examinerlive.trem.media Open in urlscan Pro
193.233.202.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://examinerlive.trem.media/
Submission: On June 28 via manual (June 28th 2022, 8:18:32 am UTC) from IN — Scanned from DE

Summary HTTP 178 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 52 domains to perform 178 HTTP transactions. The main IP is 193.233.202.181, located in Ashburn, United States and belongs to ALEXHOST, MD. The main domain is examinerlive.trem.media.

This is the only time examinerlive.trem.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	193.233.202.181 193.233.202.181	200019 (ALEXHOST) (ALEXHOST)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	185.66.200.222 185.66.200.222	201702 (SKHOSTING-EU) (SKHOSTING-EU)
30	143.204.89.37 143.204.89.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400e:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	143.204.89.20 143.204.89.20	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:215... 2600:9000:2156:8000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.30 143.204.89.30	16509 (AMAZON-02) (AMAZON-02)
8	18.202.156.227 18.202.156.227	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.56 143.204.89.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	216.104.36.155 216.104.36.155	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	143.204.93.3 143.204.93.3	16509 (AMAZON-02) (AMAZON-02)
1	52.51.205.124 52.51.205.124	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.112 143.204.89.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.89.100 143.204.89.100	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:1200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.30.25.219 52.30.25.219	16509 (AMAZON-02) (AMAZON-02)
2	143.204.89.83 143.204.89.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:4800:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.170.84.146 35.170.84.146	14618 (AMAZON-AES) (AMAZON-AES)
12	143.204.89.107 143.204.89.107	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.129 143.204.89.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.7 143.204.89.7	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	143.204.89.55 143.204.89.55	16509 (AMAZON-02) (AMAZON-02)
3	143.204.89.111 143.204.89.111	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.89.99 143.204.89.99	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:4ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.8 143.204.89.8	16509 (AMAZON-02) (AMAZON-02)
1 3	143.204.89.128 143.204.89.128	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:48e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:44f... 2600:1f18:44f0:4832:38dc:837:c27f:e1ca	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
2	143.204.89.18 143.204.89.18	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.104 143.204.89.104	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.231.74.71 34.231.74.71	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
2	18.204.186.59 18.204.186.59	14618 (AMAZON-AES) (AMAZON-AES)
3	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2600:9000:215... 2600:9000:2156:5a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1	100.20.195.132 100.20.195.132	16509 (AMAZON-02) (AMAZON-02)
2 4	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.192.95.221 34.192.95.221	14618 (AMAZON-AES) (AMAZON-AES)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
178	69

6 193.233.202.181 (Ashburn, United States)

ASN200019 (ALEXHOST, MD)
PTR: trem.media

examinerlive.trem.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

upgulpinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.222 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu

cdn-server.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 143.204.89.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-37.fra50.r.cloudfront.net

s2-prod.examinerlive.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-20.fra50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:8000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-30.fra50.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.202.156.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com

felix.data.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-56.fra50.r.cloudfront.net

reach-id.orbit.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.104.36.155 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

p1.w-q-f-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.93.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-3.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.205.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-205-124.eu-west-1.compute.amazonaws.com

stmg-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-112.fra50.r.cloudfront.net

i2-prod.birminghammail.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-100.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.25.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-25-219.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-83.fra50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.84.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-84-146.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.89.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-107.fra50.r.cloudfront.net

i2-prod.examinerlive.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-129.fra50.r.cloudfront.net

i2-prod.cambridge-news.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-7.fra50.r.cloudfront.net

i2-prod.leeds-live.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-55.fra50.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.89.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-111.fra50.r.cloudfront.net

www.reachgeneric.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-99.fra50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:4ba (United States)

ASN13335 (CLOUDFLARENET, US)

macro.adnami.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-8.fra50.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.89.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-128.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:48e8 (United States)

ASN13335 (CLOUDFLARENET, US)

config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4832:38dc:837:c27f:e1ca (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-18.fra50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-104.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.74.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-74-71.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.186.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-186-59.compute-1.amazonaws.com

notifications.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

unphionetor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:5a00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.195.132 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-195-132.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.95.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-95-221.compute-1.amazonaws.com

onsite-tag-logs.apps.nielsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	examinerlive.co.uk s2-prod.examinerlive.co.uk — Cisco Umbrella Rank: 272376 i2-prod.examinerlive.co.uk — Cisco Umbrella Rank: 127990	1 MB
10	google.com accounts.google.com — Cisco Umbrella Rank: 116 cse.google.com — Cisco Umbrella Rank: 3240 www.google.com — Cisco Umbrella Rank: 8 clients1.google.com — Cisco Umbrella Rank: 582	243 KB
9	tm-awx.com felix.data.tm-awx.com — Cisco Umbrella Rank: 16963 reach-id.orbit.tm-awx.com — Cisco Umbrella Rank: 20299	10 KB
9	upgulpinon.com upgulpinon.com — Cisco Umbrella Rank: 41812	138 KB
7	s-onetag.com 1 redirects get.s-onetag.com — Cisco Umbrella Rank: 4156 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4763 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4967 signal-segments.s-onetag.com — Cisco Umbrella Rank: 7634	31 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	160 KB
6	trem.media examinerlive.trem.media	67 KB
5	proper.io global.proper.io — Cisco Umbrella Rank: 9640 abcheck.proper.io — Cisco Umbrella Rank: 10317 bids.proper.io — Cisco Umbrella Rank: 9884	136 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 75963	158 KB
5	exelator.com 2 redirects cdn.exelator.com — Cisco Umbrella Rank: 14808 mydmp.exelator.com — Cisco Umbrella Rank: 12978 loadm.exelator.com — Cisco Umbrella Rank: 1268	13 KB
5	viafoura.co livecomments.viafoura.co — Cisco Umbrella Rank: 11004 api.viafoura.co — Cisco Umbrella Rank: 10117 notifications.viafoura.co — Cisco Umbrella Rank: 11376 i.viafoura.co — Cisco Umbrella Rank: 10161	2 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 982 trc.taboola.com trc-events.taboola.com Failed	208 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 14257	35 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1217 mab.chartbeat.com — Cisco Umbrella Rank: 1984	36 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	8 KB
3	unphionetor.com unphionetor.com — Cisco Umbrella Rank: 28018	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	785 B
3	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 8715 geo.privacymanager.io — Cisco Umbrella Rank: 1461	122 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	2 KB
2	quantcount.com 1 redirects rules.quantcount.com — Cisco Umbrella Rank: 991	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2518	24 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1095	588 B
2	lrcontent.com config.lrcontent.com — Cisco Umbrella Rank: 16598	640 B
2	adnami.io macro.adnami.io — Cisco Umbrella Rank: 14707	29 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 327	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	179 KB
2	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3596 pixel.adsafeprotected.com — Cisco Umbrella Rank: 536	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	175 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	nielsen.com onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 12018	264 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	629 B
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 14577	10 KB
1	reachgeneric.co.uk www.reachgeneric.co.uk — Cisco Umbrella Rank: 21474	39 KB
1	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 4332	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11393	550 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367 Failed	265 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	39 KB
1	leeds-live.co.uk i2-prod.leeds-live.co.uk — Cisco Umbrella Rank: 197375	43 KB
1	cambridge-news.co.uk i2-prod.cambridge-news.co.uk — Cisco Umbrella Rank: 200196	70 KB
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 9920	8 KB
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293	323 B
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627	2 KB
1	gstatic.com fonts.gstatic.com	78 KB
1	birminghammail.co.uk i2-prod.birminghammail.co.uk — Cisco Umbrella Rank: 38664	7 KB
1	mirror.co.uk stmg-prod.mirror.co.uk — Cisco Umbrella Rank: 26879	544 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 671	44 KB
1	w-q-f-a.com p1.w-q-f-a.com	2 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 4106	77 KB
1	cdn-server.top cdn-server.top	706 B
0	rlcdn.com Failed api.rlcdn.com Failed
178	52

	Domain	Requested by
30	s2-prod.examinerlive.co.uk	examinerlive.trem.media s2-prod.examinerlive.co.uk scripts.webcontentassessor.com
12	i2-prod.examinerlive.co.uk	examinerlive.trem.media
9	upgulpinon.com	examinerlive.trem.media upgulpinon.com
8	felix.data.tm-awx.com	examinerlive.trem.media felix.data.tm-awx.com
6	examinerlive.trem.media	examinerlive.trem.media s2-prod.examinerlive.co.uk
5	interstitial-08.com	scripts.webcontentassessor.com interstitial-08.com
4	www.google.com	scripts.webcontentassessor.com
4	littlecdn.com	interstitial-08.com
3	cm.g.doubleclick.net	2 redirects
3	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
3	unphionetor.com	interstitial-08.com unphionetor.com
3	accounts.google.com	scripts.webcontentassessor.com accounts.google.com
3	sb.scorecardresearch.com	1 redirects examinerlive.trem.media
3	static.chartbeat.com	examinerlive.trem.media www.googletagmanager.com
3	securepubads.g.doubleclick.net	examinerlive.trem.media securepubads.g.doubleclick.net
3	www.google-analytics.com	examinerlive.trem.media www.google-analytics.com
2	ib.adnxs.com	2 redirects
2	loadm.exelator.com	1 redirects
2	gum.criteo.com	1 redirects scripts.webcontentassessor.com
2	mydmp.exelator.com	1 redirects
2	cse.google.com	www.googletagmanager.com www.google.com
2	rules.quantcount.com	1 redirects examinerlive.trem.media
2	script.4dex.io	global.proper.io script.4dex.io
2	abcheck.proper.io	examinerlive.trem.media
2	ping.chartbeat.net	examinerlive.trem.media
2	signal-segments.s-onetag.com	get.s-onetag.com
2	global.proper.io	scripts.webcontentassessor.com
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	config.lrcontent.com	s2-prod.examinerlive.co.uk
2	macro.adnami.io	www.googletagmanager.com macro.adnami.io
2	get.s-onetag.com	1 redirects examinerlive.trem.media
2	livecomments.viafoura.co	s2-prod.examinerlive.co.uk
2	geo.privacymanager.io	ats-wrapper.privacymanager.io
2	c.amazon-adsystem.com	examinerlive.trem.media c.amazon-adsystem.com
2	www.googletagmanager.com	examinerlive.trem.media www.googletagmanager.com
2	fonts.googleapis.com	examinerlive.trem.media s2-prod.examinerlive.co.uk
2	pagead2.googlesyndication.com	examinerlive.trem.media pagead2.googlesyndication.com
1	trc.taboola.com	cdn.taboola.com
1	analytics.twitter.com
1	onsite-tag-logs.apps.nielsen.com	cdn.exelator.com
1	mug.criteo.com
1	clients1.google.com
1	bids.proper.io	global.proper.io
1	id5-sync.com	global.proper.io
1	i.viafoura.co	examinerlive.trem.media
1	edge.quantserve.com	global.proper.io
1	notifications.viafoura.co	cdn.viafoura.net
1	signal-beacon.s-onetag.com	examinerlive.trem.media
1	region1.google-analytics.com	www.googletagmanager.com
1	api.viafoura.co	cdn.viafoura.net
1	cdn.exelator.com	scripts.webcontentassessor.com
1	www.reachgeneric.co.uk	scripts.webcontentassessor.com
1	uk-script.dotmetrics.net	scripts.webcontentassessor.com
1	mab.chartbeat.com	static.chartbeat.com
1	my.rtmark.net	upgulpinon.com
1	match.adsrvr.org	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	i2-prod.leeds-live.co.uk	examinerlive.trem.media
1	i2-prod.cambridge-news.co.uk	examinerlive.trem.media
1	cdn.viafoura.net	examinerlive.trem.media
1	pixel.adsafeprotected.com	cdn.adsafeprotected.com
1	quantcast.mgr.consensu.org	s2-prod.examinerlive.co.uk
1	static.hotjar.com	examinerlive.trem.media
1	fonts.gstatic.com	fonts.googleapis.com
1	i2-prod.birminghammail.co.uk	examinerlive.trem.media
1	stmg-prod.mirror.co.uk	examinerlive.trem.media
1	js-sec.indexww.com	examinerlive.trem.media
1	p1.w-q-f-a.com	cdn-server.top
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	reach-id.orbit.tm-awx.com	examinerlive.trem.media
1	ats-wrapper.privacymanager.io	examinerlive.trem.media
1	cdn.adsafeprotected.com	examinerlive.trem.media
1	scripts.webcontentassessor.com	examinerlive.trem.media
1	cdn-server.top	examinerlive.trem.media
0	trc-events.taboola.com Failed
0	api.rlcdn.com Failed	global.proper.io
178	76

This site contains links to these domains. Also see Links.

Domain
www.inyourarea.co.uk
www.hulldailymail.co.uk
www.leeds-live.co.uk
www.facebook.com
twitter.com
www.instagram.com
www.newspapersubs.co.uk
funeral-notices.co.uk
www.fish4.co.uk
discountcode.mirror.co.uk
dating.examiner.co.uk
marketplacelive.co.uk
www.bookanad.com
reachadmanager.com
www.mirror.co.uk
www.business-live.co.uk
www.memorylane.co.uk
www.mirrorbingo.com
www.okbeautybox.co.uk
hopsmore.co.uk
jobs.reachplc.com
reachphotosales.co.uk
www.mirrorpix.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cdn-server.top R3	`2022-05-15` - `2022-08-13`	3 months	crt.sh
mirror.co.uk Amazon	`2021-08-20` - `2022-09-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.data.tm-awx.com Amazon	`2022-06-10` - `2023-07-08`	a year	crt.sh
reach-id.orbit.tm-awx.com Amazon	`2021-09-22` - `2022-10-20`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
stmg-prod.mirror.co.uk Amazon	`2022-05-28` - `2023-06-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upgulpinon.com R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.cmp.quantcast.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
*.reachgeneric.co.uk Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-26` - `2023-06-26`	a year	crt.sh
cdn.exelator.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
interstitial-08.com R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
unphionetor.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-02-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
onsite-tag-logs.apps.nielsen.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://examinerlive.trem.media/
Frame ID: 5EDBC9317BA576B42764602499233541
Requests: 155 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: 4F71BC4B1A2CBD057D44C05867D8D41E
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Frame ID: A658890ED6B8B97BFC627F930072A020
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=examinerlive.trem.media
Frame ID: 940DA6303056A306108E135BBEBC790B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

YorkshireLive - Yorkshire News, Sport, Events & moresearch

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

178
Requests

81 %
HTTPS

36 %
IPv6

52
Domains

76
Subdomains

69
IPs

7
Countries

3771 kB
Transfer

11026 kB
Size

40
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inyourarea.co.uk/?branding=huddersfieldexaminer&from_reach_primary_nav=huddersfieldexaminer
Title: In Your Area

Search URL Search Domain Scan URL

URL: https://www.hulldailymail.co.uk/all-about/hull-city
Title: Hull City

Search URL Search Domain Scan URL

URL: https://www.leeds-live.co.uk/sport/leeds-united/
Title: Leeds United

Search URL Search Domain Scan URL

URL: https://www.leeds-live.co.uk/
Title: Leeds Live

Search URL Search Domain Scan URL

URL: https://www.leeds-live.co.uk/news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.leeds-live.co.uk/best-in-leeds/
Title: Best In Leeds

Search URL Search Domain Scan URL

URL: https://www.hulldailymail.co.uk/
Title: Hull Live

Search URL Search Domain Scan URL

URL: https://www.hulldailymail.co.uk/news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.hulldailymail.co.uk/sport/
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.hulldailymail.co.uk/whats-on/
Title: What's On

Search URL Search Domain Scan URL

URL: https://www.facebook.com/YorkshireLive

Search URL Search Domain Scan URL

URL: https://twitter.com/yorkshirelive

Search URL Search Domain Scan URL

URL: https://www.instagram.com/examinerlive

Search URL Search Domain Scan URL

URL: https://www.newspapersubs.co.uk/pc/HES
Title: Buy a Paper

Search URL Search Domain Scan URL

URL: https://funeral-notices.co.uk/Yorkshire+and+the+Humber-West+Yorkshire
Title: Funeral Notices

Search URL Search Domain Scan URL

URL: https://www.fish4.co.uk/jobs/huddersfield/?utm_source=tm-huddersfieldexaminer&utm_medium=referral&utm_campaign=navlink
Title: Jobs

Search URL Search Domain Scan URL

URL: https://discountcode.mirror.co.uk/
Title: Voucher Codes

Search URL Search Domain Scan URL

URL: https://www.inyourarea.co.uk/localservices?branding=huddersfieldexaminer
Title: Directory

Search URL Search Domain Scan URL

URL: http://dating.examiner.co.uk/
Title: Dating

Search URL Search Domain Scan URL

URL: https://marketplacelive.co.uk/national
Title: Marketplace

Search URL Search Domain Scan URL

URL: http://www.bookanad.com/regions/north-west-amp-north-wales/
Title: Book an Ad

Search URL Search Domain Scan URL

URL: https://www.inyourarea.co.uk/publicnotices/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://reachadmanager.com/?utm_source=Reach%20Network&utm_medium=Display&utm_campaign=Reach%20Ad%20Manager&utm_term=Sponsorship%20Bar&utm_content=Reach%20Ad%20Manager
Title: Reach Ad Manager

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/sport/tennis/set-free-wimbledon-bet-27084518?int_source=huddersfieldexaminer-http://examinerlive.secsportz.com/&int_medium=shop-window-1&int_campaign=https://www.mirror.co.uk/sport/tennis/set-free-wimbledon-bet-27084518

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/all-about/partner-copybet
Title: partner-copybet

Search URL Search Domain Scan URL

URL: http://www.fish4.co.uk/newalert/
Title: Send me jobs by email

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/lifestyle/unboxed-2022-answer-5-simple-26469831?int_source=huddersfieldexaminer-http://examinerlive.secsportz.com/&int_medium=shop-window-2&int_campaign=https://www.mirror.co.uk/lifestyle/unboxed-2022-answer-5-simple-26469831

Search URL Search Domain Scan URL

URL: https://www.mirror.co.uk/all-about/creative-live
Title: Creative Live

Search URL Search Domain Scan URL

URL: https://www.business-live.co.uk/all-about/yorkshire-humber
Title: Business

Search URL Search Domain Scan URL

URL: https://www.inyourarea.co.uk/?branding=huddersfieldexaminer&from_reach_footer_nav=huddersfieldexaminer
Title: InYourArea

Search URL Search Domain Scan URL

URL: https://www.memorylane.co.uk/
Title: MemoryLane

Search URL Search Domain Scan URL

URL: https://www.mirrorbingo.com/
Title: Mirror Bingo

Search URL Search Domain Scan URL

URL: https://www.okbeautybox.co.uk/
Title: OK! BeautyBox Subscription

Search URL Search Domain Scan URL

URL: https://hopsmore.co.uk/
Title: Hopsmore Beer Club

Search URL Search Domain Scan URL

URL: https://jobs.reachplc.com/jobs
Title: Work for us

Search URL Search Domain Scan URL

URL: https://reachphotosales.co.uk/Reach
Title: Buy a photo

Search URL Search Domain Scan URL

URL: https://www.mirrorpix.com/
Title: Syndication & Licensing

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js HTTP 301
https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js

Request Chain 132

http://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js HTTP 301
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js

Request Chain 147

https://sb.scorecardresearch.com/c2/6035737/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 151

https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d HTTP 307
https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d&xl8blockcheck=1

Request Chain 161

https://gum.criteo.com/sid/json?origin=publishertag&domain=trem.media&sn=ChromeSyncframe&so=0&topUrl=examinerlive.trem.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=iPmfnXx5b1g3czNKTExjR0RtSk1Nb1k0OFFVQURrYlBzVHNWUVB2Y0FjL1VFYjNZR2pYTXFucnNSRWdMWnU5RjAraTMxYTJJSU5Rc0kxYkJYcVk5KzhTdXlWY1B0MzZ2aGZPaTA0NTJSSVE5TUlpa25pbzhJaktYUXpOVTNzTWVvY0l3TkRtQlRUV2NBRjhGYjIzRXdrTm40SnE2Y0h5T2dtR29PbW1QTEkyUytzbi9BT0s5Vmw2OFNHUHJvZnFLS014SnlUc1N4aGFqZTlyaGk4V20zUW5VN2J2cXFNY3QzOGxvS2loOEJiRUZCdE9yajJMV2lvb2RSQlBpZytyR25lSWw2QlBoZFd3blA3WDJSU3QzSkMvdzQ4dz09fA&cppv=2

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm=&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&google_tc= HTTP 302
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEIag6idl3s67tVYk1hiO_MA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&

Request Chain 165

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=013&bi=1625729341028900530&j=0

178 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
examinerlive.trem.media/ 432 KB
60 KB 3776ms
3691ms Document
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://examinerlive.trem.media/

Protocol

HTTP/1.1

Server

193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),

Reverse DNS

trem.media

Software

tino-panel / PHP/5.6.40

Resource Hash

c1765138c78b21926ee11ca82e804325c47d45e4880d6a7a10b693857cd890bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.cdn.ampproject.org/ https://bing-amp.com/ https://.tm-aws.com/ https://*.tm-awx.com/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Age: 5
CF-Cache-Status: DYNAMIC
CF-RAY: 7224fdc70a8a78a3-VIE
Cache-Control: max-age=120
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://*.cdn.ampproject.org/ https://bing-amp.com/ https://*.tm-aws.com/ https://*.tm-awx.com/;
Content-Type: text/html;charset=UTF-8
Date: Tue, 28 Jun 2022 08:18:24 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 28 Jun 2022 08:27:27 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p2cXhQ7ZxwvbYO9AaiJLB%2BkMx2BOtMqP9dBwXsep7XN1H2GZyH5xxmIki9U5Bvl%2Fi%2FFGOoF7r4%2Fl%2BcoSxw%2FymeyOhWEYG9gV%2FQCeQRisUP8vQUyLiE%2BdAUTKsIXww6hU8KXZqgs4EPt5pKmLA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: tino-panel
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
Via: 1.1 varnish, 1.1 e2b6596be074ad87bd3300d4df7735b4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ELn99HGSD-KyfITzx16Aqo7xZEuS1WxZM5CxOkURN5as2KylejEisw==
X-Amz-Cf-Pop: SFO5-P2
X-Cache: Hit from cloudfront
X-Cache-Hits: 5
X-Cacheable: YES
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.40
X-ProcessESI: yes
X-RemovedCookies: YES
X-Served-By: reg-cache302.tm-aws.com
X-Varnish: 436704982 439877719
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 95ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252ee4376dd7760162eb391fafee5d8420b5e56bb280473076f4883c9056a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://examinerlive.trem.media/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56374
x-xss-protection: 0
server: cafe
etag: 5838098130513488407
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H/1.1 200
OK 1 Show response
upgulpinon.com/ 8 KB
4 KB 60ms
27ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://upgulpinon.com/1?z=4843600
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dce9146e456f12cf54107bbb0372b3363a059b8ae1d47ed9165bc4c0d22875c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 178621353ad779360a03617f4de0ae3d
Pragma: no-cache
X-Sc: FBz7U5M7QTQttTBH92urcd_ztafxD_imNBWA2XvrEdmzAjD3JnqtUGT471sb2iQOsp06_RerTcqptlN5-eJOCG4iecc=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mms.js Show response
cdn-server.top/p/ 409 B
706 B 151ms
45ms Script
application/javascript 185.66.200.222
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-server.top/p/mms.js?pub=381315&ga=g
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.222 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.222.skhosting.eu
Software: nginx /
Resource Hash: 0ad3f94629b6d09711510cd543ba15fd8637acc0c70d430b5cca5b9cbc0c4334

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: cache
date: Tue, 28 Jun 2022 08:18:25 GMT
cache-control: max-age=3600
expires: Tue, 28 Jun 2022 09:18:25 GMT
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-type: application/javascript

GET
H2 200 section-base.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/ 55 KB
12 KB 98ms
39ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/section-base.css?v=a8a2207b9a185d4497101cc574882e89
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 109a908f84c6d056deabc0fa5ab190c4a76be2ba5d5dfc9562fba38ee35180e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 12:19:40 GMT
server: AmazonS3
age: 4894
etag: W/"a8a2207b9a185d4497101cc574882e89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kyNc1cKnLmU71XieTHO83F8kOuk1eH2uXC6ySRM4n6MNXcrPbQ8Jlw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/scss/ 27 KB
6 KB 80ms
22ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aaff62dc57b4cc3c82a9ebfcf6627c13b789e15a06aa31b487e2deaec6cad09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 20879
etag: W/"8560b002b4f01cbd2b804b01afccefa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qMkd8gye508d4gAPeVKO_rRNfbSmKTsCTsiL1oBKi1F5xQhNTeDPHQ==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 marwood-extended.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/ 17 KB
4 KB 82ms
24ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/marwood-extended.css?v=8638decea25a4dd3feaf55d3bc8aa741
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1f1de1e298fabb8508ff99f14528f79af6ebd09c501d921251533e5835dba8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:29:59 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 12:19:40 GMT
server: AmazonS3
age: 10280
etag: W/"8638decea25a4dd3feaf55d3bc8aa741"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Q2e5HcjvPaJdtlLDTpnNSwx5bWqPGgCPjSodfmOoeRfWk1Gg4BmJbw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 96ms
35ms Stylesheet
text/css 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wdth,wght@75,700;100,400;100,700&family=Signika+Negative:wght@400;700

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15a2bc9af09b75ce70d1f15a7c64324237a37ff97bbedc8d58b2d85e09c9ac52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:10:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 08:18:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H2 200 SignikaNegative-Bold.47b398e81c9f2e2e.woff2
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 12 KB
12 KB 78ms
20ms Font
binary/octet-stream 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/SignikaNegative-Bold.47b398e81c9f2e2e.woff2
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e

Request headers

Referer: http://examinerlive.trem.media/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 06:12:51 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 7575
etag: "0878f337da5ac933819c3eaf691db0a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12272
x-amz-cf-id: LqGSJJh2tx0knzPzEGxzRNIZVnVp7a_cvPrfbM42EUolf-SUkNr1Xw==

GET
H2 200 icomoon.edbe0dea183769a4.woff2
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 7 KB
8 KB 78ms
21ms Font
binary/octet-stream 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/icomoon.edbe0dea183769a4.woff2
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c9167acffc1227365284e60c353db4c6218e353ebc65dab2b60f100dfc71b06

Request headers

Referer: http://examinerlive.trem.media/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:37:35 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 17547
etag: "976c4f062f64b5786b09384cd95e9a7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7412
x-amz-cf-id: 23mflgLhi2IomkHnNsgyFerD2Eas7xt5gP4oeejFmFcXWjkvK5V3jw==

GET
H2 200 brand-extended.24f26cc24593f8dc.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/scss/ 27 KB
5 KB 80ms
23ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/scss/brand-extended.24f26cc24593f8dc.css
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa88ab735fa879c3b7641048d7cdc9217db24484bc0efff8d692749f756bced2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:32:40 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 08:58:38 GMT
server: AmazonS3
age: 9946
etag: W/"b3fc036d78ce9e81a30045023dacbbf4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: x-CsRJ8UV2GD2YMuWOkJASsmoqyfVK6jZ3q7WujwbuKpzcGkwbMaXw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4416
date: Tue, 28 Jun 2022 07:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Jun 2022 09:04:49 GMT

GET
H2 200 56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b Show response
scripts.webcontentassessor.com/scripts/ 376 KB
77 KB 90ms
22ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 170ecdb8c7b0179e0ca500a652b013f622bd47b52ece03e9760cd916962afdf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
age: 2543
x-cache: HIT
content-length: 77967
x-amz-id-2: HexYVGBOcSGdk2ijsmIKn8qHmNRTcE/n+5Av6crsl8CzYWN/qcyJEyH1xYLup9Db4mQaPN6S1Bc=
x-served-by: cache-hhn4082-HHN
last-modified: Tue, 28 Jun 2022 07:22:48 GMT
server: AmazonS3
x-timer: S1656404306.669364,VS0,VE1
etag: "23769dcefa1a119197a57837363c7914"
vary: Accept-Encoding
x-amz-request-id: 47EA8VBDM8WM1H7S
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 s.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/systemjs/ 9 KB
4 KB 35ms
29ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/systemjs/s.min.js?v=f10714d2eb405d24ddca037ab0ec8f8d
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8db9e95c255ccdfb1bef85cb26da263bfeb9ba1eb70d835ec74a363ef27df708

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 00:57:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 26485
etag: W/"f10714d2eb405d24ddca037ab0ec8f8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: T0ub2Tc_-eH8pSSg81Y_nJZ5f98olnjZatOkO3PmEsnO85E5r6RY4A==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 runForceReconsent.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/tags/js/ 91 KB
28 KB 31ms
25ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=906c6a54597cf3d6882558890c318e8f
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 957488292f6d47df455a24d4f4cf0eb2b06698fe1eb7384dbf3ebaf54423cead

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:07 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 22879
etag: W/"906c6a54597cf3d6882558890c318e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: y9ojoqHC4BacropR3TLO1nSX3lSWeW72xtc9kd1Swsvimu8ZkA7Lvg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 84ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

4813320d44f3f82fe85df7fedc424af04063d51885d8cdd1947ea15d3fdcb98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28127
x-xss-protection: 0
server: sffe
etag: "1257 / 413 of 1000 / last-modified: 1656367539"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 64ms
21ms Script
application/javascript 143.204.89.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 143.204.89.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-20.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 05:09:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 443314
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: TudORefkXPkE1QmnvasEHTS2oTlaCwZPyeDIgkzrQT7n-CD3GpBcvA==

GET
H2 200 tags.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/tags/js/ 255 KB
57 KB 37ms
32ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/tags/js/tags.min.js?v=2c1570c2d129a7bf8d8081adbbe947ae
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 015b9fa00cb4cc03645a3f4979e679552c0d74e4d4ff69a01b4e49b7e39b616d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 15:38:04 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 60022
etag: W/"2c1570c2d129a7bf8d8081adbbe947ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9twAy_WfGTPAgvj6HQXadnXzF8qkNHn60fxwyrsapmbmxY1aiG4ljQ==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 101ms
22ms Script
application/x-javascript 2600:9000:2156:8000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:44:39 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:43:59 GMT
server: nginx
age: 2026
etag: W/"62b516df-5c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Q9CH4iDqaoWxLIpDr56ujJ1ymvgBt8cJOFnshD_aSAnxUQSJouYS0g==
expires: Tue, 28 Jun 2022 09:44:39 GMT

GET
H/1.1 404
Not Found transparent.png
examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/ 548 B
548 B 63ms
58ms Image
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found transparent-wide.png
examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/ 548 B
548 B 121ms
63ms Image
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent-wide.png
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 pug-runtime.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/pug-runtime/ 3 KB
2 KB 21ms
21ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/pug-runtime/pug-runtime.min.js?v=f9a8f9298a1eafea96091cdab6421797
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:29:59 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 12:19:41 GMT
server: AmazonS3
age: 10458
etag: W/"f9a8f9298a1eafea96091cdab6421797"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UVKnVanJ4uxGtB7xXHJKvlbCz7x7wfc8bpKAzE8WaJXyECeFWeiyJA==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 section.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/js/ 214 KB
45 KB 85ms
80ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/js/section.min.js?v=86e69e5cb83ccc76f152e09611982a6f
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53db6cd1251b062283e247a8b440462e01232a214a93ce981da3e50203956c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 12:19:39 GMT
server: AmazonS3
age: 19393
etag: W/"86e69e5cb83ccc76f152e09611982a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wj8cF7sDABapgagZdTqTO7w40G4JgvaUCAVqsq2cqGOqeO2OmyQU_Q==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 section.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/article-service/js/ 61 KB
15 KB 85ms
81ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/article-service/js/section.min.js?v=b472f12ef88059acb03c6c89d4f0c240
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 689fdabbf7cb0792ac119b0ac7abb8f7e4a9350ff08d631eea985d52b96c9c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 14:16:28 GMT
server: AmazonS3
age: 2817
etag: W/"b472f12ef88059acb03c6c89d4f0c240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8VWXPW6Ao_EojU0SLNOGriiwxUi1UvPommQ4VgRr8FI_uG6uCttGSw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 partner.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/ 180 KB
46 KB 55ms
51ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=758c6d392555a6b8bb8ef392ec898b0c
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d9cdb60bac5bf32e6b7f24454d57bf69b1eb22b0f9a0bbd8020352123c6fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:07:19 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:23:34 GMT
server: AmazonS3
age: 4472
etag: W/"758c6d392555a6b8bb8ef392ec898b0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: re5t7azwpaPF5FyAHRXXrf63eL9AA2AqtwhS26Ne6gJwKQPfsEVFUA==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/js/ 18 KB
5 KB 52ms
48ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/js/chameleon-static-html.min.js?v=8e1c897a79e9841da91dd3c930f4c128
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c22e5178495a9e76d2a1fbaff6b2a43cca64cc2947d1bb47f2bd282ec73093b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:37:35 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 17882
etag: W/"8e1c897a79e9841da91dd3c930f4c128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UwgNaXDgcuddJlusY6OKvohWlQ2tdIq7YI7JJpEDzQaqOFVIsSFfWg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 withnail.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/ 274 KB
77 KB 63ms
59ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/withnail.min.js?v=f78ffe763914ede15534445199bd612d
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e419d0e7334b7fc463cc6b953462e574fc3e4b19412d4cde78578e32e1358933

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:45:16 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 63189
etag: W/"f78ffe763914ede15534445199bd612d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HYy5SDK0dROQj1aLSwfd7Dx_pcEfs6pD62AwI5-kxnBKXk6hz-NnBg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ 344 KB
120 KB 80ms
24ms Script
application/javascript 143.204.89.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-30.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed2afa2565753583faf967bdcd69182e999f75200e8af54dbd1630dcb173fe9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: T.8RfGIoo_EPb718xN_IbyQxiUzc4wuV
content-encoding: gzip
etag: W/"7633c3ac5e4fe67914f3f904b61b900f"
last-modified: Wed, 02 Feb 2022 15:57:46 GMT
server: AmazonS3
age: 78
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Tue, 28 Jun 2022 08:17:08 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jHprJIJGq1MP4Vw_La6jEB0nLpnpsDJHxd83MIewbhavKz_n6NoK0g==

GET
H2 200 felix.min.js Show response
felix.data.tm-awx.com/ 19 KB
6 KB 141ms
44ms Script
application/javascript 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/felix.min.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1435892f80f5dbef825cd7503205f825dd522342ebe34164b6a57d95b40a6e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
etag: W/"4b5c-QY1+JXEt7dSy77uJ1lM8Cb19Ew8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 style.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/ 131 B
540 B 22ms
22ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/style.css
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ecb41291b7df5f937e5bef51145c588781d886784568b7774b9be35f6ff261c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:29:59 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Wed, 25 May 2022 09:41:27 GMT
server: AmazonS3
age: 10168
etag: "9ef16bb2f1d2a89ff8c3a76cf900bc37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 131
x-amz-cf-id: hqDO4hffrXX_bh8qUyJrljz_Dl-2e3uaPqoFzf9w0tGubZMqiUue3Q==

GET
H2 200 index.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/ 88 KB
24 KB 72ms
69ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/user-profile/96cf43c112ba08db40115e9fb4b007aa25b3d955/index.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e58e8a7be7dad76e3d1da9b723405a06ed0e6c3956d494397b97a92398540a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:37:35 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:41:27 GMT
server: AmazonS3
age: 17882
etag: W/"2786ba78e13ab84b5ffb75f69e968a70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7enrMgbbhqBshjCzhU0c1U8zS8K14D7AIieFyMkgyhBssuzv2J1mtw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 auth-ui.min.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/auth-ui/ 369 KB
95 KB 74ms
71ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/auth-ui/auth-ui.min.js?v=7b6f4a84cd7f8e521a7bc105c3addde6
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e140d8a05464766143212b1494858bb7f892fed4f7d6c62176436edf8ab789d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:29:59 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 10:59:16 GMT
server: AmazonS3
age: 10288
etag: W/"7b6f4a84cd7f8e521a7bc105c3addde6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uZgr91u8KBlm6RXot0AtnjOurmys8zLOGt4dbUcGzJEnqzhjWdb2hA==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 analytics.js.gz Show response
reach-id.orbit.tm-awx.com/ 4 KB
2 KB 86ms
22ms Script
text/javascript 143.204.89.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reach-id.orbit.tm-awx.com/analytics.js.gz
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-56.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c79d183a3ab8457485feeed21d3d21499fe491c2cb2b04e155574d27b1d4fef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:04:20 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 10:33:20 GMT
server: AmazonS3
age: 848
etag: "735fb71acc8a049f35b940f5177d6f83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1982
x-amz-cf-id: Q9cQN91RV2ofrWt4YRjViGj1xP6V8YSI1iIrOC6zgYtPjKQpVaA4cA==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 93ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2435524096963092&plah=examinerlive.trem.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b990ab8ebf75f62a0142673568da1a784388e2ef236b43256b364c5a53a4792f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122447
x-xss-protection: 0
server: cafe
etag: 16562590605389211585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame 4F71 10 KB
5 KB 74ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2435524096963092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://examinerlive.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 20:01:51 GMT
etag: 10429905676100781186
expires: Mon, 11 Jul 2022 20:01:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pub.min.js Show response
p1.w-q-f-a.com/js/ 3 KB
2 KB 267ms
115ms Script
application/javascript 216.104.36.155
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://p1.w-q-f-a.com/js/pub.min.js
Requested by: Host: cdn-server.top
URL: https://cdn-server.top/p/mms.js?pub=381315&ga=g
Protocol: HTTP/1.1
Server: 216.104.36.155 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx /
Resource Hash: 2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 12:11:29 GMT
Server: nginx
ETag: "614b1d71-60b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 1547
Expires: Wed, 29 Jun 2022 08:18:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 485 KB
110 KB 81ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66a7b25a9fd504376ab5cd151aaf3fee6f3e00842f0e875da6fbd5d4855e2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112475
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H/1.1 200
OK 186772-186243221999091.js Show response
js-sec.indexww.com/ht/p/ 159 KB
44 KB 107ms
24ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186772-186243221999091.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1536a995de7689801b3ec55bd09f3b5e200a45bfded9104da7e2e0b4209633bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jun 2022 07:41:09 GMT
Server: Apache
ETag: "761c3d-27cf6-5e27d28f94075"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1531
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 44535
Expires: Tue, 28 Jun 2022 08:43:56 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 88ms
27ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 28 Jun 2022 07:31:18 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront), 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:20:00 GMT
server: AmazonS3
age: 2828
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: FuA0_s4oyb_JB_Vo-prRDnVslVwue3AlACb0mCUZ2dZIxIlKBoBZ_A==

GET
H2 200 analytics.config.json Show response
stmg-prod.mirror.co.uk/ 44 B
544 B 155ms
45ms XHR
application/json 52.51.205.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stmg-prod.mirror.co.uk/analytics.config.json

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.205.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-205-124.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

b04dc48c4fba873640e629090eaf0bfd47ddea85969fca3020a1c4539bc4d53d

Security Headers

Name	Value
X-Frame-Options	x-frame-options:SAMEORIGIN
X-Xss-Protection	X-XSS-Protection: 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
referrer-policy
amp-access-control-allow-source-origin: http://examinerlive.trem.media
x-xss-protection: X-XSS-Protection: 1; mode=block
x-powered-by: Express
x-frame-options: x-frame-options:SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: http://examinerlive.trem.media
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
content-length: 44
etag: W/"2c-zUg2tU83M8tl7qwOuHRjKOl4S+U"

GET
H2 200 0_Yorkshire-Live_Reversed.png
i2-prod.birminghammail.co.uk/incoming/article23437562.ece/BINARY/ 6 KB
7 KB 104ms
22ms Image
image/png 143.204.89.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.birminghammail.co.uk/incoming/article23437562.ece/BINARY/0_Yorkshire-Live_Reversed.png

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-112.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f24b07a5e7e15ffe1bea2246643d54074fc2d51bdc90b0872a8ea4e8c2eefe87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-cacheable: YES
age: 10641
x-cache: Hit from cloudfront
x-removedcookies: YES
x-cache-hits: 3
content-length: 6398
x-served-by: reg-cache301.tm-aws.com
last-modified: Fri, 18 Mar 2022 17:23:15 GMT
server: nginx
date: Tue, 28 Jun 2022 05:42:26 GMT
x-frame-options: SAMEORIGIN
x-varnish: 840664724 806948004
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: q-u9Zso-6491sA59fNa1bXJaZC13VdClupfH35lzC_ZAs0bu3bCkkw==
expires: Wed, 29 Jun 2022 02:27:14 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v29/ 77 KB
78 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wdth,wght@75,700;100,400;100,700&family=Signika+Negative:wght@400;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5c4b278ca30fa881cef4ecb3538c00e855fe7983706f2e04347368a541f7dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 22:32:35 GMT
x-content-type-options: nosniff
age: 35150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78896
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 22:32:35 GMT

GET
H2 200 5174b320df6dd61bbcdfef17dda94275 Show response
upgulpinon.com/27/ 398 KB
129 KB 91ms
29ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275

Requested by

Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=4843600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3cffc7c33ee5bd9bf126ab3b9fd0256b2805d6bb679c1e04df4f65d1a31e1586

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 03:23:41 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Tue, 21 Jul 2082 03:23:41 GMT

GET
H2 200 38 Show response
upgulpinon.com/42/ 0
667 B 162ms
111ms Script
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/42/38?z=4843600
Requested by: Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=4843600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 989d74c218f77c9777c9b51daf3f93fe
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:25 GMT
x-sc: BN29ONfTsf25_IS1yk6yV5dzkgQQ_nSB9uP2VXngy-EDeI78grq5QEfl9FVe9uO9Okuf1r_t6qdL2_k7RqQp4rLM4LA=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 section.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/article-service/scss/ 16 KB
3 KB 66ms
64ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/article-service/scss/section.css?v=03d0461abfab7c110408db3bcd3a0f4f
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f26b43d77b38124d08f7cbb0088c1ceb0310f73ced275ffd0a435d28c0b8e370

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 08:57:22 GMT
server: AmazonS3
age: 9673
etag: W/"03d0461abfab7c110408db3bcd3a0f4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2aDM1n6J4yrTrzJyKWTgxFikUNs-CAL1pf9gs19xMb3sWuzJuazUlg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 withnail.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/scss/ 21 KB
5 KB 65ms
64ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/scss/withnail.css?v=4550c2517d98341fb5cf41fdb0c66856
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 618105bb69330a9559d3a25428b96da5714a89f9a012996e3c69ae9974e9bb15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:08 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 20748
etag: W/"4550c2517d98341fb5cf41fdb0c66856"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: yLeS4QRBakOykQve-BoXodNgUFwYlIUiqx1-sJG64JCH-4bUBZmiYw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 section.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/ 68 KB
12 KB 66ms
65ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a993fb966f108b2fd812f7ed27d9984f4ba2bf94b5f0375d8caa830c2ec751ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:25 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:23:37 GMT
server: AmazonS3
age: 14603
etag: W/"4de8889cb53b060c499289b6747bbe1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EJzZhhpC9hH0tHQwhogUfQ9t6Uwf4IdO6W9SbnrclToux5MdQKCguw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 hotjar-1635170.js Show response
static.hotjar.com/c/ 4 KB
2 KB 107ms
23ms Script
application/javascript 143.204.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1635170.js?sv=6

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-100.fra50.r.cloudfront.net

Software

Resource Hash

7d83e158a44d7ff90498c7b2e8d6e36d5000900902f4bdd021e8a505e338a8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 34
etag: W/fd5f903386021187133289a233b36cfb
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9Wav8iK0adW35HNe2BkllY_hXFYvgPXx2nojX5TDIS4wR5S5AI_T7A==
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)

GET
H2 200 logo-yorkshire-live.png
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/img/ 27 KB
27 KB 58ms
58ms Image
image/png 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/img/logo-yorkshire-live.png
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/scss/brand-extended.24f26cc24593f8dc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61ab2f35a20b811230c8642ff1eb04920dea276d4416093322c5a0e7adcb0f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/publications/huddersfieldexaminer/scss/brand-extended.24f26cc24593f8dc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:29:59 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:38 GMT
server: AmazonS3
age: 11597
etag: "74e8300eaa4f24bc00205f8df43bbee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 27302
x-amz-cf-id: 0eJzS3RXgjMnFRxuy19vcDzPnLcEceLeCLTKnAk3jygTXg-eMiHPNQ==

GET
H2 200 outside-black.svg
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/img/ 636 B
1 KB 57ms
57ms Image
image/svg+xml 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/img/outside-black.svg
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/section-base.css?v=a8a2207b9a185d4497101cc574882e89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1005a8feb5cfd170c0175a507937064e4ebbf72f0f4969089aab4a0c38b412cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/scss/section-base.css?v=a8a2207b9a185d4497101cc574882e89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:46:31 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 10:23:34 GMT
server: AmazonS3
age: 16315
etag: "d07d10f927f17fdc83fd56594ff669b9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 636
x-amz-cf-id: St3ljyro3iQ1PTb3nBwtvzI1emkDBvAmzNg50uByWKAY62gCw5cjTg==

GET
H2 200 ipso.a49db49dfe703ca7.svg
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ 4 KB
2 KB 49ms
48ms Image
image/svg+xml 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ipso.a49db49dfe703ca7.svg
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=8560b002b4f01cbd2b804b01afccefa2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:08 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:10:41 GMT
server: AmazonS3
age: 25195
etag: W/"f8d824c88fd8e96d700d1cb888a5aeb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bF_ZP5JZjdw2vq3nSmS9GldDiLNSM5WaQWDlVQ_aWQkW3u6t2q4CcQ==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 204 choice.js Show response
quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/examinerlive.trem.media/ 0
323 B 219ms
138ms Script
text/plain 2600:9000:2156:1200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/examinerlive.trem.media/choice.js
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=906c6a54597cf3d6882558890c318e8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:24 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Miss from cloudfront
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QQY2ZyIOGkbbL_yKPpo_oT52KSLAJz7lJOhjhzbWeuR_9L6_-yT2UA==

GET
H2 200 prebid-test.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/prebid/ 450 KB
136 KB 20ms
20ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid-test.js?v=906c6a54597cf3d6882558890c318e8f
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/systemjs/s.min.js?v=f10714d2eb405d24ddca037ab0ec8f8d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55da1915062ffd387f2ad684155fe1f05d06bbe8ed8a59a074a73bb7837b6616

Request headers

Referer: http://examinerlive.trem.media/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 15:37:51 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 60035
etag: W/"f403e6ab66cc82c4c074146f61f37602"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QZdey-kOGrjT-HyPjosxOvoWcao1UdY86yLbgqyy_ngS_s6qwBdZ5w==
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
713 B 86ms
32ms Stylesheet
text/css 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/section.css?v=4de8889cb53b060c499289b6747bbe1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 07:51:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 08:18:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 08:18:25 GMT

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
1 KB 116ms
53ms XHR
application/json 52.30.25.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/services/pub?anId=925430&slot=%7Bid:div-gpt-ad-ad-mix-slot,ss:%5B1.1%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-ad-web-strip,ss:%5B4.4%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-top-slot,ss:%5B970.250,970.251,728.90,728.91%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-sponsorship-bar,ss:%5B948.42%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-rh-slot,ss:%5B300.250,300.252%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-1,ss:%5B970.250,970.256,728.96%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-2,ss:%5B970.250,970.257,728.97%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-section-slot-3,ss:%5B970.250,970.258,728.90,728.98%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-bottom-slot,ss:%5B728.90,728.99%5D,p:/5293/examiner.co.uk,t:display%7D&slot=%7Bid:div-gpt-ad-fpd,ss:%5B3.3%5D,p:/5293/examiner.co.uk,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=229df2de-e5c3-150c-efdb-8a4914e2f7f5&url=http%253A%252F%252Fexaminerlive.trem.media%252F
Requested by: Host: cdn.adsafeprotected.com
URL: http://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Server: 52.30.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-25-219.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ebaac46e6dce5564d49f34293cdcd11653d7edc5424be699668bb8eb029ba88f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:25 GMT
X-Server-Name: app07.ie.303net.net
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://examinerlive.trem.media
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=203399977&t=pageview&_s=1&dl=http%3A%2F%2Fexaminerlive.trem.media%2F&ul=en-us&de=UTF-8&dt=YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1261201607&gjid=17653900&cid=948924739.1656404306&tid=UA-219467903-1&_gid=538865661.1656404306&_r=1&_slc=1&z=1346617990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/ads/ 149 B
570 B 21ms
21ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/withnail/lib/ads/ads.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fce1c1379b8639497005980d599d8312f6194dd427b296a83d346de5b488750b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 00:29:56 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 15:37:19 GMT
server: AmazonS3
age: 32232
etag: "8d3b0d305564b8ad5df4e96c59545e3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 149
x-amz-cf-id: T0We2VvWMyO4VAMxOY8Bd6NI8BsYtCm7_Z1U_clJ90yWZ45PKHvyGw==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 102ms
21ms Fetch
application/json 143.204.89.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-83.fra50.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 01:04:55 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
age: 26011
x-amzn-requestid: 4416eeaf-840f-45f6-861d-6a7d643ec008
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62ba53b7-31192cc76b0030886cabdc50;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: UaIEtF0MDoEF1PA=
content-length: 30
x-amz-cf-id: BwOvjLM6lV7pm7T7u81_-FhriHQyUkhSHagsZeaAHOo8i5Ho7lCiFg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 85ms
22ms Fetch
application/json 143.204.89.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4fb7b1a8-b529-4310-9387-3398aed19fa4/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-83.fra50.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 01:04:55 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
age: 26011
x-amzn-requestid: 4416eeaf-840f-45f6-861d-6a7d643ec008
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62ba53b7-31192cc76b0030886cabdc50;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: UaIEtF0MDoEF1PA=
content-length: 30
x-amz-cf-id: KD8KpWX9wBlNaSVi_XjTeJtZFSAYqjL3_yqrn3VgEIe5AYoNavE6lg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H/1.1 404
Not Found X2JS.min.js
examinerlive.trem.media/@trinitymirrordigital/chameleon-partnership-widgets/libs/ 0
0 57ms
57ms Script
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://examinerlive.trem.media/@trinitymirrordigital/chameleon-partnership-widgets/libs/X2JS.min.js?v=3.0.1
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:26 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 pubads_impl_2022062201.js Show response
securepubads.g.doubleclick.net/gpt/ 373 KB
126 KB 62ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129224
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 08:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Jun 2023 07:02:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
93 B 71ms
29ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=examinerlive.trem.media

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

af3376064fb9af02627d241e9cd21f22f16f077a5e76f519c67b6096e86c3759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Tue, 28 Jun 2022 08:18:26 GMT

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 22 KB
8 KB 100ms
23ms Script
application/javascript 2600:9000:2156:4800:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dc307462e4228f050ff6258ad9d6bda21449461724c11d87af36a21573f1aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: P3R.CknExjZUNb29SH5omgRgx_U8_fwM
content-encoding: br
last-modified: Mon, 20 Jun 2022 13:57:44 GMT
server: AmazonS3
age: 356
etag: W/"19dcfdd804fb22d6b48d84f5477e5c5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: public,max-age=600,s-max-age=60
date: Tue, 28 Jun 2022 08:12:31 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6xNBfhf6mIsGvT0mZF9TIDsPatAgwU90iAuJTp0JVPAH-FrqyWFEsg==

OPTIONS
H2 200 by-container-ids
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d0a628957588/content-containers/comment-count-and-status/ Frame 0
0 324ms
105ms Preflight 35.170.84.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d0a628957588/content-containers/comment-count-and-status/by-container-ids
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.84.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-84-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods: DELETE,PUT,POST,PATCH,GET
access-control-allow-origin: http://examinerlive.trem.media
access-control-max-age: 43200
content-length: 0
date: Tue, 28 Jun 2022 08:18:26 GMT

POST
H2 200 by-container-ids Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d0a628957588/content-containers/comment-count-and-status/ 4 KB
563 B 109ms
108ms Fetch
application/json 35.170.84.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-d0a628957588/content-containers/comment-count-and-status/by-container-ids
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/marwood/TM/js/section.min.js?v=86e69e5cb83ccc76f152e09611982a6f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.84.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-84-146.compute-1.amazonaws.com
Software: /
Resource Hash: 6ec5fa3cb91e551868cb4351ba2fa3f894d22045bb5ec335f229b0de0e6f7b7c

Request headers

Accept: application/json
Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: */*

Response headers

access-control-allow-origin: http://examinerlive.trem.media
date: Tue, 28 Jun 2022 08:18:26 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
content-encoding: gzip
content-length: 378
content-type: application/json

GET
H2 200 0_Yorkshire-Motorsports-Festival-Holmfirth.jpg
i2-prod.examinerlive.co.uk/incoming/article20909112.ece/ALTERNATES/s1176b/ 123 KB
124 KB 129ms
44ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article20909112.ece/ALTERNATES/s1176b/0_Yorkshire-Motorsports-Festival-Holmfirth.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

46a8e21d1d3704ab93ff06617a1e9462659d2ef8a83b1d7be5af4728cd323d3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 10228
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 126266
x-served-by: reg-cache302.tm-aws.com
last-modified: Sat, 26 Jun 2021 11:43:10 GMT
server: nginx
date: Tue, 28 Jun 2022 05:27:58 GMT
x-frame-options: SAMEORIGIN
x-varnish: 384112079
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: m9CMt1DhptSXBKRStZoK2zFeGM2irfghLiR-yV7Eb26PtZRNaDt9qg==

GET
H2 200 0_Police-have-launched-an-urgent-appeal-to-find-missing-Chelsea-Allen-31.jpg
i2-prod.examinerlive.co.uk/news/local-news/article24338541.ece/ALTERNATES/s270b/ 9 KB
9 KB 162ms
77ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/news/local-news/article24338541.ece/ALTERNATES/s270b/0_Police-have-launched-an-urgent-appeal-to-find-missing-Chelsea-Allen-31.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d700a26332729aaa2a953dd02764686ac78845d5f0d955229c0d3168ed0ff7cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 4576
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 8861
x-served-by: reg-cache302.tm-aws.com
last-modified: Tue, 28 Jun 2022 06:29:46 GMT
server: nginx
date: Tue, 28 Jun 2022 07:02:10 GMT
x-frame-options: SAMEORIGIN
x-varnish: 398118823
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _ArPYonLf1VPc8xjInvcWojj65vnv45HEkftG_XudgKcnJ6hhhx8ig==

GET
H2 200 0_WhatsApp-Image-2022-06-27-at-114032-AMjpeg.jpg
i2-prod.examinerlive.co.uk/incoming/article24331802.ece/ALTERNATES/s270b/ 15 KB
16 KB 115ms
30ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24331802.ece/ALTERNATES/s270b/0_WhatsApp-Image-2022-06-27-at-114032-AMjpeg.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

18eb814f94d0974c1fbdc2245dfce0771fa679e043f418a5424c21590b9c5dbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 70404
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 15812
x-served-by: reg-cache301.tm-aws.com
last-modified: Mon, 27 Jun 2022 10:47:38 GMT
server: nginx
date: Mon, 27 Jun 2022 12:45:02 GMT
x-frame-options: SAMEORIGIN
x-varnish: 208143142
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: kN6SkQGryujJXeNTJxqaVOk2QrC7HSgoGdDD7o3_kMtfB-s5FPTdPA==

GET
H2 200 0_The-current-scene-of-Bradford-fire-on-Monday-March-28.jpg
i2-prod.examinerlive.co.uk/news/west-yorkshire-news/article23518815.ece/ALTERNATES/s270b/ 11 KB
12 KB 111ms
26ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/news/west-yorkshire-news/article23518815.ece/ALTERNATES/s270b/0_The-current-scene-of-Bradford-fire-on-Monday-March-28.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a6a41a076d84eba5153a0578f65556763c273a6a1edf67b63b044301007d9afd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 15230
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 11695
x-served-by: reg-cache302.tm-aws.com
last-modified: Mon, 28 Mar 2022 10:05:31 GMT
server: nginx
date: Tue, 28 Jun 2022 04:04:36 GMT
x-frame-options: SAMEORIGIN
x-varnish: 367329552
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: T5uS7PWALCfofadsYw3dmqF_KwyUQZ0OGKKvxOKoVU0sx3WnHEp4Og==

GET
H2 200 2_Dejphon-Chansiri-17JPG.jpg
i2-prod.examinerlive.co.uk/incoming/article24025937.ece/ALTERNATES/s270b/ 9 KB
9 KB 155ms
70ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24025937.ece/ALTERNATES/s270b/2_Dejphon-Chansiri-17JPG.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2a5f3159425ad604c1635bed08c0194864cc9aa2aae71494ca1ab99a2a62782d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 13538
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 9055
x-served-by: reg-cache301.tm-aws.com
last-modified: Sat, 21 May 2022 16:22:58 GMT
server: nginx
date: Tue, 28 Jun 2022 04:32:48 GMT
x-frame-options: SAMEORIGIN
x-varnish: 703758844
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: uTuG3-ecQhQ_w04vD4wpZnAAaJ05dmMCdRnj8igcinSYbp8HouRyuw==

GET
H2 200 1_Summer-weather-July-17th-2021.jpg
i2-prod.cambridge-news.co.uk/incoming/article24212411.ece/ALTERNATES/s540/ 69 KB
70 KB 92ms
26ms Image
image/jpeg 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.cambridge-news.co.uk/incoming/article24212411.ece/ALTERNATES/s540/1_Summer-weather-July-17th-2021.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6e75ea58546c305916f48ca66e9201e30475fe95edc0d40adc47481e98a1274c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
age: 3243
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 70705
x-served-by: reg-cache301.tm-aws.com
last-modified: Tue, 28 Jun 2022 06:53:14 GMT
server: nginx
date: Tue, 28 Jun 2022 07:24:23 GMT
x-frame-options: SAMEORIGIN
x-varnish: 541040210 545130882
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: huW6J-BWl7tIZDSCDb5S2DpMIIK-bDIgqklETZhj0cqb4hkxojpG-g==
x-cache-hits: 1

GET
H2 200 0_ACP_HDE_150620Aopen_32.jpg
i2-prod.examinerlive.co.uk/incoming/article24336878.ece/ALTERNATES/s458/ 41 KB
42 KB 149ms
64ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24336878.ece/ALTERNATES/s458/0_ACP_HDE_150620Aopen_32.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58544e3995edabdf1d18327aef2ab904aae00b3df8e5fa916329367ffa1b5891

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 15144
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 42136
x-served-by: reg-cache301.tm-aws.com
last-modified: Mon, 27 Jun 2022 16:55:22 GMT
server: nginx
date: Tue, 28 Jun 2022 04:06:02 GMT
x-frame-options: SAMEORIGIN
x-varnish: 500138708
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Q8hE_mWbTkS5_Q2EKcCPYKJS8RkiMNvsbNthgATnaJcZaqXoEuMd8w==

GET
H2 200 0__42328854_kernaghan203.jpg
i2-prod.examinerlive.co.uk/incoming/article24334170.ece/ALTERNATES/s458/ 24 KB
25 KB 74ms
73ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24334170.ece/ALTERNATES/s458/0__42328854_kernaghan203.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

428882724bc6ab5142ffbbe677f5f85cc2823340a8e6375e776d0ebb62f12eec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 15140
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 24813
x-served-by: reg-cache301.tm-aws.com
last-modified: Mon, 27 Jun 2022 13:44:37 GMT
server: nginx
date: Tue, 28 Jun 2022 04:06:06 GMT
x-frame-options: SAMEORIGIN
x-varnish: 494768099
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _6tC9g2S1pWo_x4UxwUzM7QOMODpXnonPJWlSgnhhjHKSVcJbarkrw==

GET
H2 200 0_Jayne-from-Wakefield-was-left-too-scared-to-go-in-her-own-garden-because-of-a-neighbours-dogs-bark.jpg
i2-prod.examinerlive.co.uk/incoming/article23596440.ece/ALTERNATES/s458/ 22 KB
23 KB 77ms
76ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article23596440.ece/ALTERNATES/s458/0_Jayne-from-Wakefield-was-left-too-scared-to-go-in-her-own-garden-because-of-a-neighbours-dogs-bark.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

acedd6f8e7093dd001d2d1772354d49674dc943252bd940d18431101e7df5ec8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 14002
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 22544
x-served-by: reg-cache302.tm-aws.com
last-modified: Mon, 27 Jun 2022 15:59:15 GMT
server: nginx
date: Tue, 28 Jun 2022 04:25:04 GMT
x-frame-options: SAMEORIGIN
x-varnish: 367238918 362386817
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: TG63pU8DyERg9H84Z5gbltgC5keVU4CjDJZjf2nQMRZh0JnEaniKtg==
x-cache-hits: 4

GET
H2 200 0_Hanging-Heaton-1.jpg
i2-prod.examinerlive.co.uk/incoming/article24318119.ece/ALTERNATES/s458/ 41 KB
42 KB 79ms
78ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24318119.ece/ALTERNATES/s458/0_Hanging-Heaton-1.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7e4c0fcbc4bc13dcf560d7cb162a74c0da0f13ddb8075807d1993cf1808d9748

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 15140
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 42416
x-served-by: reg-cache301.tm-aws.com
last-modified: Fri, 24 Jun 2022 15:42:45 GMT
server: nginx
date: Tue, 28 Jun 2022 04:06:06 GMT
x-frame-options: SAMEORIGIN
x-varnish: 491363125
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: doLf2hVovbPWnNDughh7a2ZhY8BClq7Uuop_s7FGHnUyayD9JRJwqg==

GET
H2 200 River-Aire-Leeds.jpg
i2-prod.leeds-live.co.uk/news/leeds-news/article14014145.ece/ALTERNATES/s458/ 42 KB
43 KB 90ms
24ms Image
image/jpeg 143.204.89.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.leeds-live.co.uk/news/leeds-news/article14014145.ece/ALTERNATES/s458/River-Aire-Leeds.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-7.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f24793f826437da50fb3cbd60695c598bca961328ff15c224ecb2852bd44ac8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age: 15140
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 43380
x-served-by: reg-cache301.tm-aws.com
last-modified: Fri, 08 Dec 2017 17:14:23 GMT
server: nginx
date: Tue, 28 Jun 2022 04:06:06 GMT
x-frame-options: SAMEORIGIN
x-varnish: 494768096
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fZ3ngpm5z1fdlDS3geBwfnglL5xmCrgFroUbr4MxRAzJKMSLY9FLIA==

GET
H2 200 0_kalinowska.png
i2-prod.examinerlive.co.uk/incoming/article24254568.ece/ALTERNATES/s458/ 304 KB
305 KB 78ms
78ms Image
image/png 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article24254568.ece/ALTERNATES/s458/0_kalinowska.png

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f6106f919f20d31f7c32de982c861faef2b6e7fa256692fcdd1283b7d7753f35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 54166
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 310999
x-served-by: reg-cache301.tm-aws.com
last-modified: Fri, 17 Jun 2022 12:20:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 27 Jun 2022 17:15:40 GMT
vary: Accept-Encoding
x-varnish: 824805130 805832093
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: XqWL0cM3XMfUbRDy-pQWNINCI_jBo_Hon0sTPa9KpHhXQIiyc_l4lg==
x-cache-hits: 1

GET
H2 200 1_CapturePNG.png
i2-prod.examinerlive.co.uk/news/tv/article19144771.ece/ALTERNATES/s458/ 228 KB
229 KB 79ms
78ms Image
image/png 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/news/tv/article19144771.ece/ALTERNATES/s458/1_CapturePNG.png

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4389fe9a2111c1bfa947c227828f01b9766879bddf485d3766fad402ed7616a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 12104
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 233362
x-served-by: reg-cache302.tm-aws.com
last-modified: Fri, 24 Jun 2022 18:14:12 GMT
server: nginx
date: Tue, 28 Jun 2022 04:56:42 GMT
x-frame-options: SAMEORIGIN
x-varnish: 1014662492
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: E_XRH-JACkcGqWycQpqiaN7wPm7O7HPqoi4bYvhI3VJnBgsiHU7a6A==

GET
H2 200 1_Stephen.jpg
i2-prod.examinerlive.co.uk/incoming/article20401832.ece/ALTERNATES/s458/ 16 KB
17 KB 79ms
78ms Image
image/jpeg 143.204.89.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.examinerlive.co.uk/incoming/article20401832.ece/ALTERNATES/s458/1_Stephen.jpg

Requested by

Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-107.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fbb2a730e831d236f00cf785ca96a1e39c180d94b736a8be9efca4ca97dc66b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age: 56598
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 16851
x-served-by: reg-cache302.tm-aws.com
last-modified: Mon, 27 Jun 2022 15:29:37 GMT
server: nginx
date: Mon, 27 Jun 2022 16:35:08 GMT
x-frame-options: SAMEORIGIN
x-varnish: 146492166 148218837
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 76Ek16Fc8kDLgS8TJGSjMW2aVXLPd361kRZGQzstqaa5nTe2tPFHVQ==
x-cache-hits: 1

OPTIONS
H2 204 pageConfig
felix.data.tm-awx.com/ Frame 0
0 134ms
46ms Preflight 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageConfig
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Tue, 28 Jun 2022 08:18:26 GMT

POST
H2 200 pageConfig Show response
felix.data.tm-awx.com/ 775 B
933 B 55ms
54ms XHR
application/json 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageConfig
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd8054ca19f986ccd51f0e5d4498239e466f2f3bc6a086fc0dd147667214179e

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 08:18:26 GMT
etag: W/"307-ZMnuO1iOpfWIfmRrXkpPXGkj4Y0"
content-length: 775
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 77ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

http://static.criteo.net/js/ld/publishertag.js

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-186243221999091.js

Protocol

HTTP/1.1

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
expires: Wed, 29 Jun 2022 08:18:26 GMT

GET rid
match.adsrvr.org/track/ 0
0

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 151ms
132ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 16 Jun 2022 07:15:00 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Content-Type: application/javascript
X-Amz-Cf-Id: Y3WnViufDaEO9Hr3zZL1yfFn-R-YR34wSNSEbBVulf42jH4TXstkHA==

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
550 B 97ms
30ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3ff6424671f0f213a4e7d3727ee056a54e22ade6df02352f33bbdd630a4a702b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://examinerlive.trem.media
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 177 B
751 B 145ms
114ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=examinerlive.trem.media&domain=examinerlive.trem.media&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: HTTP/1.1
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d3befc540ea105d773631b3a8af643178353cd6e376d45dc17835144283efeac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:26 GMT
Content-Encoding: gzip
X-Cache-Hits: 0
Age: 0
X-Cache: MISS
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 132
X-Served-By: cache-hhn4023-HHN
Access-Control-Allow-Origin: *
X-Timer: S1656404306.238226,VS0,VE95
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Content-Type: application/json
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
Accept-Ranges: bytes
Expires: Sun, 26 Jun 2022 08:18:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 75ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B287MYQDTC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6795440f20139f140b1114bbfbdc1502a5b832e8ae588c67d0ccfff089ee1b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70207
x-xss-protection: 0
expires: Tue, 28 Jun 2022 08:18:26 GMT

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 69 B
1 KB 140ms
61ms Script
application/javascript 143.204.89.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?d=examinerlive.trem.media&t=home
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-55.fra50.r.cloudfront.net
Software: Kestrel /
Resource Hash: d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA50-C1
etag: ".examinerlive.trem.media.home.208.2022062808"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: yYaobPMjE_Lahk7aOQdrt4y1kuNyZ7S5sqKe_9BSa7Y2PcdB02q2rg==

GET
H/1.1 200
OK verify-2.0.1.min.js Show response
www.reachgeneric.co.uk/bad-ads-reporting-tool/js/AdVerification/ 140 KB
39 KB 83ms
24ms Script
application/javascript 143.204.89.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reachgeneric.co.uk/bad-ads-reporting-tool/js/AdVerification/verify-2.0.1.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca71b1bc796bcfb39ca0577c61934079447add2e82e52fc506de2a8d85e8b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 21:37:15 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 12 Oct 2021 16:32:32 GMT
Server: AmazonS3
Age: 6259272
ETag: W/"27e23fb00d05c05a7e5604495582b2b7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
Cache-Control: max-age=7776000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 2-NjCIiL1DwySSMQc9eYeKZq_ButooGnQju4ujetbkEkmVj8VfgFSw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=203399977&t=pageview&_s=1&cd=huddexaminer%3Ahome&dl=http%3A%2F%2Fexaminerlive.trem.media%2F&ul=en-us&de=UTF-8&dt=YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=false&_u=aODACEABBAAAAC~&jid=742322905&gjid=1481569444&cid=734087239.1656404306&tid=UA-110513849-54&_gid=538865661.1656404306&_r=1&gtm=2wg6m0M3TH25P&cg1=home&cd1=UHID%7C22%3A06%3A28%3A08%3A18%3A25%3A596_acf9b768-5763-4d69-bacf-0eb180e2d47e&cd3=prod&cd4=desktop&cd5=chameleon&cd7=huddexaminer&cd8=regionals&cd9=huddersfieldexaminer&cd10=home&cd23=desktop&cd27=web_dev_0.1&cd29=http%3A%2F%2Fexaminerlive.trem.media%2F&cd30=huddexaminer%3Ahome&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&cd34=unknown&cd36=desktop&cd41=0&cd51=DL%20-%20Source%20Not%20Known&cd52=No%20Value%20In%20DL&cd68=GTM-M3TH25P&cd71=false&cd72=Regionals&cd74=home&cd79=iOS%20only&cd80=Not%20in%20Data%20Layer&cd81=(not%20set)&cd85=default-value%3Anot-defined&z=278861888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tag.min.js Show response
get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/
Redirect Chain

http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js

59 KB
18 KB

183ms
22ms

Script
text/javascript

143.204.89.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Server: 143.204.89.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 581d3a625e9af7f423072c97ed940e38a08da586275ca088455775f62b63e021

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 9KAT1veV1Iv5VFVNSeH1jpz86H.6H.7S
content-encoding: gzip
last-modified: Mon, 30 May 2022 15:41:16 GMT
server: AmazonS3
age: 19625
etag: W/"7b4652aae194ec2b6f409e851f56d675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 28 Jun 2022 02:51:26 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HlRVONhoocbORM0ScwjReUjmfg7GoEgiKf0gINFcaYQKLSKOx-ZTlw==

Redirect headers

Date: Tue, 28 Jun 2022 08:18:26 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 9bgOyg13mqsvu2gaNEiKol55Gko-87rl97u4Zl1S4lkiW8NICVat2w==

GET
H2 200 adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js Show response
macro.adnami.io/macro/spec/ 32 KB
7 KB 305ms
37ms Script
application/javascript 2606:4700::6812:4ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://macro.adnami.io/macro/spec/adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647f147f524b70167e3673a009837c51be56f1bd6014a2de142660c24801fd9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: X2tMvdktObCwI7HNblNWBQ==
age: 3291
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 14:46:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c8e7652e-601e-000e-4234-7f8c2e000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7224fde40b139bc2-FRA
expires: Tue, 28 Jun 2022 12:18:26 GMT

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 21 KB
8 KB 308ms
36ms Script
application/javascript 143.204.89.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-8.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: zJnj9IdW5bQWUqea2aMpKS.72qNKKrMo
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 06:40:58 GMT
server: AmazonS3
age: 26446
etag: W/"ca34304b059a43ff8e7d8cd71f2c58c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
date: Tue, 28 Jun 2022 00:58:05 GMT
x-amz-cf-pop: FRA50-C1
x-amz-request-id: 18D9NTDAP4KXFXV6
x-amz-cf-id: zL_NZeQZuI1lkjl3w9rOqK-2dYVKt88Scn8P6smNnk0pxFZVoPF6fw==
x-amz-id-2: 7k73ZEsrQqY/gIbvTxT12khvHIJpN1r2oJbLj+MaO4+LoJ0bXTT8k/rXNTH/5q+7g2lMqzn8vBo=

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 293ms
21ms Image
text/plain 143.204.89.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1656404306284&ns_c=UTF-8&c8=YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more&c7=http%3A%2F%2Fexaminerlive.trem.media%2F&c9=
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-128.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RwvkuAmRDq2YOLUDbhA_S83fP-OLFcMrrKFZFBTPSLOvJPgEE1Xvqg==
x-cache: Miss from cloudfront

GET
H2 200 rps-style.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/ 2 KB
1 KB 26ms
26ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/rps-style.css?v=4de8889cb53b060c499289b6747bbe1c
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94f062d03dacc8128c325afaf6a0299a1710a9ee8f6a6ac1c1e9844cddcaf71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 10:23:37 GMT
server: AmazonS3
age: 4696
etag: W/"e10f524a169e56d772c53bcfe0f2074f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bDsaXkyqEQsWhW3dvqyl6NibrZ-QT4fuYbfDlFGOljdTk9tl8rPftg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK fish4data Show response
examinerlive.trem.media/ 26 KB
6 KB 1872ms
1872ms XHR
text/xml 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://examinerlive.trem.media/fish4data

Requested by

Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=758c6d392555a6b8bb8ef392ec898b0c

Protocol

HTTP/1.1

Server

193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),

Reverse DNS

trem.media

Software

tino-panel / PHP/5.6.40

Resource Hash

31f5e49fe61d30c901141733f1bd7bb02b43a9efe31d020dd035c66434dbcc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Age: 9297
X-Cacheable: YES
Transfer-Encoding: chunked
Connection: keep-alive
X-Served-By: reg-cache302.tm-aws.com
Pragma: no-cache
X-Madgex-Proxy: www.fish4.co.uk
X-Frame-Options: SAMEORIGIN
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
X-Robots-Tag: noindex
X-Cache-Hits: 6
Date: Tue, 28 Jun 2022 08:18:28 GMT
Via: 1.1 varnish, 1.1 94f8839a97f73584e70cc07d9f704d62.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Amz-Cf-Pop: SFO5-P2
X-Powered-By: PHP/5.6.40
X-Cache: Hit from cloudfront
X-RemovedCookies: YES
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Server: tino-panel
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=10368000; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBaOP7Wnc4B3tM31MuEwmwciIz6F38Nc3jt3QLcnCI7BzyhfTbuxcxjFuX2BA3Poj8SZ21a4lgajE6z%2B3wj%2FJVkZ%2BL9xeU4JPifziN4O2vaKVFJYeW1WRYouF6%2BGtQ2h2pr3mhOM8J3L07KUwg%3D%3D"}],"group":"cf-nel","max_age":604800}
X-Varnish: 387095166 374179860
Expires: Tue, 28 Jun 2022 01:25:42 GMT
CF-RAY: 7224fde4dc2238bf-VIE
X-Amz-Cf-Id: t4UG3w8GzJj0QXTwibw9EugHsTqkw9U1fID1LZDoTgf1waYi0jS_dA==

POST
H2 200 9 Show response
upgulpinon.com/ 6 KB
3 KB 32ms
32ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/9?z=4843600&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=21d68891b4f445a9b534426f1f18b2c3
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5b21baf1dabe5d65211e130442094dea9da5225230fb9fa33119cfb7d81af8c1

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c6b15ddc9228026dbe9d7a47c0e5c12f
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
x-sc: Z7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: http://examinerlive.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 pageview Show response
felix.data.tm-awx.com/ 0
57 B 48ms
48ms XHR
text/plain 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageview
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 08:18:26 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 24ms
24ms Script
application/x-javascript 2600:9000:2156:8000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:41:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:40:38 GMT
server: nginx
age: 2203
etag: W/"62b51616-9200"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kW28S7qwyQfpkld9gPfACgWh9BlCUPdNIV72HjPGlqy5BDr8EvuOWQ==
expires: Tue, 28 Jun 2022 09:41:43 GMT

GET
H2 200 consent Show response
config.lrcontent.com/ciam/ 1 KB
640 B 48ms
48ms Fetch
application/json 2606:4700:10::6816:48e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/consent?apikey=415307d0-d73a-49d3-9958-1c42c71165ee
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/auth-ui/auth-ui.min.js?v=7b6f4a84cd7f8e521a7bc105c3addde6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879faf9ce07be8f80ace620c4cc7642505a28ed35137cbd0e35cc22065f221e5

Request headers

Accept: application/json
Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: http://examinerlive.trem.media
cache-control: max-age=7200
cf-ray: 7224fde478719a00-FRA

POST
H2 404 v2 Show response
api.viafoura.co/v2/examinerlive.trem.media/bootstrap/ 138 B
570 B 323ms
106ms Fetch
application/json 2600:1f18:44f0:4832:38dc:837:c27f:e1ca
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/examinerlive.trem.media/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4832:38dc:837:c27f:e1ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-instance-id: i-02c0f588dadaa2e82

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 117ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B287MYQDTC&gtm=2oe6m0&_p=203399977&_z=ccd.v9B&cid=734087239.1656404306&ul=en-us&sr=1600x1200&_s=1&sid=1656404306&sct=1&seg=0&dl=http%3A%2F%2Fexaminerlive.trem.media%2F&dt=YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B287MYQDTC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 9
upgulpinon.com/ Frame 0
0 89ms
29ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/9?z=4843600&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=21d68891b4f445a9b534426f1f18b2c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Tue, 28 Jun 2022 08:18:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

OPTIONS
H2 204 pageview
felix.data.tm-awx.com/ Frame 0
0 44ms
44ms Preflight 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Tue, 28 Jun 2022 08:18:26 GMT

OPTIONS
H2 204 consent
config.lrcontent.com/ciam/ Frame 0
0 264ms
67ms Preflight 2606:4700:10::6816:48e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/consent?apikey=415307d0-d73a-49d3-9958-1c42c71165ee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: http://examinerlive.trem.media
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7224fde40f7b9a00-FRA
date: Tue, 28 Jun 2022 08:18:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin

OPTIONS
H2 204 11
upgulpinon.com/ Frame 0
0 28ms
28ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=2746106620&z=4843600&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=KGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI=&ruid=c391d8dd-7bb9-4114-b4b2-733812c60838&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ot=223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Tue, 28 Jun 2022 08:18:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
upgulpinon.com/ 0
566 B 41ms
40ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=2746106620&z=4843600&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=KGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI=&ruid=c391d8dd-7bb9-4114-b4b2-733812c60838&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ot=223
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
X-Sc: Z7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: da7f1ca5281a07d464fdb6f552660e91
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
x-sc
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://examinerlive.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame A658 21 KB
6 KB 158ms
93ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: 2e9ae3ac9245ed24ce058317e477e3f865872deef27e678f9a63084a34ab8bf8

Request headers

Referer: http://examinerlive.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 08:18:26 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.27

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
960 B 187ms
132ms Fetch
application/json 143.204.89.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-18.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront), 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1, FRA50-C1
x-amzn-requestid: 30f2d979-5b26-4780-bc49-2cab8cf5d508
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: UbHk9G4tiYcFnQg=
content-length: 555
x-amz-cf-id: jRozuW6X2q0tVCh0EDNIaPr_guu9C2CMNIPQzxclHwV2de8O4Sa0Hg==

GET
H/1.1 200
OK reach-beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 62ms
21ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://signal-beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a33ef9c853607ed85c0aa618ccd964f19a97352f4684c7c3bb3e2c81565bea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: rz6j6ePceWk3KL3U4JK8EG2zo6Qy2SPx
Content-Encoding: gzip
ETag: W/"85c473e51d7c40a527a1bf33a5c16fe2"
Age: 3196
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2022 09:54:42 GMT
Server: AmazonS3
Date: Tue, 28 Jun 2022 07:25:13 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: -21YY8kQPek8OiWDCCEOxacY1TNC4KiNUJWma1fDe8yYXx1_8Qa6Lg==

GET
H2 200 mirrorcouk.min.js Show response
global.proper.io/ 19 KB
6 KB 91ms
38ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/mirrorcouk.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8176d65e1962996d538520bdf2f3fa6d30e4bbfdd567ffb1ea626ab706e0b5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 13:02:07 GMT
server: cloudflare
age: 2315773
etag: W/"6297634f-4aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 7224fde49985913d-FRA
expires: Tue, 28 Jun 2022 08:23:26 GMT

GET
H2 404 %2F Show response
signal-segments.s-onetag.com/desktop/examinerlive.trem.media/ 0
450 B 204ms
150ms Fetch
application/json 143.204.89.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/examinerlive.trem.media/%2F
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-111.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront), 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5, FRA50-C1
x-amzn-requestid: 6ad0aa99-e3a9-4e0d-a09b-3a5cef289aa1
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-62bab952-18f57cfe5750f8f74e331eab;Sampled=0
x-amz-apigw-id: UbHk9FKriYcFRmA=
content-length: 0
x-amz-cf-id: Z8umA7rUwlPlX3Xni7dxaU0ireqbQEgSoFWyH7H4acEf4blpGAddDw==

GET
H2 404 examinerlive.trem.media Show response
signal-segments.s-onetag.com/desktop/ 0
453 B 210ms
157ms Fetch
application/json 143.204.89.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/examinerlive.trem.media
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-111.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront), 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5, FRA50-C1
x-amzn-requestid: 949418ed-681f-45aa-b677-172103fc8fde
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-62bab952-1967b5aa741658f4528eebf0;Sampled=0
x-amz-apigw-id: UbHk9HgViYcFXIg=
content-length: 0
x-amz-cf-id: eJ1-YZ62y9LGPwFuapqeYFsA4PfAQyG8jlzisAdD0MJlk6pJsFvy_Q==

GET
H2 200 adsm.macro.rmb.js Show response
macro.adnami.io/macro/gen/ 83 KB
22 KB 30ms
30ms Script
application/javascript 2606:4700::6812:4ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by: Host: macro.adnami.io
URL: https://macro.adnami.io/macro/spec/adsm.macro.7b4cd01e-58e4-4d3c-b14d-9c15d2911c60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7513a1f725012c714cc6212cd9b4f8eed8e67cee8e5cd722ae1d5c8c2c628cb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6q4OfC8Q7MhC0OsE8H+wOg==
age: 6856
x-ms-lease-status: unlocked
last-modified: Wed, 15 Jun 2022 10:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a659155-401e-003b-219f-80227b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7224fde45b949bc2-FRA
expires: Tue, 28 Jun 2022 12:18:26 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 218ms
106ms Image
image/gif 34.231.74.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=examinerlive.trem.media&p=%2F&u=CF9LwiDvybrIDRDPvz&d=examinerlive.trem.media&g=33715&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12846&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5005&t=B_WH7ZCM-lkeD8pxNf86banB_z1uy&V=135&i=YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more&tz=0&sn=1&sv=D3xrdpC45riDC-ZXIHJm3ZhDbmUdJ&sd=1&im=043b2ff3&_
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: HTTP/1.1
Server: 34.231.74.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-74-71.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 08:18:26 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 subscriptions.js Show response
static.chartbeat.com/js/ 32 KB
11 KB 24ms
23ms Script
application/x-javascript 2600:9000:2156:8000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/subscriptions.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 06:34:20 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 02:15:58 GMT
server: nginx
age: 6246
etag: W/"62981d5e-81f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gJFbdyf35F07qWjmBaBUZTuvblGYZDhI5E41XfzpNQQNx9JqlViwFA==
expires: Tue, 28 Jun 2022 08:34:20 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
958 B 120ms
120ms Fetch
application/json 143.204.89.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: http://signal-beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-18.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront), 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1, FRA50-C1
x-amzn-requestid: 30f2d979-5b26-4780-bc49-2cab8cf5d508
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: UbHk9G4tiYcFnQg=
content-length: 555
x-amz-cf-id: fOw5KWUkzeiyBvc-e2HipuUIoboh5m4Ad1hyxMjTU9dEBIxNn67aNQ==

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 518 KB
128 KB 44ms
43ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004f5032634a668de76e588c87a95720ef2fa7c3964dcbe80206c490925e497d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jun 2022 21:54:31 GMT
server: cloudflare
age: 1677084
etag: W/"62a11a97-819a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 7224fde4d9fd913d-FRA
expires: Tue, 28 Jun 2022 08:23:26 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 389ms
380ms Image
image/gif 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=8.850209144957777
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: 8MXYS92ZS3DQ6T9S
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7224fde4ea21913d-FRA
content-length: 842
x-amz-id-2: d8gWNTXKZN8idNSyzCE3POEMpHSn+qKNVYQnbUyNkqOatxDcYtsjLq8VZXC8XHgOKeFiONcoyCM=
expires: Tue, 28 Jun 2022 12:18:27 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
981 B 409ms
400ms Image
image/gif 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=8.850209144957777
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: 8MXMRHVGRJME6ZBF
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7224fde4ea24913d-FRA
content-length: 842
x-amz-id-2: M/jmAKDQ252bQcYjBVKOx4owdmkbZdEcM78iNOo0CKo/lpbNLodexzx59+2W/6P6/6tBddYH5Oc=
expires: Tue, 28 Jun 2022 12:18:27 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 185 KB
74 KB 187ms
137ms Script
application/javascript 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1f39195106732008423844c281afd28e9cce777ce569465d593f03707829c5f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dyETnaY3NMeH2tpijHGpOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dyETnaY3NMeH2tpijHGpOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 28 Jun 2022 08:18:26 GMT

GET
H2 200 all Show response
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-000000000000/ 36 B
229 B 324ms
107ms Fetch
application/json 18.204.186.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-000000000000/all
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.186.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-186-59.compute-1.amazonaws.com
Software: /
Resource Hash: b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: http://examinerlive.trem.media
date: Tue, 28 Jun 2022 08:18:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 59
content-type: application/json; charset=utf-8

GET
H2 200 fv.js Show response
unphionetor.com/ Frame A658 5 KB
3 KB 91ms
27ms Script
text/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/fv.js?t=72747&cb=392072606

Requested by

Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: a81317d7434e25d684fe8d56e9b37a9b
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame A658 12 KB
3 KB 79ms
28ms Stylesheet
text/css 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3378
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: W/"62b05935-30c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7224fde58dca9bf8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame A658 3 KB
3 KB 26ms
26ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
cf-cache-status: HIT
age: 3394
content-length: 3429
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: "62b05935-d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7224fde5ce5a9bf8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame A658 52 KB
53 KB 59ms
57ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame A658 14 KB
15 KB 87ms
85ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame A658 35 KB
35 KB 87ms
85ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame A658 49 KB
50 KB 87ms
85ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame A658 28 KB
28 KB 28ms
26ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
cf-cache-status: HIT
age: 3369
content-length: 28527
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: "62b05935-6f6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7224fde5de699bf8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame A658 1 KB
562 B 26ms
26ms Script
application/javascript 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D396520973%26z%3D4843600%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DKGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dc391d8dd-7bb9-4114-b4b2-733812c60838%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fexaminerlive.trem.media%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DZ7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3394
last-modified: Mon, 20 Jun 2022 11:25:41 GMT
server: cloudflare
etag: W/"62b05935-58b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7224fde5be369bf8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 62ms
21ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:26 GMT
Content-Encoding: gzip
Etag: "u2JtyZzqnTXwzBUswy2r+w=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 05 Jul 2022 08:18:26 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
937 B 82ms
30ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1797514
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAIehylY1INBq9i12ugVLa%2FNuMYoDEtG2qQFu7tsytX%2FvtYgOASfehmTJkYQhMXx3KCQLZ90f25g2l5MJS00JRsGiOyqcYKcE4hlDLqiMhkf9PawYRVPtYTNk7bLLkwRhLDxgbSiZ6oyP8ui"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 7224fde5cf7ebbf7-FRA

GET
H2

200

rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js

3 KB
2 KB

65ms
20ms

Script
application/javascript

2600:9000:2156:5a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Server: 2600:9000:2156:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:55:50 GMT
content-encoding: gzip
age: 1356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 22:03:49 GMT
server: AmazonS3
etag: W/"ebff52074a206856b4f1993710373d93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4gY24oYTacAYhKNCB043rJ5GzHWWYX7XL6rzOhbD8t-7OY9_e-kiNQ==

Redirect headers

Date: Tue, 28 Jun 2022 08:18:26 GMT
Via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: PwQgck8SGK8_Ipf65TAIxJbNbVPh-5MqwyROJ8srVGRBmDmcawLuPQ==

GET
H2 204 vctx Show response
unphionetor.com/ Frame A658 0
494 B 27ms
27ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vctx?t=72747

Requested by

Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=72747&cb=392072606

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 5d666e2f1175c50eac24b0dc7917883e
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interstitial-08.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 204 batch
felix.data.tm-awx.com/ Frame 0
0 47ms
47ms Preflight 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Tue, 28 Jun 2022 08:18:26 GMT

POST batch
felix.data.tm-awx.com/ 0
0

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 102ms
58ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txa4922cc66d914c0ea5d08-0062b9e21c
cf-ray: 7224fde6486091ea-FRA
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: txa4922cc66d914c0ea5d08-0062b9e21c
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xX9dAgL4rhCuGAhh31OAuAtIRX%2BSuk89cdtFR5JS70oKmO0FGnQVCOZWmIQTRYlQK3Xctxnx6e0KxNr0asnmhPeXit5w%2BkhyGZQ1sHccFX53ZVrb5byg8XNzRRvyzF8AJeff2DNtSr2k5MTe"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1652176651393042
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 112ms
67ms Stylesheet
text/css 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gfsNu8twHU6WNmuupIz-XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-gfsNu8twHU6WNmuupIz-XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 28 Jun 2022 08:18:27 GMT

POST
H2 204 vbl
unphionetor.com/ Frame A658 0
493 B 27ms
27ms Ping
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

Requested by

Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=72747&cb=392072606

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: beb29181e62c0cd42bce8756a3cb6312
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:27 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interstitial-08.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 204 11
upgulpinon.com/ Frame 0
0 30ms
30ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=2746106620&z=4843600&b=5362695&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=KGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI=&ruid=c391d8dd-7bb9-4114-b4b2-733812c60838&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Tue, 28 Jun 2022 08:18:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
upgulpinon.com/ 0
705 B 46ms
45ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/11?rnd=2746106620&z=4843600&b=5362695&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=KGK1WGtTu5k6pihuwyaB9OGNwP25nxPjJw-F5y72FbueW_QuDcjdl1m7n1dRY3hl3Tb4p5sH36FaPK7p7nR1g_TOez7st0m4UTn499yClLGc_VNcW1FKMyejPjvqOXY7u0VMLV-686dyrHygCXUf1S0Dta5iv1BAQKRgisKuoe3vPOMkil8dBLUkdS17U2cJC37C1JZFnxr9XI-S3O_mDHXETBZc3trfMdLnb1JCQ3fLRETwOlEwYt1mRFLAtyzLtCmLmlzXlVq3d6SQGp2HdgbilQI=&ruid=c391d8dd-7bb9-4114-b4b2-733812c60838&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fexaminerlive.trem.media%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/5174b320df6dd61bbcdfef17dda94275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
X-Sc: Z7sZjHxGvqd7MuTKj4EWTv2DXGIa7GAhaLwWJPg2u74wfCKsIY-bhSoYjFPN48H6sM_oUj4lx8HuPmUSiXzfqIqZVBs=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 6611963b7f9f8513344453dca6dc4d60
pragma: no-cache
date: Tue, 28 Jun 2022 08:18:27 GMT
x-sc
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://examinerlive.trem.media
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A658 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ingest
i.viafoura.co/v3/examinerlive.trem.media/ 67 B
324 B 112ms
105ms Image
image/png 18.204.186.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/examinerlive.trem.media/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22examinerlive.trem.media%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1656404306%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%222aacaa17-b196-4c6f-8c4c-4aa82ab50902%22%2C%22firstVisit%22%3A1656404306%2C%22previousVisit%22%3A1656404306%2C%22currentVisit%22%3A1656404306%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1656404306%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22examinerlive.trem.media%22%2C%22pageImage%22%3A%22%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22http%3A%2F%2Fexaminerlive.secsportz.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more%22%2C%22page_type%22%3A%22section%22%2C%22page_description%22%3A%22Latest%20news%20and%20sport%20updates%20across%20North%2C%20West%20%2C%20East%20and%20South%20Yorkshire%2C%20including%20Sheffield%2C%20Huddersfield%2C%20Bradford%2C%20Leeds%2C%20Hull%20and%20York.%20With%20live%20blogs%2C%20video%2C%20pictures%20and%20more%20from%20YorkshireLive.%22%2C%22topics%22%3A%5B%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22YorkshireLive%20-%20Yorkshire%20News%2C%20Sport%2C%20Events%20%26%20more%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22c629e161-d6c1-4598-8e32-46f8839402ec%22%2C%22w%22%3A%5B%22vf-tray-trigger%22%5D%2C%22v%22%3A1%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by: Host: examinerlive.trem.media
URL: http://examinerlive.trem.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.186.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-186-59.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 115ms
50ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015440420724022033189%3Ainmcslhhqk4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3858e30d8680fe2e197483d4f733509fb0fca3a43057f319fde8977888758c4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 28 Jun 2022 08:18:27 GMT
content-encoding: br
accept-ch: Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3521
x-xss-protection: 0
server: gws
expires: Tue, 28 Jun 2022 08:18:27 GMT

GET
H3 403 status Show response
accounts.google.com/gsi/ 37 B
92 B 80ms
79ms XHR
application/json 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=21310031516-6a0fhv7eb16lf9mrt3aem6v78snam8ps.apps.googleusercontent.com&as=WasynHVo4NKyF4HdEZvRTQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf077454a90235e3ab1322e3be30033106f32f1100660fb0dd17e542ca27b5a3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7q0gq2W6GmBmOAZLKK1ejw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7q0gq2W6GmBmOAZLKK1ejw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tmg-network/ 1 MB
69 KB 69ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4433ec30b55ef2912eb282c065a0395b43a6128a7760130a76f413d230aeb120

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Q3.pGNQWhltcxIci4ZQKtgfR.4LvvBJY
content-encoding: gzip
age: 447
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 19
content-length: 70593
x-amz-id-2: SJcfXwAO41beHBCuqXq6PzFYPv2gBCy/iJOSQ3W14pL98ULs2k+R4jM+6QQECXfXx0JKrP8msk4=
x-served-by: cache-hhn4029-HHN
last-modified: Tue, 28 Jun 2022 07:05:06 UTC
server: nginx
x-timer: S1656404307.249006,VS0,VE1
etag: "93d1787e8ebe683a8143931ceb8fb5c3ae2fb1e7"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 9KZ9MMJ9R2JTBEKD
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Tue, 28 Jun 2022 08:18:27 GMT
abp: 10
x-cache-hits: 1

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035737/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
368 B

20ms
20ms

Script
application/javascript

143.204.89.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:04:36 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 832
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: IAuDj34CfTSefB9tvPGP0z5sG-N73MpCJR2u0VJja2GPD9zWhL8ZxQ==

Redirect headers

location: /internal-c2/default/cs.js
date: Tue, 28 Jun 2022 08:18:27 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: EykOu5uNKqk6aJnVHDeOjzLM_l-m3YrCtl7b8RyJMiNl6Avf4kniCA==
x-cache: Miss from cloudfront

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
629 B 72ms
22ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

946558ae3ef33b0b418b6afd093bc129654115ffc72f9fe1f686558ee801a133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://examinerlive.trem.media
date: Tue, 28 Jun 2022 08:18:26 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 746ms
181ms XHR
application/octet-stream 100.20.195.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.195.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-195-132.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 28 Jun 2022 08:18:27 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

POST
H2

200

/ Show response
mydmp.exelator.com/on-site-tag-load/
Redirect Chain

https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d
https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d&xl8blockcheck=1

1 KB
2 KB

75ms
75ms

XHR
application/x-javascript

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 3486804e7cb704784bd2f9493456f5fe5b57ca5383addf8aa3ae91f71a3a7428

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

date: Tue, 28 Jun 2022 08:18:27 GMT
server: nginx
x-powered-by: Undertow/1
location: https://mydmp.exelator.com/on-site-tag-load/?p=1042&g=3&j=d&xl8blockcheck=1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: http://examinerlive.trem.media
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif;charset=UTF-8

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/3e1664f444e6eb06/ 303 KB
100 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 20:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102672
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 21 Jun 2023 20:18:10 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 41 KB
9 KB 69ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 21 Jun 2023 20:35:02 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 72ms
23ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 28 Jun 2022 09:06:39 GMT

GET
H2 200 impl.20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT.js Show response
cdn.taboola.com/libtrc/ 668 KB
138 KB 22ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9e5b7112d1abbc95b99c4ec4337492e2e37babd89c23a0d31f8408f52fe8f0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: PXNkZRU_fEHLu7PwrQWO0opvX3UTmLUW
content-encoding: br
etag: "81e2c1028a6d1518b6195fefdf33fe0d"
age: 12995
x-cache: HIT
content-length: 141088
x-amz-id-2: jSz0bz3C/qcu4RxCFDhVvzJJpN2/E6UAVMPkDgjCgMru5QhEqrip7H66f6Zk9LmCyEnSatSC/Kw=
x-served-by: cache-hhn4029-HHN
last-modified: Wed, 22 Jun 2022 10:54:44 GMT
server: AmazonS3-br
x-timer: S1656404307.383775,VS0,VE0
date: Tue, 28 Jun 2022 08:18:27 GMT
vary: Accept-Encoding
x-amz-request-id: 1ZFSX0XVABNYXJ1H
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 47
x-cache-hits: 36

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 41ms
41ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=user-agent-data-1_var
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1656404307.385672,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 940D 15 KB
6 KB 107ms
36ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=examinerlive.trem.media

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://examinerlive.trem.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 08:18:27 GMT
server-processing-duration-in-ticks: 1989
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab992bf6b5fcae6932e2cc00a43c3dd359e35def6594319c2ea036b14844fcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "15674369592883648275"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Tue, 28 Jun 2022 08:18:27 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 69ms
22ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 08:44:59 GMT
x-content-type-options: nosniff
age: 516808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 22 Jun 2023 08:44:59 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 65ms
24ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:27 GMT
Content-Length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 940D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=trem.media&sn=ChromeSyncframe&so=0&topUrl=examinerlive.trem.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=iPmfnXx5b1g3czNKTExjR0RtSk1Nb1k0OFFVQURrYlBzVHNWUVB2Y0FjL1VFYjNZR2pYTXFucnNSRWdMWnU5RjAraTMxYTJJSU5Rc0kxYkJYcVk5KzhTdXlWY1B0MzZ2aGZPaTA0NTJSSVE5TUlpa25pbzhJaktYUXpOVT...

430 B
631 B

110ms
30ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iPmfnXx5b1g3czNKTExjR0RtSk1Nb1k0OFFVQURrYlBzVHNWUVB2Y0FjL1VFYjNZR2pYTXFucnNSRWdMWnU5RjAraTMxYTJJSU5Rc0kxYkJYcVk5KzhTdXlWY1B0MzZ2aGZPaTA0NTJSSVE5TUlpa25pbzhJaktYUXpOVTNzTWVvY0l3TkRtQlRUV2NBRjhGYjIzRXdrTm40SnE2Y0h5T2dtR29PbW1QTEkyUytzbi9BT0s5Vmw2OFNHUHJvZnFLS014SnlUc1N4aGFqZTlyaGk4V20zUW5VN2J2cXFNY3QzOGxvS2loOEJiRUZCdE9yajJMV2lvb2RSQlBpZytyR25lSWw2QlBoZFd3blA3WDJSU3QzSkMvdzQ4dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

36944c5bf0eac89f3684c9d9680e46deb08d6f5f06d154b69378d5078abdae15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4573
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:26 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=iPmfnXx5b1g3czNKTExjR0RtSk1Nb1k0OFFVQURrYlBzVHNWUVB2Y0FjL1VFYjNZR2pYTXFucnNSRWdMWnU5RjAraTMxYTJJSU5Rc0kxYkJYcVk5KzhTdXlWY1B0MzZ2aGZPaTA0NTJSSVE5TUlpa25pbzhJaktYUXpOVTNzTWVvY0l3TkRtQlRUV2NBRjhGYjIzRXdrTm40SnE2Y0h5T2dtR29PbW1QTEkyUytzbi9BT0s5Vmw2OFNHUHJvZnFLS014SnlUc1N4aGFqZTlyaGk4V20zUW5VN2J2cXFNY3QzOGxvS2loOEJiRUZCdE9yajJMV2lvb2RSQlBpZytyR25lSWw2QlBoZFd3blA3WDJSU3QzSkMvdzQ4dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1578
content-length: 541
expires: 0

POST
H2 200 log
onsite-tag-logs.apps.nielsen.com/ 0
264 B 336ms
105ms Ping
application/octet-stream 34.192.95.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite-tag-logs.apps.nielsen.com/log
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.95.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-95-221.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
server: nginx/1.16.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 137ms
45ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&;ttd_tpi=1&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm=&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&google_tc=
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEIag6idl3s67tVYk1hiO_MA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 08:18:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Jun 2022 08:18:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWU2ZGFmMGJlMTZhMmRmMWNjOTExZjE4YjkwYTU0ZGU&
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0
https://loadm.exelator.com/load/?p=204&g=013&bi=1625729341028900530&j=0

0
1 KB

33ms
24ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=013&bi=1625729341028900530&j=0
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:18:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 08:18:27 GMT
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 43f1ed10-c2ec-48c2-840c-ce9c354e3bfa
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://loadm.exelator.com/load/?p=204&g=013&bi=1625729341028900530&j=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 196ms
135ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=5e6daf0be16a2df1cc911f18b90a54de&p_id=28539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 116
date: Tue, 28 Jun 2022 08:18:26 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9f70e396d50d9b0d69a2bcce25c8b0c7f52b05125b09ba76736c9f8989ff49fc
content-length: 43

POST
H2 204 batch Show response
felix.data.tm-awx.com/ 0
57 B 45ms
44ms XHR
text/plain 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 08:18:27 GMT

OPTIONS
H2 204 batch
felix.data.tm-awx.com/ Frame 0
0 44ms
44ms Preflight 18.202.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-156-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://examinerlive.trem.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Tue, 28 Jun 2022 08:18:27 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 107ms
106ms Image
image/gif 34.231.74.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=examinerlive.trem.media&p=%2F&u=CF9LwiDvybrIDRDPvz&d=examinerlive.trem.media&g=33715&g0=home&g1=No%20Author&n=1&f=00001&c=0.03&x=0&m=0&y=12846&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=5005&t=B_WH7ZCM-lkeD8pxNf86banB_z1uy&V=135&tz=0&_acct=anon&sn=2&sv=D3xrdpC45riDC-ZXIHJm3ZhDbmUdJ&sd=1&im=043b2ff3&_
Protocol: HTTP/1.1
Server: 34.231.74.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-74-71.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 08:18:28 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 pull.js Show response
s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 3 KB
2 KB 21ms
20ms Script
application/javascript 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/pull.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da419ff498c7bf7e67fa787df3c8d4d41eb6eb3eb08d1425367f97658fc779db

Request headers

Referer: http://examinerlive.trem.media/
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 00:43:32 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 09:58:28 GMT
server: AmazonS3
age: 27299
etag: W/"d31ca542a1dd6489e4677b90a30d1585"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tOs7r7oIkkVa8LAGRbV3zpLFKauIzn5p0mkx-7CBhuNElGo-rvI22Q==
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)

GET
H2 200 style.css
s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 2 KB
1 KB 21ms
21ms Stylesheet
text/css 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/56e3f1a5a1160aa1a5fa190a559860e19057e48afd52ccb66873dac14e6ea51b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 814c152f43a797e7b4de80f579f6e95a89f9ac32d4ad3eb0eb84a1293833dbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 05:30:09 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 09:58:28 GMT
server: AmazonS3
age: 11358
etag: W/"ab102a71f8eb762173c7d1b902847b31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: y5IB5EYclFjUExvIJj_lL2AmZ8c8JhVu_LGXlI9DLtAE2WdlyfE5Rg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H/1.1 404
Not Found data.js
examinerlive.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/ 548 B
739 B 59ms
59ms Other
text/html 193.233.202.181
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://examinerlive.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/data.js
Protocol: HTTP/1.1
Server: 193.233.202.181 Ashburn, United States, ASN200019 (ALEXHOST, MD),
Reverse DNS: trem.media
Software: tino-panel /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://examinerlive.trem.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 08:18:30 GMT
Server: tino-panel
Connection: keep-alive
Content-Length: 548
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 SignikaNegative-Bold.woff2
s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 12 KB
12 KB 21ms
20ms Font
binary/octet-stream 143.204.89.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/SignikaNegative-Bold.woff2
Requested by: Host: s2-prod.examinerlive.co.uk
URL: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-37.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e

Request headers

Referer: https://s2-prod.examinerlive.co.uk/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/style.css
Origin: http://examinerlive.trem.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 06:15:00 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:58:53 GMT
server: AmazonS3
age: 7982
etag: "0878f337da5ac933819c3eaf691db0a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12272
x-amz-cf-id: vII6WVTYLbO7-SO8cZr4gqsNNtgnZCT2deVbeiweKpm2DwTgetc5BA==

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-tmg-network/trc/3/ 31 B
377 B 40ms
31ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-tmg-network/trc/3/json?tim=08%3A18%3A32.461&lti=user-agent-data-1_var&data=%7B%22id%22%3A5%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1656334772614%2C%22vi%22%3A1656404312459%2C%22cv%22%3A%2220220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fexaminerlive.trem.media%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7904%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fexaminerlive.trem.media%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A12846%2C%22nsid%22%3A%22tmg-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a-str-1x1-rr%3Apub%3Dtmg-network%3Aabp%3D0%22%2C%22uip%22%3A%221x1%20Network%20Right%20Rail%201%22%2C%22orig_uip%22%3A%221x1%20Network%20Right%20Rail%201%22%2C%22cd%22%3A2181.890625%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a-str-1x1-rr%3Apub%3Dtmg-network%3Aabp%3D0%22%2C%22uip%22%3A%221x1%20Network%20Right%20Rail%202%22%2C%22orig_uip%22%3A%221x1%20Network%20Right%20Rail%202%22%2C%22cd%22%3A4378.40625%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2C1x1%20Network%20Right%20Rail%201%3Dthumbnails-a-str-1x1-rr%3Apub%3Dtmg-network%3Aabp%3D0%2C%2C1x1%20Network%20Right%20Rail%202%3Dthumbnails-a-str-1x1-rr%3Apub%3Dtmg-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22user-agent-data-1_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: http://examinerlive.trem.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 12
date: Tue, 28 Jun 2022 08:18:32 GMT
content-encoding: gzip
server: nginx
x-timer: S1656404312.482683,VS0,VE12
x-served-by: cache-hhn4029-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://examinerlive.trem.media
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/plain;charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET debug
trc-events.taboola.com/unknown-site-on-tmg-network/log/2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186772&gdpr=1

Domain: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/batch

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/unknown-site-on-tmg-network/log/2/debug?tim=08%3A18%3A32.504&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=1040&cv=20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT&lt=user-agent-data-1_var&pct=1

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/unknown-site-on-tmg-network/log/2/debug?tim=08%3A18%3A32.505&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4003&cv=20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT&lt=user-agent-data-1_var&pct=1

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/unknown-site-on-tmg-network/log/2/debug?tim=08%3A18%3A32.505&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4313&cv=20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT&lt=user-agent-data-1_var&pct=1

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/unknown-site-on-tmg-network/log/2/debug?tim=08%3A18%3A32.506&type=warn&msg=Invalid%20ajax%20response%20from%20server%3A%20trc_json_response%20%3D%0A%7B%22trc%22%3A%7B%7D%7D%0A&llvl=2&id=7269&cv=20220622-2_b1-PR-45910-DEV-113193-user-agent-data-release-30238cc0ad6-SNAPSHOT&lt=user-agent-data-1_var&pct=1

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upgulpinon.com/42	1970-01-20 12:52:20	Name: scm Value: 1
upgulpinon.com/42	1970-01-20 12:52:20	Name: OAID Value: 5e64de370edb4c59a345e03dcb33d246
upgulpinon.com/42	1970-01-20 12:52:20	Name: oaidts Value: 1656404305
examinerlive.trem.media/	1969-12-31 23:59:59	Name: GS_RESTRICT Value: 0
.cdn-server.top/	1970-01-20 04:50:32	Name: yxpi Value: d41d8cd98f00b204e9800998ecf8427e
.stmg-prod.mirror.co.uk/	1970-01-20 21:37:56	Name: _ga Value: GA1.4.734087239.1656404306
.trem.media/	1970-01-20 04:08:10	Name: _gid Value: GA1.2.538865661.1656404306
.trem.media/	1970-01-20 04:06:44	Name: _gat Value: 1
.trem.media/	1970-01-20 06:16:20	Name: _gcl_au Value: 1.1.643231831.1656404306
my.rtmark.net/	1970-01-20 12:52:20	Name: ID Value: 21d68891b4f445a9b534426f1f18b2c3
.trem.media/	1970-01-20 04:06:44	Name: _gat_UA-110513849-54 Value: 1
uk-script.dotmetrics.net/	1970-01-20 04:16:49	Name: AWSALBCORS Value: w2RiZkIiO6DIjfOjwEJJwwAhIqWGe6jWObEHgMF2PDnAPl0WTSCzrc9yZT/tbXNCWbKu50EWDuTO1UQTrVf4qWwvYG9M3mbiAgUtloIY+g1/gh6j0LMRJk/eHq+5
.dotmetrics.net/	1970-01-20 12:52:20	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 12:52:20	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=5947f57f-9a6e-42f7-bb16-3ebdd4d8224d&Created=06/28/2022 08:18:26&UserMode=0&guid=b91ae58e-598f-43dd-8b25-877a9b87b787&ver=1
examinerlive.trem.media/	1970-01-20 04:08:10	Name: _lr_geo_location Value: DE
upgulpinon.com/	1970-01-20 12:52:20	Name: scm Value: 1
upgulpinon.com/	1970-01-20 12:52:20	Name: OAID Value: 21d68891b4f445a9b534426f1f18b2c3
upgulpinon.com/	1970-01-20 12:52:20	Name: oaidts Value: 1656404306
.trem.media/	1970-01-20 21:37:56	Name: _ga_B287MYQDTC Value: GS1.1.1656404306.1.0.1656404306.0
.trem.media/	1970-01-20 21:37:56	Name: _ga Value: GA1.1.734087239.1656404306
.trem.media/	1970-01-20 13:35:32	Name: _cb Value: CF9LwiDvybrIDRDPvz
.trem.media/	1970-01-20 13:35:32	Name: _chartbeat2 Value: .1656404306603.1656404306603.1.D3xrdpC45riDC-ZXIHJm3ZhDbmUdJ.1
.trem.media/	1970-01-20 04:06:46	Name: _cb_svref Value: null
.proper.io/	1970-01-20 04:06:46	Name: __cf_bm Value: ykrg6QiEdnLiehnP0CYKkDArnRQvqDlLKgBTIYjk5vU-1656404306-0-AdS76asc5YoLpzqxQaFHHrXrdnUi3x3QW/WltUYjV3cKA6rXeLBGCFtQA+Du+al+4Xp6xGo7S7fQ9GnB5mtYizlep36KGn1e/7LCLZuvxBaN
examinerlive.trem.media/	1970-01-20 04:06:46	Name: _vfb Value: examinerlive%2Etrem%2Emedia..1.10.1656404306....
examinerlive.trem.media/	1970-01-20 12:52:20	Name: _vfa Value: examinerlive%2Etrem%2Emedia..2aacaa17-b196-4c6f-8c4c-4aa82ab50902.1656404306.1656404306.1656404306.1
examinerlive.trem.media/	1970-01-20 04:06:44	Name: _vfz Value: examinerlive%2Etrem%2Emedia..1656404306.1.medium=direct\|source=\|sharer_uuid=\|terms=
upgulpinon.com/	1970-01-20 12:52:20	Name: oaidvc Value: 1
upgulpinon.com/	1970-01-20 04:06:47	Name: CNT Value: 1_v1_B9RRAAEAAADjSkAA
.viafoura.co/	1970-01-20 12:52:20	Name: vfDeviceId Value: 30842aa7-7e50-4f64-8794-f96b9efe2e91
examinerlive.trem.media/	1970-01-20 04:06:47	Name: _lr_retry_request Value: true
examinerlive.trem.media/	1970-01-20 04:49:56	Name: _lr_env_src_ats Value: false
.examinerlive.trem.media/	1970-01-20 04:06:46	Name: properSessionData Value: eyJ1dWlkIjoiMDJkNzg0OGYtZjYxMy00NjYzLTg5NDEtMWI1NGY3YTVmZGFhIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjAsImxhc3RfdGhyZXNob2xkIjowfQ==
.exelator.com/	1970-01-20 06:59:32	Name: EE Value: "5e6daf0be16a2df1cc911f18b90a54de"
.criteo.com/	1970-01-20 13:28:20	Name: uid Value: 6890a5a2-0f12-4b94-8625-5956a83a7c79
.exelator.com/	1970-01-20 06:59:32	Name: ud Value: "eJxrXxzq6XKLQcE01SwlMc0gKdXQLNEoJc0wOdnS0DDN0CLJ0iDR1CQldXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6IhfXxUUpaQyLSopPBR%252B4sgkA4x8rjA%253D%253D"
.adnxs.com/	1970-01-20 06:16:20	Name: uuid2 Value: 1625729341028900530
.trem.media/	1970-01-20 13:28:20	Name: cto_bundle Value: pLWitV9VOVhLdXZVQUhVeTExU2pDODljZ3c4VHZaRjY3aVlSS0JWWlpqd1FRc1FZJTJGZjlpd2FXbnp0JTJCS3clMkZtTTVHdkNjM3R1VTVCaVBYNERNdHpNck4wVmgwTjZmNDZtRURITHpuWTVWOUM5VUliNGJNNTRFVzVhWnFySnZmek9LaFdjd25XNTAya0xXQ1Y5MXBnbmhZb280ZkElM0QlM0Q
.doubleclick.net/	1970-01-20 13:28:20	Name: IDE Value: AHWqTUns6fWjQr0qQ4Gr9ekL33JRvmi1pndSOiVXxu1cXa5aWQA645CQa3WKCvMviek
.twitter.com/	1970-01-20 21:37:56	Name: personalization_id Value: "v1_yk8eIxMziI/F0Ov46Ep/Nw=="

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://examinerlive.trem.media/@trinitymirrordigital/marwood/TM/img/placeholders/transparent-wide.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://examinerlive.trem.media/@trinitymirrordigital/chameleon-partnership-widgets/libs/X2JS.min.js?v=3.0.1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://examinerlive.trem.media/ Message: Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186772&gdpr=1' from origin 'http://examinerlive.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186772&gdpr=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api.viafoura.co/v2/examinerlive.trem.media/bootstrap/v2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/examinerlive.trem.media/%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/examinerlive.trem.media Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://examinerlive.trem.media/ Message: Access to XMLHttpRequest at 'https://felix.data.tm-awx.com/batch' from origin 'http://examinerlive.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://felix.data.tm-awx.com/batch Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://accounts.google.com/gsi/status?client_id=21310031516-6a0fhv7eb16lf9mrt3aem6v78snam8ps.apps.googleusercontent.com&as=WasynHVo4NKyF4HdEZvRTQ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: http://examinerlive.trem.media/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'http://examinerlive.trem.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=72 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://examinerlive.trem.media/@trinitymirrordigital/breaking-news-client/c03ad77cb1521dffa15147996f426e5b1d1442b5/data.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.cdn.ampproject.org/ https://bing-amp.com/ https://.tm-aws.com/ https://*.tm-awx.com/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abcheck.proper.io
accounts.google.com
analytics.twitter.com
api.rlcdn.com
api.viafoura.co
ats-wrapper.privacymanager.io
bids.proper.io
c.amazon-adsystem.com
cdn-server.top
cdn.adsafeprotected.com
cdn.exelator.com
cdn.taboola.com
cdn.viafoura.net
clients1.google.com
cm.g.doubleclick.net
config.lrcontent.com
cse.google.com
edge.quantserve.com
examinerlive.trem.media
felix.data.tm-awx.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.s-onetag.com
global.proper.io
googleads.g.doubleclick.net
gum.criteo.com
i.viafoura.co
i2-prod.birminghammail.co.uk
i2-prod.cambridge-news.co.uk
i2-prod.examinerlive.co.uk
i2-prod.leeds-live.co.uk
ib.adnxs.com
id5-sync.com
interstitial-08.com
js-sec.indexww.com
littlecdn.com
livecomments.viafoura.co
loadm.exelator.com
mab.chartbeat.com
macro.adnami.io
match.adsrvr.org
mug.criteo.com
my.rtmark.net
mydmp.exelator.com
notifications.viafoura.co
onetag-geo.s-onetag.com
onsite-tag-logs.apps.nielsen.com
p1.w-q-f-a.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
quantcast.mgr.consensu.org
reach-id.orbit.tm-awx.com
region1.google-analytics.com
rules.quantcount.com
s2-prod.examinerlive.co.uk
sb.scorecardresearch.com
script.4dex.io
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
stmg-prod.mirror.co.uk
trc-events.taboola.com
trc.taboola.com
uk-script.dotmetrics.net
unphionetor.com
upgulpinon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.reachgeneric.co.uk
api.rlcdn.com
felix.data.tm-awx.com
match.adsrvr.org
trc-events.taboola.com
100.20.195.132
104.244.42.3
139.45.195.8
139.45.197.151
139.45.197.236
139.45.197.242
141.95.98.67
142.250.185.194
142.250.186.98
143.204.89.100
143.204.89.104
143.204.89.107
143.204.89.111
143.204.89.112
143.204.89.128
143.204.89.129
143.204.89.18
143.204.89.20
143.204.89.30
143.204.89.37
143.204.89.55
143.204.89.56
143.204.89.7
143.204.89.8
143.204.89.83
143.204.89.99
143.204.93.3
151.101.1.44
151.101.194.217
178.250.2.146
18.198.69.109
18.202.156.227
18.204.186.59
185.33.221.53
185.66.200.222
193.233.202.181
2.18.234.21
2001:4860:4802:34::36
216.104.36.155
2600:1f18:44f0:4832:38dc:837:c27f:e1ca
2600:9000:2156:1200:9:46dc:4700:93a1
2600:9000:2156:4800:8:2ae1:d740:93a1
2600:9000:2156:5a00:6:44e3:f8c0:93a1
2600:9000:2156:8000:18:1fcd:351:7bc1
2606:4700:10::6816:1974
2606:4700:10::6816:48e8
2606:4700:20::ac43:4bf1
2606:4700::6811:4f22
2606:4700::6812:4ba
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::200e
2a00:1450:4001:803::200d
2a00:1450:4001:803::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400e:803::200a
2a02:2638:1::3
2a02:2638::1c
2a04:4e42::714
34.192.95.221
34.231.74.71
35.170.84.146
35.71.131.137
52.30.25.219
52.51.205.124
004f5032634a668de76e588c87a95720ef2fa7c3964dcbe80206c490925e497d
015b9fa00cb4cc03645a3f4979e679552c0d74e4d4ff69a01b4e49b7e39b616d
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
04d9cdb60bac5bf32e6b7f24454d57bf69b1eb22b0f9a0bbd8020352123c6fb6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
0ad3f94629b6d09711510cd543ba15fd8637acc0c70d430b5cca5b9cbc0c4334
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9167acffc1227365284e60c353db4c6218e353ebc65dab2b60f100dfc71b06
0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4
0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
1005a8feb5cfd170c0175a507937064e4ebbf72f0f4969089aab4a0c38b412cf
109a908f84c6d056deabc0fa5ab190c4a76be2ba5d5dfc9562fba38ee35180e0
1435892f80f5dbef825cd7503205f825dd522342ebe34164b6a57d95b40a6e91
1536a995de7689801b3ec55bd09f3b5e200a45bfded9104da7e2e0b4209633bc
15a2bc9af09b75ce70d1f15a7c64324237a37ff97bbedc8d58b2d85e09c9ac52
170ecdb8c7b0179e0ca500a652b013f622bd47b52ece03e9760cd916962afdf8
18eb814f94d0974c1fbdc2245dfce0771fa679e043f418a5424c21590b9c5dbb
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
252ee4376dd7760162eb391fafee5d8420b5e56bb280473076f4883c9056a317
2a5f3159425ad604c1635bed08c0194864cc9aa2aae71494ca1ab99a2a62782d
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2e9ae3ac9245ed24ce058317e477e3f865872deef27e678f9a63084a34ab8bf8
31f5e49fe61d30c901141733f1bd7bb02b43a9efe31d020dd035c66434dbcc0d
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3486804e7cb704784bd2f9493456f5fe5b57ca5383addf8aa3ae91f71a3a7428
36944c5bf0eac89f3684c9d9680e46deb08d6f5f06d154b69378d5078abdae15
3858e30d8680fe2e197483d4f733509fb0fca3a43057f319fde8977888758c4b
3cffc7c33ee5bd9bf126ab3b9fd0256b2805d6bb679c1e04df4f65d1a31e1586
3dc307462e4228f050ff6258ad9d6bda21449461724c11d87af36a21573f1aef
3ecb41291b7df5f937e5bef51145c588781d886784568b7774b9be35f6ff261c
3ff6424671f0f213a4e7d3727ee056a54e22ade6df02352f33bbdd630a4a702b
428882724bc6ab5142ffbbe677f5f85cc2823340a8e6375e776d0ebb62f12eec
4389fe9a2111c1bfa947c227828f01b9766879bddf485d3766fad402ed7616a1
4433ec30b55ef2912eb282c065a0395b43a6128a7760130a76f413d230aeb120
460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e
46a8e21d1d3704ab93ff06617a1e9462659d2ef8a83b1d7be5af4728cd323d3d
4813320d44f3f82fe85df7fedc424af04063d51885d8cdd1947ea15d3fdcb98a
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
53db6cd1251b062283e247a8b440462e01232a214a93ce981da3e50203956c66
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
55da1915062ffd387f2ad684155fe1f05d06bbe8ed8a59a074a73bb7837b6616
581d3a625e9af7f423072c97ed940e38a08da586275ca088455775f62b63e021
58544e3995edabdf1d18327aef2ab904aae00b3df8e5fa916329367ffa1b5891
5b21baf1dabe5d65211e130442094dea9da5225230fb9fa33119cfb7d81af8c1
5ca71b1bc796bcfb39ca0577c61934079447add2e82e52fc506de2a8d85e8b44
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
618105bb69330a9559d3a25428b96da5714a89f9a012996e3c69ae9974e9bb15
61ab2f35a20b811230c8642ff1eb04920dea276d4416093322c5a0e7adcb0f95
647f147f524b70167e3673a009837c51be56f1bd6014a2de142660c24801fd9f
66a7b25a9fd504376ab5cd151aaf3fee6f3e00842f0e875da6fbd5d4855e2978
67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90
6795440f20139f140b1114bbfbdc1502a5b832e8ae588c67d0ccfff089ee1b10
689fdabbf7cb0792ac119b0ac7abb8f7e4a9350ff08d631eea985d52b96c9c11
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e75ea58546c305916f48ca66e9201e30475fe95edc0d40adc47481e98a1274c
6ec5fa3cb91e551868cb4351ba2fa3f894d22045bb5ec335f229b0de0e6f7b7c
7513a1f725012c714cc6212cd9b4f8eed8e67cee8e5cd722ae1d5c8c2c628cb2
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc
7d83e158a44d7ff90498c7b2e8d6e36d5000900902f4bdd021e8a505e338a8f5
7e140d8a05464766143212b1494858bb7f892fed4f7d6c62176436edf8ab789d
7e4c0fcbc4bc13dcf560d7cb162a74c0da0f13ddb8075807d1993cf1808d9748
814c152f43a797e7b4de80f579f6e95a89f9ac32d4ad3eb0eb84a1293833dbe5
8176d65e1962996d538520bdf2f3fa6d30e4bbfdd567ffb1ea626ab706e0b5c8
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
879faf9ce07be8f80ace620c4cc7642505a28ed35137cbd0e35cc22065f221e5
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8a33ef9c853607ed85c0aa618ccd964f19a97352f4684c7c3bb3e2c81565bea8
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8c22e5178495a9e76d2a1fbaff6b2a43cca64cc2947d1bb47f2bd282ec73093b
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db9e95c255ccdfb1bef85cb26da263bfeb9ba1eb70d835ec74a363ef27df708
93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf
946558ae3ef33b0b418b6afd093bc129654115ffc72f9fe1f686558ee801a133
94f062d03dacc8128c325afaf6a0299a1710a9ee8f6a6ac1c1e9844cddcaf71c
957488292f6d47df455a24d4f4cf0eb2b06698fe1eb7384dbf3ebaf54423cead
9e5b7112d1abbc95b99c4ec4337492e2e37babd89c23a0d31f8408f52fe8f0a1
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a6a41a076d84eba5153a0578f65556763c273a6a1edf67b63b044301007d9afd
a993fb966f108b2fd812f7ed27d9984f4ba2bf94b5f0375d8caa830c2ec751ba
aa88ab735fa879c3b7641048d7cdc9217db24484bc0efff8d692749f756bced2
aaff62dc57b4cc3c82a9ebfcf6627c13b789e15a06aa31b487e2deaec6cad09a
ab992bf6b5fcae6932e2cc00a43c3dd359e35def6594319c2ea036b14844fcd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acedd6f8e7093dd001d2d1772354d49674dc943252bd940d18431101e7df5ec8
af3376064fb9af02627d241e9cd21f22f16f077a5e76f519c67b6096e86c3759
b04dc48c4fba873640e629090eaf0bfd47ddea85969fca3020a1c4539bc4d53d
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5c4b278ca30fa881cef4ecb3538c00e855fe7983706f2e04347368a541f7dd3
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b990ab8ebf75f62a0142673568da1a784388e2ef236b43256b364c5a53a4792f
bd8054ca19f986ccd51f0e5d4498239e466f2f3bc6a086fc0dd147667214179e
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c1765138c78b21926ee11ca82e804325c47d45e4880d6a7a10b693857cd890bb
c1f1de1e298fabb8508ff99f14528f79af6ebd09c501d921251533e5835dba8d
c1f39195106732008423844c281afd28e9cce777ce569465d593f03707829c5f
c79d183a3ab8457485feeed21d3d21499fe491c2cb2b04e155574d27b1d4fef5
cf077454a90235e3ab1322e3be30033106f32f1100660fb0dd17e542ca27b5a3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
d3befc540ea105d773631b3a8af643178353cd6e376d45dc17835144283efeac
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d700a26332729aaa2a953dd02764686ac78845d5f0d955229c0d3168ed0ff7cf
da419ff498c7bf7e67fa787df3c8d4d41eb6eb3eb08d1425367f97658fc779db
dce9146e456f12cf54107bbb0372b3363a059b8ae1d47ed9165bc4c0d22875c6
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e419d0e7334b7fc463cc6b953462e574fc3e4b19412d4cde78578e32e1358933
e58e8a7be7dad76e3d1da9b723405a06ed0e6c3956d494397b97a92398540a6f
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebaac46e6dce5564d49f34293cdcd11653d7edc5424be699668bb8eb029ba88f
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed2afa2565753583faf967bdcd69182e999f75200e8af54dbd1630dcb173fe9b
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f24793f826437da50fb3cbd60695c598bca961328ff15c224ecb2852bd44ac8e
f24b07a5e7e15ffe1bea2246643d54074fc2d51bdc90b0872a8ea4e8c2eefe87
f26b43d77b38124d08f7cbb0088c1ceb0310f73ced275ffd0a435d28c0b8e370
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f6106f919f20d31f7c32de982c861faef2b6e7fa256692fcdd1283b7d7753f35
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fbb2a730e831d236f00cf785ca96a1e39c180d94b736a8be9efca4ca97dc66b2
fce1c1379b8639497005980d599d8312f6194dd427b296a83d346de5b488750b

examinerlive.trem.media Open in urlscan Pro 193.233.202.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

178 Requests

81 %HTTPS

36 %IPv6

52 Domains

76 Subdomains

69 IPs

7 Countries

3771 kBTransfer

11026 kBSize

40 Cookies

37 Outgoing links

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

examinerlive.trem.media Open in urlscan Pro
193.233.202.181 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

81 %
HTTPS

36 %
IPv6

52
Domains

76
Subdomains

69
IPs

7
Countries

3771 kB
Transfer

11026 kB
Size

40
Cookies

178 HTTP transactions
2 data transactions