee882c2ae3528
38e7a6e16426441763900de1d3d44b17d1a5505b65840e1436d986d2e927263a
3f0e39fbc9eed2cdedec70db46faae08413084683af3fbe2eae6335ce6ee9ae1
3f795d2218f846a3d9c9d8838ae81bcdf26a7e8bafa2e140186b9a3e4f7dec9c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e926ff14a2269b4161ab10d98720ed0483f0abe39ec445ac2194f3da9268c0
43a53af989b537e12e404d3f2a032228d3319875e413dfb86ffd994864613763
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4559121cd8559a31c9dee509d53ebd83cbd4efa8840e4ebe410bafade10a9b5e
46290e79361db1467eabc4eaafa9a79d7d882e32b0db411e9ee509d30be8ec7b
477b2706328e999434403b37e511b6d2086ae24baceab75c41b5b57f29bc854d
489610f3c59dd8daf155cc172bad8f6bcf81cf6ee6276e3510e2637691fcf16e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ae038b0e2740851d7ccec5d785ac575444525bb05ab6ac84d5a407be2241815
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e366bfaf9fa41bcb0c5e940fd0a73e74b00681f27668dd0f422cb4b7589eef1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52041ba8482d5f107d3a9aecf21074177cb59f89b878f83d1c262c182cb06f26
53349822b11871b7600db7e533e6149cadcdeb304159d6d0ea2280b5a97d71f3
53d68ffa66c3f528f960ca379d6b63fa0db95f404a665eba306e7a89bd6a7ebe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cd6fbb7034f86f2a30e3a5a0efb46ffc09b48436932722d05aaa62f494a8ce
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55bde95b2799179e90823abc34606a9df66b9e6a3c53c6e64f6251b89fbd5985
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
57ce4f4bba63f2bfb18180f81bf1c6ed0c2f9e81d3651fc5ae8f9c084174807f
5e1ab0b6985e2579b88c0e4127f5bad2f96e5e6aed1a0f2066f090c364c99a19
6095751d52fdfa7660a8f5e4879a39bd5449173497ee575307a118ba43c5db59
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
61a4e930e85e1ca5b3411ac4a69c99232e6190fc1de63a33b81afe9f068d8145
62a2b2d8b39d69baaad2d89b676abcb96a98e5f35ac9ac4860a88679abefe431
62b70d9495626e964b1784a48329c27db0efc8a1fa91824b6e893deceaa49dbd
6693b087fb428ba4b305759d55126204673614f514a201e6a6177868b93a4fad
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db248bb4aac8e0f36d2aef4b5b763f5fa9dfa3cc0d5d7bf8700df00e0cfbde1
6e3265a3e82225d4b08882468add9e5e394a874fb07a91eecfac72090ec5aa2e
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
71f756359addc7b0d08506c6935b8563b4cb375a6b3dbc3d680155d69119f88e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
76b279e58f9e1e977b0b2c6a49d74d8237abffe9dc4c50638245128306fdc121
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
77b88f946555be01fc59c32bc49a6db664a5c06ff5bc8186178ff619da7cf6c6
7bd4ebb3186d9264227d5eeafa880f2c243e8035b0dba03d0a990431e81e7133
7c05a6e6bbefd6a418b31be09e5044d83cbb39d1f70e4af0b6ff37a690f3b4d7
7d87f290fecefca4b265f446d64a5471c491fc57ce23dfa5f30684202a021df1
7dbac16c6846d54777e87ecdf090d7db07928aabec7105547448a184e04590fb
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f9c631643f51f908ee10fb8916070eb9a69dea3f72a59638aa97f776690a75a
80338ab54b9f8338eebd0843e497a527628ffe97e9520ace739a9a2bb91bf68c
807e049abda9cbd699383be46b11accd093ba82949da28cefb06daa0e4527b68
8203bf46a327bcffaeafa0e523386bd44628a263a7b6a6d2d981d36c9cb14fa4
8208470be22b97ea7da8ab175ff88335e31c9466c07604a75462f20a64a2a622
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8b6fbedb47723d0c646f33adae08be260e63526cbb4e12e80fbc8ee111aa5ab0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8109ee8bad7d61e66b831ffbd0138ad5a41cbf7e2a97b1ac2dc24ab6477147
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
994cce785a730109615198c010aa986c951cc7c631be9215c0b676ad87498ab0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7d7f00f9cfab9ef26c0d958383012cf93149e8a27fc98d0eb76e6ae6d77510
9c6245f2849ef8384291f1a011dd48958945dfd7c03080beffec1386ce305346
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
a0b80d2ead83713a30f563fa7f435cf4827e3bc9ad1a41a8a79bef78f20713ca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fcc75ebbb4fd6caa03572ef7e53959d37629784087290ad99a6ca9bb6fff0d
a3c881f41e8dca57417f813f314e9e74c14f5eec47c87edc465d8e548042e6ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa3f15df57c22ed541af64edb1ca6730d1aa361b33966fa0c14fa78f665750e8
aeb24f1aa8eb9753fd72940c3c4abf0ed6c7ab8e5f6fa59b9ee9292d08bd322b
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b35bc43f4bb3c3fa7ce21270c8ffd3770abf1fa0b2bbb9d470d82f64a3ca98
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b421b28dce3e9701b38a2c6e7b309c454af094e19392435fc50b31fd18011673
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bd7b0cc1ed60c09bf209109c6006e008e5437bcabb2e801d22cbe54af4c925f5
be0758d3636d0a8d39e8d8e724c5d3490da25e755fd072c37ee527490a1e0ac3
bf2e267ecb95273750a639fd26f3d54ea7d632f5bb8cf3f270a3da91c237cac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2769a8eaff48cb567e9473449e12c994a3ee8ad318847ca22d029f27dc54457
c3ae3e63a0188892928a6205560015f182ebf4cc2e8e5f3c81fecf512f87e3ea
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3f5ba16538a2446ea66a6c5f0ea35b3a76b999e145bd56383c8585272af9c4c
c43d5320d7d154ea9d67083552e37b7fd0e635e1d0ee9b135a7d16675e06c24c
c50734ab933b955f10ae6d572c28724b162d1a6aae3205b4e1e4eb18c027031d
c61ce87f5331d86b9875542d040e0de868b02035280ae329b35494e9b1d0822b
c88ff75234fe2e63ea14e92cca5b7f506aef6c9b192fe4702e126da9b2f524c1
c978f347c47062a30bcf41e3d7cd9682802f67174dd05b682db7c9ce5def8556
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9b6fed153bdf0e09d2edf53959f5ac7bc548d9465f5e7f635679870205f984
cc0300ead055ea86e39eae88be528976b6157c5e858cafcb2031666cd2b78a83
cd081503331b4b2b145c0b2a95223d9c2f6034cb405a2e8a6e6a5955259045fe
cebd2f4cc38a8f471a77fe840cb3ba7a35e27d6b20053705a82452fa2a402b0d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0cea81abcfade3edf819884266facfb39295304343d73da8b724542a9a9dfce
d366545d6e658a2495a89f8fd319f26d9cc58d845dde64acb836c71d798afbf0
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d47ef60a38d010abfc868b8b2806a493e51f7653724fc09fef645b33b1482afd
d60ffa6e3f840ca755dc1c3221056a05110b671db785c9841ce0dd69ed9549c4
d7b079e9f6f3455fc17d1528d58bd9ae2a168390cdefc91424bc2bec33a922cb
d81eccf8f3e0161155c82d3b8924f7346bcc39c0d3c9320d66c9d2ab76208b46
d8b2319d1c508e47cbe1966ced4f83fee53e9c885113880726171cfb1148c7f6
dccd3f570db173df33985621460bf3edbcc317103bafb2d2a918f8cce188ab62
dd3dc2a7a22663ae6f18d78f92a1a813f8d79ecf83aaf1120be276cdb51ce330
e0282b5104f94e89b3fba2a7738afafeadfa7f9355f25f838c8215d7258b9aa3
e0620f9060a4e83aa1d25e863d3451ac713cf20daf3ceb2c915a5e73b99629c1
e2abc94add097301f0c3864b47cd091deb15b6e19f3e59ea18ba7193ac6f8939
e2b49cb2c821bc17897cf88be60373b50b5c85ee9b14fa39dc0254f26090286b
e39aafbfe069794ed20f743f47908a08c9cd3b293c7fdaa0ef9083b4f5cd5994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6586bb5b51363cb9e680ec61995c929f338cdb3973e0f04c77dd0f7a3b6654a
e703434666c5b1c57bc70f376a57fd6ebaeab1e31657d3ff30ce03fb569002cb
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e9d016594f7d61eb1d28f0041a74a771b8c0f5c40ae2bb4cd8e86a51c4cdf2e1
eb2b426fcd53ced3b52c05f35e93569189ad1efcc53c66ce3241b17dd9c3f5c0
edd099e45f95a2a2cbec9ad68b1308b71f66a6f81b8a2c25fefd65f8c073b96a
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8b1ab315659c4faaf76e2537c2c75c2783ea5eab70b651e31f354bd5360e79
eff069d023234d0ca7f190e1b1c1dc36eab6bf4dffd2012b3e845e39c8cb08a2
f1013a295b1dfd00a08161a8b63a35b367cb92c0a0caea5db8edaa6c8904e3b6
f1bbff6aba9bcdd7f019892952b9df69d7e7e8e28d60d1f9d5dbcc7aaba0ac08
f484934e48c55494a3a9e55bd3c20a2c226f40b82f639b4da64c3fe235002239
f5717be6694dc7763e2661704ed0f7a391d923d51aac91162964200d761f8b37
f5993c915e34cdcb86d906e492435185186af1bf0679f50ce2b8067503759d2b
f6049c28f02d1e920e087b0cadc21750a4388e1c5cbaa0980b1a91b0e7ccf706
fc4b6ffadbb2922ba4db55c7db12b978be8ca260d6e3325edcb1524e7ff0de63