urlscan.io logo urlscan.io
SecurityTrails logo

nj1015.com Open in urlscan Pro
192.229.163.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.trenton.townsquarenewsletters.com/click/33344843.43397/aHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8/5bec3c4005e94e67f367c1e...
Effective URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2...
Submission: On January 21 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 3 countries across 131 domains to perform 768 HTTP transactions. The main IP is 192.229.163.133, located in United States and belongs to EDGECAST, US. The main domain is nj1015.com. The Cisco Umbrella rank of the primary domain is 218540.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 13th 2023. Valid for: a year.
This is the only time nj1015.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.222.82.214 14618 (AMAZON-AES)
36 192.229.163.133 15133 (EDGECAST)
15 192.229.163.86 15133 (EDGECAST)
4 172.253.63.95 15169 (GOOGLE)
6 108.138.85.19 16509 (AMAZON-02)
2 104.18.23.145 13335 (CLOUDFLAR...)
31 142.251.16.156 15169 (GOOGLE)
3 172.64.149.180 13335 (CLOUDFLAR...)
3 192.229.163.160 15133 (EDGECAST)
9 172.253.63.101 15169 (GOOGLE)
2 146.75.28.84 54113 (FASTLY)
5 18.67.17.105 16509 (AMAZON-02)
4 146.75.28.157 54113 (FASTLY)
4 31.13.66.19 32934 (FACEBOOK)
5 142.251.163.97 15169 (GOOGLE)
5 172.253.115.155 15169 (GOOGLE)
5 172.253.62.94 15169 (GOOGLE)
3 54.192.51.13 16509 (AMAZON-02)
6 23.48.9.151 16625 (AKAMAI-AS)
1 216.152.143.250 13768 (COGECO-PEER1)
2 13.225.195.94 16509 (AMAZON-02)
6 13.249.42.27 16509 (AMAZON-02)
2 31.13.66.35 32934 (FACEBOOK)
1 1 31.13.66.63 32934 (FACEBOOK)
1 31.13.66.174 32934 (FACEBOOK)
1 23.222.193.151 16625 (AKAMAI-AS)
2 104.244.42.136 13414 (TWITTER)
7 216.239.36.181 15169 (GOOGLE)
7 172.253.63.155 15169 (GOOGLE)
2 172.253.63.94 15169 (GOOGLE)
7 142.251.16.136 15169 (GOOGLE)
1 104.22.74.216 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 34.120.155.137 396982 (GOOGLE-CL...)
11 12 15.197.193.217 16509 (AMAZON-02)
6 23.56.220.247 16625 (AKAMAI-AS)
13 54.243.62.226 14618 (AMAZON-AES)
19 52.87.69.37 14618 (AMAZON-AES)
2 99.84.208.88 16509 (AMAZON-02)
2 54.165.212.64 14618 (AMAZON-AES)
1 142.251.16.207 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 172.253.122.149 15169 (GOOGLE)
1 23.13.65.87 16625 (AKAMAI-AS)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 151.101.192.84 54113 (FASTLY)
2 14 104.18.36.155 13335 (CLOUDFLAR...)
5 54.156.240.123 14618 (AMAZON-AES)
5 104.36.115.111 62713 (AS-PUBMATIC)
7 3.224.226.172 14618 (AMAZON-AES)
5 3.161.212.32 16509 (AMAZON-02)
4 5 70.42.32.127 13789 (INTERNAP-...)
11 11 35.211.178.172 15169 (GOOGLE)
13 13 35.207.24.140 15169 (GOOGLE)
7 34.98.72.95 396982 (GOOGLE-CL...)
2 172.253.122.84 15169 (GOOGLE)
11 142.251.163.101 15169 (GOOGLE)
2 22 52.46.143.56 16509 (AMAZON-02)
5 23.40.207.233 20940 (AKAMAI-ASN1)
3 54.192.51.57 16509 (AMAZON-02)
10 8.43.72.32 26667 (RUBICONPR...)
1 4 35.186.253.211 15169 (GOOGLE)
3 3.229.121.224 14618 (AMAZON-AES)
3 34.120.63.153 396982 (GOOGLE-CL...)
5 10 68.67.160.186 29990 (ASN-APPNEX)
3 69.166.1.8 27630 (AS-XFERNET)
1 142.251.16.139 15169 (GOOGLE)
10 13.226.139.75 16509 (AMAZON-02)
3 7 54.192.51.45 16509 (AMAZON-02)
6 142.251.111.94 15169 (GOOGLE)
1 151.101.129.229 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 74.119.119.131 19750 (AS-CRITEO)
1 13.225.195.129 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 13.226.141.120 16509 (AMAZON-02)
2 172.64.144.166 ()
2 2 23.46.192.28 16625 (AKAMAI-AS)
1 1 34.193.251.250 14618 (AMAZON-AES)
1 34.149.148.173 396982 (GOOGLE-CL...)
1 34.102.157.236 396982 (GOOGLE-CL...)
1 34.102.255.132 396982 (GOOGLE-CL...)
2 10 35.244.159.8 15169 (GOOGLE)
6 6 216.34.207.44 25751 (VALUECLICK)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.82 16276 (OVH)
1 7 34.235.210.13 14618 (AMAZON-AES)
1 7 50.19.82.102 14618 (AMAZON-AES)
18 23.48.9.103 16625 (AKAMAI-AS)
3 4 198.148.27.131 19189 (PULSEPOINT)
11 11 3.225.218.10 14618 (AMAZON-AES)
1 155.138.160.21 20473 (AS-CHOOPA)
7 13.225.195.90 16509 (AMAZON-02)
25 172.253.122.132 15169 (GOOGLE)
8 3.209.165.115 14618 (AMAZON-AES)
5 13 35.71.139.29 16509 (AMAZON-02)
8 13 172.253.122.155 15169 (GOOGLE)
2 2 52.45.176.159 14618 (AMAZON-AES)
1 11 172.253.122.147 15169 (GOOGLE)
1 1 68.67.160.137 29990 (ASN-APPNEX)
10 137.184.202.88 14061 (DIGITALOC...)
2 2 69.166.1.66 27630 (AS-XFERNET)
4 104.36.115.113 62713 (AS-PUBMATIC)
2 54.192.51.72 16509 (AMAZON-02)
7 7 23.1.200.83 16625 (AKAMAI-AS)
4 5 52.72.177.11 14618 (AMAZON-AES)
1 23.48.8.28 16625 (AKAMAI-AS)
8 8 67.202.105.21 32748 (STEADFAST)
5 13 8.43.72.98 26667 (RUBICONPR...)
3 172.253.63.154 15169 (GOOGLE)
9 52.44.110.188 14618 (AMAZON-AES)
10 13 8.43.72.97 26667 (RUBICONPR...)
2 104.64.221.222 16625 (AKAMAI-AS)
2 44.217.240.117 14618 (AMAZON-AES)
6 10 34.111.113.62 396982 (GOOGLE-CL...)
2 50.16.197.56 14618 (AMAZON-AES)
6 34.111.8.32 396982 (GOOGLE-CL...)
1 34.160.20.10 396982 (GOOGLE-CL...)
2 4 172.64.151.238 13335 (CLOUDFLAR...)
1 13.225.195.88 16509 (AMAZON-02)
6 6 69.173.151.100 26667 (RUBICONPR...)
1 8.28.7.83 62713 (AS-PUBMATIC)
2 3 18.235.40.85 14618 (AMAZON-AES)
1 1 52.85.151.90 ()
2 147.28.129.37 ()
1 23.55.60.26 20940 (AKAMAI-ASN1)
1 2 67.202.105.32 32748 (STEADFAST)
4 34.194.39.133 ()
1 1 74.121.140.211 30419 (MEDIAMATH...)
4 34.117.239.71 396982 (GOOGLE-CL...)
1 8.28.7.84 62713 (AS-PUBMATIC)
1 34.117.4.53 ()
3 54.198.106.196 ()
768 119
1    3.222.82.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com
link.trenton.townsquarenewsletters.com
36    192.229.163.133 (United States)

ASN15133 (EDGECAST, US)
nj1015.com
15    192.229.163.86 (United States)

ASN15133 (EDGECAST, US)
townsquare.media
4    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
6    108.138.85.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-19.iad12.r.cloudfront.net
cmp.osano.com
2    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
31    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
securepubads.g.doubleclick.net
3    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    192.229.163.160 (United States)

ASN15133 (EDGECAST, US)
cdn.production.townsquareblogs.com
9    172.253.63.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f101.1e100.net
apis.google.com
2    146.75.28.84 (Ashburn, United States)

ASN54113 (FASTLY, US)
assets.pinterest.com
5    18.67.17.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-105.yto50.r.cloudfront.net
assets.revcontent.com
4    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
platform.twitter.com
4    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
5    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
5    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
pagead2.googlesyndication.com
5    172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net
fonts.gstatic.com
3    54.192.51.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-13.yul62.r.cloudfront.net
static.solutionshindsight.net
6    23.48.9.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-9-151.deploy.static.akamaitechnologies.com
a.teads.tv
1    216.152.143.250 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
internal-ads.production.townsquareblogs.com
2    13.225.195.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-94.yul62.r.cloudfront.net
consent.api.osano.com
6    13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net
c.amazon-adsystem.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
1    31.13.66.63 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-01-iad3.fbcdn.net
platform.instagram.com
1    31.13.66.174 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: instagram-p42-shv-01-iad3.fbcdn.net
www.instagram.com
1    23.222.193.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-193-151.deploy.static.akamaitechnologies.com
at.teads.tv
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
7    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
7    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net
www.googletagservices.com
2    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.google.ca
7    142.251.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f136.1e100.net
www.youtube.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
12    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    23.56.220.247 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-247.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    54.243.62.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-62-226.compute-1.amazonaws.com
trends.revcontent.com
19    52.87.69.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-69-37.compute-1.amazonaws.com
yeet.revcontent.com
trends.revcontent.com
2    99.84.208.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-88.iad79.r.cloudfront.net
config.aps.amazon-adsystem.com
2    54.165.212.64 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-212-64.compute-1.amazonaws.com
funes.solutionshindsight.net
1    142.251.16.207 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f207.1e100.net
storage.googleapis.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.253.122.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net
ad.doubleclick.net
1    23.13.65.87 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-65-87.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
1    151.101.192.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
14    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    54.156.240.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-240-123.compute-1.amazonaws.com
hb.minutemedia-prebid.com
5    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    3.224.226.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-226-172.compute-1.amazonaws.com
krk2.kargo.com
5    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
5    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
11    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
13    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
rtb-use.mfadsrvr.com
7    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    172.253.122.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f84.1e100.net
accounts.google.com
11    142.251.163.101 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f101.1e100.net
fundingchoicesmessages.google.com
22    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    23.40.207.233 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-233.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
3    54.192.51.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-57.yul62.r.cloudfront.net
hb.undertone.com
10    8.43.72.32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    3.229.121.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-121-224.compute-1.amazonaws.com
tlx.3lift.com
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
10    68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    142.251.16.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f139.1e100.net
www.google-analytics.com
10    13.226.139.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-139-75.yto50.r.cloudfront.net
images.revcontent.com
7    54.192.51.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-45.yul62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
6    142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
ssl.gstatic.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.225.195.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-129.yul62.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    13.226.141.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-141-120.yto50.r.cloudfront.net
cdn.prod.uidapi.com
2    172.64.144.166 (None, )

ASN- ()
cdn.confiant-integrations.net
2    23.46.192.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-192-28.deploy.static.akamaitechnologies.com
cs.media.net
1    34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com
jadserve.postrelease.com
1    34.149.148.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.148.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.102.157.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.157.102.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.102.255.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.255.102.34.bc.googleusercontent.com
view.cdnbasket.net
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
6    216.34.207.44 (United States)

ASN25751 (VALUECLICK, US)
PTR: ric01-nessy-float2.dotomi.com
amazon-tam-match.dotomi.com
emx-match.dotomi.com
stx-match.dotomi.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
7    34.235.210.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-210-13.compute-1.amazonaws.com
e1.emxdgt.com
7    50.19.82.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-82-102.compute-1.amazonaws.com
match.sharethrough.com
18    23.48.9.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-9-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
11    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
1    155.138.160.21 (Atlanta, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 155.138.160.21.vultrusercontent.com
syncaps.cootlogix.com
7    13.225.195.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-90.yul62.r.cloudfront.net
d1bqktvj79b0wh.cloudfront.net
25    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
8    3.209.165.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-165-115.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
13    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
13    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
2    52.45.176.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-176-159.compute-1.amazonaws.com
ads.creative-serving.com
11    172.253.122.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f147.1e100.net
www.google.com
1    68.67.160.137 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
10    137.184.202.88 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.192.51.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-72.yul62.r.cloudfront.net
cdn.undertone.com
7    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
5    52.72.177.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-177-11.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    23.48.8.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-8-28.deploy.static.akamaitechnologies.com
contextual.media.net
8    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
13    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
www.googletagservices.com
9    52.44.110.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-188.compute-1.amazonaws.com
usr.undertone.com
13    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.64.221.222 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-221-222.deploy.static.akamaitechnologies.com
cw.addthis.com
2    44.217.240.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-240-117.compute-1.amazonaws.com
beacon.krxd.net
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
6    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
contextual-analytics.wunderkind.co
events.bouncex.net
1    34.160.20.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.20.160.34.bc.googleusercontent.com
ids.cdnwidget.com
4    172.64.151.238 (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
1    13.225.195.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-88.yul62.r.cloudfront.net
cdn.p-n.io
6    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    18.235.40.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-40-85.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.85.151.90 (None, )

ASN- ()
live.primis.tech
2    147.28.129.37 (None, )

ASN- ()
prebid.a-mo.net
1    23.55.60.26 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-60-26.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
4    34.194.39.133 (None, )

ASN- ()
pbs.nextmillmedia.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    34.117.4.53 (None, )

ASN- ()
ssp.wknd.ai
3    54.198.106.196 (None, )

ASN- ()
crb.kargo.com
Apex Domain
Subdomains		 Transfer
67 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 Failed
eus.rubiconproject.com — Cisco Umbrella Rank: 579
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
138 KB
47 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 7198
trends.revcontent.com — Cisco Umbrella Rank: 2565
yeet.revcontent.com — Cisco Umbrella Rank: 8249
images.revcontent.com — Cisco Umbrella Rank: 8231
288 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
555 KB
40 google.com
apis.google.com — Cisco Umbrella Rank: 106
analytics.google.com — Cisco Umbrella Rank: 154
accounts.google.com — Cisco Umbrella Rank: 23
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
332 KB
36 nj1015.com
nj1015.com — Cisco Umbrella Rank: 218540
288 KB
35 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com Failed
170 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
788 KB
17 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image2.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 805
image4.pubmatic.com Failed
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image8.pubmatic.com — Cisco Umbrella Rank: 664 Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
179 KB
16 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581 Failed
eb2.3lift.com — Cisco Umbrella Rank: 412 Failed
7 KB
15 townsquare.media
townsquare.media — Cisco Umbrella Rank: 27995
961 KB
14 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4012 Failed
cdn.undertone.com — Cisco Umbrella Rank: 3083 Failed
usr.undertone.com — Cisco Umbrella Rank: 2036
10 KB
14 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625 Failed
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
oajs.openx.net Failed
2 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
ssum.casalemedia.com Failed
14 KB
13 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
ssc-cms.33across.com — Cisco Umbrella Rank: 901
events-ssc.33across.com — Cisco Umbrella Rank: 1615
10 KB
13 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 5535
4 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
4 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
5 KB
11 cootlogix.com
syncaps.cootlogix.com — Cisco Umbrella Rank: 12911
sync.cootlogix.com — Cisco Umbrella Rank: 3230
9 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
6 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253 Failed
secure.adnxs.com — Cisco Umbrella Rank: 490
21 KB
11 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
www.gstatic.com Failed
134 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
3 KB
10 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2728
crb.kargo.com
4 KB
9 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
pbs.nextmillmedia.com
5 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
520 KB
8 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
cs.yellowblue.io — Cisco Umbrella Rank: 1706
5 KB
8 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2171
api.bounceexchange.com — Cisco Umbrella Rank: 2497
199 KB
8 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5210
consent.api.osano.com — Cisco Umbrella Rank: 9295
120 KB
7 cloudfront.net
d1bqktvj79b0wh.cloudfront.net
7 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
3 KB
7 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2112
4 KB
7 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
5 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
128 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
at.teads.tv — Cisco Umbrella Rank: 4698
6 KB
6 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5046
emx-match.dotomi.com — Cisco Umbrella Rank: 16675
pulsepoint-match.dotomi.com Failed
stx-match.dotomi.com — Cisco Umbrella Rank: 2371
2 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1229 Failed
cs.media.net — Cisco Umbrella Rank: 1236
contextual.media.net — Cisco Umbrella Rank: 709
3 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
147 KB
5 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2009
1 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
3 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2202 Failed
sync.go.sonobi.com — Cisco Umbrella Rank: 976
4 KB
5 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3902
2 KB
5 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 36414
funes.solutionshindsight.net — Cisco Umbrella Rank: 39766
33 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
410 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
storage.googleapis.com — Cisco Umbrella Rank: 286
16 KB
4 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2041
454 B
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
4 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
25 KB
4 townsquareblogs.com
cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 48764
internal-ads.production.townsquareblogs.com
133 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4810
page.cdnbasket.net — Cisco Umbrella Rank: 4821
view.cdnbasket.net — Cisco Umbrella Rank: 4825
1014 B
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
31 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3530
log.pinterest.com — Cisco Umbrella Rank: 4732
19 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
23 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1526
hde.tynt.com — Cisco Umbrella Rank: 3986
3 KB
2 a-mo.net
prebid.a-mo.net
assets.a-mo.net Failed
1 KB
2 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 9927
851 B
2 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 9032
280 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1780
648 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
675 B
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 2990
853 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1803
463 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net
119 KB
2 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 4513
ssp.wknd.ai
3 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 955
137 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1234
104 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
515 B
2 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 9991
www.instagram.com — Cisco Umbrella Rank: 1831
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
16 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2320
94 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
693 B
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 3065
234 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 primis.tech
live.primis.tech
558 B
1 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4364
56 KB
1 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 3905
772 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1482
622 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1144
531 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com Failed
1 KB
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net Failed
12 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
897 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
241 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1011
idsync.rlcdn.com Failed
249 B
1 townsquarenewsletters.com
link.trenton.townsquarenewsletters.com
698 B
0 adentifi.com Failed
rtb.adentifi.com Failed
0 mxptint.net Failed
pmp.mxptint.net Failed
0 iprom.net Failed
core.iprom.net Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 thrtle.com Failed
thrtle.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 behave.com Failed
ssp.behave.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 antigena.com Failed
us01.z.antigena.com Failed
0 bluekai.com Failed
tags.bluekai.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 turn.com Failed
ad.turn.com Failed
0 quantserve.com Failed
cms.quantserve.com Failed
0 ctnsnet.com Failed
cm.ctnsnet.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 1rx.io Failed
sync.1rx.io Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 adform.net Failed
c1.adform.net Failed
0 criteo.com Failed
dis.criteo.com Failed
0 blismedia.com Failed
tr.blismedia.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 colossusssp.com Failed
sync.colossusssp.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 liadm.com Failed
i.liadm.com — Cisco Umbrella Rank: 550 Failed
0 lijit.com Failed
ap.lijit.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
768 131
Domain Requested by
36 nj1015.com nj1015.com
townsquare.media
cmp.osano.com
31 securepubads.g.doubleclick.net nj1015.com
cmp.osano.com
cadmus.script.ac
23 tpc.googlesyndication.com nj1015.com
cadmus.script.ac
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
22 s.amazon-adsystem.com 2 redirects cmp.osano.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
syncaps.cootlogix.com
e1.emxdgt.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
bh.contextweb.com
match.sharethrough.com
18 eus.rubiconproject.com s.amazon-adsystem.com
cmp.osano.com
eus.rubiconproject.com
syncaps.cootlogix.com
cs-server-s2s.yellowblue.io
cdn.undertone.com
cookies.nextmillmedia.com
hde.tynt.com
16 yeet.revcontent.com cadmus.script.ac
16 trends.revcontent.com cadmus.script.ac
nj1015.com
15 townsquare.media nj1015.com
cmp.osano.com
13 pixel.rubiconproject.com 10 redirects s.amazon-adsystem.com
13 token.rubiconproject.com 5 redirects eus.rubiconproject.com
13 eb2.3lift.com cmp.osano.com
s.amazon-adsystem.com
eb2.3lift.com
cookies.nextmillmedia.com
12 match.adsrvr.org 11 redirects js-sec.indexww.com
11 www.google.com 1 redirects nj1015.com
cadmus.script.ac
11 cm.g.doubleclick.net 8 redirects eb2.3lift.com
s.amazon-adsystem.com
ads.pubmatic.com
11 fundingchoicesmessages.google.com cmp.osano.com
11 x.bidswitch.net 11 redirects e1.emxdgt.com
eb2.3lift.com
cookies.nextmillmedia.com
hde.tynt.com
ads.pubmatic.com
10 pixel.tapad.com 6 redirects cdn.undertone.com
s.amazon-adsystem.com
10 sync.cootlogix.com syncaps.cootlogix.com
cdn.undertone.com
cookies.nextmillmedia.com
10 images.revcontent.com nj1015.com
10 fastlane.rubiconproject.com cdn.production.townsquareblogs.com
10 ib.adnxs.com cdn.production.townsquareblogs.com
eb2.3lift.com
s.amazon-adsystem.com
9 usr.undertone.com cdn.undertone.com
9 ups.analytics.yahoo.com 9 redirects
9 apis.google.com nj1015.com
cmp.osano.com
www.youtube.com
accounts.google.com
apis.google.com
8 ssc-cms.33across.com 8 redirects hde.tynt.com
8 www.googletagservices.com cadmus.script.ac
nj1015.com
7 us-u.openx.net 2 redirects cdn.undertone.com
s.amazon-adsystem.com
ads.pubmatic.com
7 secure-assets.rubiconproject.com 7 redirects
7 d1bqktvj79b0wh.cloudfront.net cadmus.script.ac
7 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
7 e1.emxdgt.com 1 redirects s.amazon-adsystem.com
e1.emxdgt.com
7 assets.bounceexchange.com cmp.osano.com
7 rtb.mfadsrvr.com 7 redirects
7 krk2.kargo.com cdn.production.townsquareblogs.com
nj1015.com
7 www.youtube.com cmp.osano.com
www.youtube.com
7 analytics.google.com nj1015.com
6 pixel-us-east.rubiconproject.com 6 redirects
6 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
6 ssl.gstatic.com nj1015.com
accounts.google.com
6 rtb-use.mfadsrvr.com 6 redirects
6 ads.pubmatic.com cmp.osano.com
nj1015.com
s.amazon-adsystem.com
6 c.amazon-adsystem.com cmp.osano.com
c.amazon-adsystem.com
nj1015.com
6 a.teads.tv cmp.osano.com
cdn.production.townsquareblogs.com
6 cmp.osano.com nj1015.com
cmp.osano.com
5 cookies.nextmillmedia.com 4 redirects syncaps.cootlogix.com
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
cdn.undertone.com
5 qsearch-a.akamaihd.net nj1015.com
5 b1sync.zemanta.com 4 redirects e1.emxdgt.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
5 hb.minutemedia-prebid.com cdn.production.townsquareblogs.com
5 htlb.casalemedia.com cdn.production.townsquareblogs.com
5 fonts.gstatic.com fonts.googleapis.com
5 pagead2.googlesyndication.com townsquare.media
cmp.osano.com
nj1015.com
5 www.googletagmanager.com cmp.osano.com
5 assets.revcontent.com nj1015.com
cmp.osano.com
4 events-ssc.33across.com hde.tynt.com
4 events.bouncex.net nj1015.com
4 pbs.nextmillmedia.com cookies.nextmillmedia.com
hde.tynt.com
4 image6.pubmatic.com ads.pubmatic.com
4 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
4 sync.intentiq.com 3 redirects s.amazon-adsystem.com
4 rtb.openx.net cdn.production.townsquareblogs.com
4 platform.twitter.com cmp.osano.com
4 fonts.googleapis.com nj1015.com
cmp.osano.com
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
3 crb.kargo.com s.amazon-adsystem.com
ads.pubmatic.com
3 pr-bh.ybp.yahoo.com 2 redirects s.amazon-adsystem.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 u.openx.net s.amazon-adsystem.com
cmp.osano.com
syncaps.cootlogix.com
3 sync1.intentiq.com nj1015.com
3 hb.undertone.com cdn.production.townsquareblogs.com
3 tlx.3lift.com cdn.production.townsquareblogs.com
3 prebid.media.net cdn.production.townsquareblogs.com
3 apex.go.sonobi.com cdn.production.townsquareblogs.com
3 api.btloader.com cadmus.script.ac
btloader.com
3 static.solutionshindsight.net cmp.osano.com
static.solutionshindsight.net
3 cdn.production.townsquareblogs.com nj1015.com
cmp.osano.com
cdn.production.townsquareblogs.com
3 js-sec.indexww.com nj1015.com
cmp.osano.com
2 stx-match.dotomi.com 2 redirects
2 prebid.a-mo.net s.amazon-adsystem.com
cookies.nextmillmedia.com
2 action.media6degrees.com nj1015.com
2 action.dstillery.com 2 redirects
2 loadm.exelator.com cdn.undertone.com
2 beacon.krxd.net cdn.undertone.com
2 cw.addthis.com cdn.undertone.com
2 pixel.advertising.com 2 redirects
2 googleads.g.doubleclick.net nj1015.com
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
2 cs.yellowblue.io cs-server-s2s.yellowblue.io
2 emx-match.dotomi.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com cmp.osano.com
2 ads.creative-serving.com 2 redirects
2 cdn.undertone.com cmp.osano.com
syncaps.cootlogix.com
2 id5-sync.com 2 redirects cdn.id5-sync.com
2 amazon-tam-match.dotomi.com 2 redirects
2 cs.media.net 2 redirects
2 cdn.confiant-integrations.net nj1015.com
2 accounts.google.com cmp.osano.com
nj1015.com
2 static.xx.fbcdn.net www.facebook.com
2 ad-delivery.net nj1015.com
2 funes.solutionshindsight.net cadmus.script.ac
2 config.aps.amazon-adsystem.com cmp.osano.com
nj1015.com
2 i.clean.gg cadmus.script.ac
2 www.google.ca nj1015.com
2 stats.g.doubleclick.net nj1015.com
2 syndication.twitter.com platform.twitter.com
nj1015.com
2 www.facebook.com connect.facebook.net
cmp.osano.com
2 consent.api.osano.com cmp.osano.com
2 connect.facebook.net cmp.osano.com
2 assets.pinterest.com nj1015.com
cmp.osano.com
2 cadmus.script.ac nj1015.com
cmp.osano.com
1 ssp.wknd.ai nj1015.com
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects ads.pubmatic.com
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 hde.tynt.com cookies.nextmillmedia.com
1 de.tynt.com 1 redirects
1 hb.yahoo.net s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 simage2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
nj1015.com
1 cdn.p-n.io cmp.osano.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 api.bounceexchange.com cmp.osano.com
1 contextual.media.net cs-server-s2s.yellowblue.io
1 secure.adnxs.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 syncaps.cootlogix.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 jadserve.postrelease.com 1 redirects
1 cdn.prod.uidapi.com cmp.osano.com
1 cdn.id5-sync.com cmp.osano.com
1 invstatic101.creativecdn.com cmp.osano.com
1 tags.crwdcntrl.net cmp.osano.com
1 static.criteo.net cmp.osano.com
1 cdn-ima.33across.com cmp.osano.com
1 oa.openxcdn.net cmp.osano.com
1 cdn.jsdelivr.net cmp.osano.com
1 www.google-analytics.com nj1015.com
1 log.pinterest.com nj1015.com
1 tag.wknd.ai cmp.osano.com
1 secure.cdn.fastclick.net cmp.osano.com
1 ad.doubleclick.net nj1015.com
1 storage.googleapis.com nj1015.com
1 api.rlcdn.com js-sec.indexww.com
1 btloader.com cmp.osano.com
1 at.teads.tv a.teads.tv
1 www.instagram.com nj1015.com
1 platform.instagram.com 1 redirects
1 internal-ads.production.townsquareblogs.com nj1015.com
1 link.trenton.townsquarenewsletters.com 1 redirects
0 assets.a-mo.net Failed prebid.a-mo.net
0 rtb.adentifi.com Failed nj1015.com
0 pmp.mxptint.net Failed nj1015.com
0 core.iprom.net Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 ums.acuityplatform.com Failed ads.pubmatic.com
0 t.adx.opera.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 beacon.lynx.cognitivlabs.com Failed ads.pubmatic.com
0 sync.bfmio.com Failed s.amazon-adsystem.com
ads.pubmatic.com
0 thrtle.com Failed s.amazon-adsystem.com
ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 ssp.behave.com Failed nj1015.com
0 ads.yieldmo.com Failed cookies.nextmillmedia.com
0 image8.pubmatic.com Failed cookies.nextmillmedia.com
0 ssum.casalemedia.com Failed cookies.nextmillmedia.com
0 aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com
0 pulsepoint-match.dotomi.com Failed bh.contextweb.com
0 px.ads.linkedin.com Failed eb2.3lift.com
s.amazon-adsystem.com
0 um.simpli.fi Failed s.amazon-adsystem.com
0 us01.z.antigena.com Failed s.amazon-adsystem.com
0 oajs.openx.net Failed cadmus.script.ac
0 idsync.rlcdn.com Failed cdn.undertone.com
0 tags.bluekai.com Failed cdn.undertone.com
0 dpm.demdex.net Failed cdn.undertone.com
0 image4.pubmatic.com Failed cdn.undertone.com
s.amazon-adsystem.com
nj1015.com
0 www.gstatic.com Failed nj1015.com
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
0 onetag-sys.com Failed cs-server-s2s.yellowblue.io
0 bcp.crwdcntrl.net Failed tags.crwdcntrl.net
0 ads.stickyadstv.com Failed cs-server-s2s.yellowblue.io
0 ad.turn.com Failed e1.emxdgt.com
nj1015.com
0 creativecdn.com Failed e1.emxdgt.com
nj1015.com
0 cms.quantserve.com Failed e1.emxdgt.com
ads.pubmatic.com
0 cm.ctnsnet.com Failed e1.emxdgt.com
0 match.prod.bidr.io Failed e1.emxdgt.com
s.amazon-adsystem.com
ads.pubmatic.com
0 sync.1rx.io Failed e1.emxdgt.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
0 sync-tm.everesttech.net Failed e1.emxdgt.com
ads.pubmatic.com
0 aorta.clickagy.com Failed e1.emxdgt.com
0 pixel-sync.sitescout.com Failed e1.emxdgt.com
cdn.undertone.com
nj1015.com
ads.pubmatic.com
0 sync.ipredictive.com Failed e1.emxdgt.com
s.amazon-adsystem.com
ads.pubmatic.com
0 c1.adform.net Failed e1.emxdgt.com
nj1015.com
0 dis.criteo.com Failed e1.emxdgt.com
eb2.3lift.com
ads.pubmatic.com
0 tr.blismedia.com Failed e1.emxdgt.com
0 match.deepintent.com Failed e1.emxdgt.com
ads.pubmatic.com
0 csync.loopme.me Failed syncaps.cootlogix.com
cs-server-s2s.yellowblue.io
cookies.nextmillmedia.com
ads.pubmatic.com
0 sync.colossusssp.com Failed syncaps.cootlogix.com
0 image2.pubmatic.com Failed syncaps.cootlogix.com
cs-server-s2s.yellowblue.io
s.amazon-adsystem.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 p.rfihub.com Failed ssum-sec.casalemedia.com
e1.emxdgt.com
ads.pubmatic.com
0 a.tribalfusion.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 i.liadm.com Failed ssum-sec.casalemedia.com
0 ap.lijit.com Failed s.amazon-adsystem.com
syncaps.cootlogix.com
cookies.nextmillmedia.com
0 g2.gumgum.com Failed cdn.production.townsquareblogs.com
768 207
Subject Issuer Validity Valid
www7.townsquaremedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-10-13		 a year crt.sh
www6.townsquaremedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
script.ac
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
www8.townsquaremedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-10-13		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
solutionshindsight.net
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
production.townsquareblogs.com
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M03		 2023-09-27 -
2024-10-25		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
syndication.twitter.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
tag.wknd.ai
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M02		 2023-04-09 -
2024-05-07		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2024-01-19 -
2024-04-18		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2024-01-13 -
2024-04-12		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2023-06-14 -
2024-06-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.wunderkind.co
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
ids.cdnwidget.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
pushlycdn.com
Amazon RSA 2048 M03		 2023-12-16 -
2025-01-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh

This page contains 106 frames:

Primary Page: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Frame ID: 23BFCB1D1C4B0D820AD081C9449BD06E
Requests: 359 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: 67FAFC7BB8A2B01D51FCAD825646688D
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 213CB0E1ACC3080570C842078B66204F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnj1015.com
Frame ID: 7F051EF4095E10A39C15C6B70FB25621
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 765F24386C984093BB2389CE3E82CBE7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 1B9C5FB6B4FC4A8393B3E002DF61D839
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27580a71a12c14%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff3777472d04e354%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 40C0A1020AF4AA50BF410FF4E412E06B
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 3F0931E6E4B765C0942F80B8FEC9F1D9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7179FC0AD8E817A54B7EAC342E1039EB
Requests: 13 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 2E7C1D766540593DB03FF73A3043E52E
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Frame ID: 13EE605EC937021E3ACCC630F4A3DE4E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: B48663EBDC84662EAB4CD7C226FBA860
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 00757A02C23AD8FD65E58CD28123F502
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 6602482C46246E770E8EF6193D2674B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMqpaMzA6jjANmDx7NAAAAAAA&expiration=1705885453&is_secure=true
Frame ID: 8394D1A27198C2BC3B8C00435F06A312
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-b46dbnuoV4hSvw9r8PAlyKyLD02t8mIpu0KCMZFoTA
Frame ID: 0B451C62F62B02938E3B32D9AA1D8E3E
Requests: 1 HTTP requests in this frame

Frame: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Frame ID: D3018331245898A61691330DB2E42432
Requests: 24 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 35C402AEF91D63909C58EBB685FDFCBF
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: BB36B8DCD828F40BA4F3529A5F3B56BE
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: FEC6A6283F74C04C186CA6FA00B49BC1
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 0794EB73CE0B3D12231871C50AFE47A9
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LWThEMFdSRTJ1SkUuczBtcVBBV244YUliTUxBV2c4U35B
Frame ID: 817AE32EA9355B04984AED4942DF9F15
Requests: 1 HTTP requests in this frame

Frame: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Frame ID: 92ED4C9563BAAFF00087BBCBC5D9A741
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 49FB764C120D1CB8E7DBF6BE0CF10C2B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 94558EDD4F090BE9A13202D0D3C1403F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 13469615AB7A523809F75CC80FF8F0AA
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Frame ID: 2E60778DF2F5C5E868DBE7E2B9A874AC
Requests: 12 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 4128B9339964A356176297227313BF42
Requests: 16 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CCCDE7F42C40C00D56060659FE8451CB
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: BD904DC3ED18FDEB8F43E89DFFA48EBB
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: AFE42CFBC647B069686643F138939475
Requests: 1 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: 13894AE68B713893E5EF1A396CD5ADD8
Requests: 8 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: D14EDF697C8BE7E7BB771CB0894C5A43
Requests: 8 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 1C5CC6587039586FCEE11FF407D0F018
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2227546027579844602145
Frame ID: 6732A4ED8202A7070CD25FC313E5AB7C
Requests: 1 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: D31286D2C532CEA2A5AE55379648A4F7
Requests: 10 HTTP requests in this frame

Frame: https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B13C6CEB7FD04FC16DCCFA4607740F2
Requests: 1 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: 429B9619A5427A88A484AB623CE03E97
Requests: 10 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: B4AD0E9A27E67B6018FDEE0EE7CC59BC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Frame ID: C2FB69CA21CD03CD652093DEA5EAB4D9
Requests: 4 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Frame ID: DDDAE0BF0E2BB27C6637135B61BE6AFE
Requests: 16 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Frame ID: B18E558189360FEA86A226558947BDCD
Requests: 1 HTTP requests in this frame

Frame: https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E2428D5E7F0E9E74F738219FFB8BE0E
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: DE267C64C9DC252F538FF719E5995712
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: A2192560D44D6A8248C4494718A9E8BC
Requests: 4 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: E5F6C231C439220CFC30845AE2ADFBED
Requests: 10 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 55C9D2E4B6FF69F354D8E6A4268820E5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 19BA5C7CA3A335B457FA1C08CCA274EA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 47B40295E0AF719712A9B40208712416
Requests: 2 HTTP requests in this frame

Frame: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Frame ID: 9157E0EDB5238FFC3943F536284B2F8C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 25037D53CDABB8E7A2FB457A622DEE86
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 89094D99148B0A484A58C6D026046E40
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 9652B230DEA1768A98D38076A04BCF11
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: F4463D86CB5674F82C82D494B76556E0
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent=
Frame ID: 741FC0613252538828CF9DDA2B42FF98
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
Frame ID: F9A88F11ED9AC045F6581C7269B7AFF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/user?partnerId=nextmillmedia&userId=&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 8C21BD0FD080CE78797CF68331A3B42C
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 61511D448AEC6B41CD65D3057CBBAF15
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: C6D12D96D652B091B3BFD6571B5E2110
Requests: 2 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=2158602717580314586
Frame ID: 83AA242749039B4A3AF7E570FEE89494
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
Frame ID: C37DB1BF3CA89D4C69C239193D85506F
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: 370C0A8A57071880AAD54D6FA773CD18
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
Frame ID: 7EC47B41435D5901BF0A9594E0C57D8C
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
Frame ID: 0858A3411A1C8E4CAED2671E97CC1DDE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Frame ID: D634790A56C94C542D1D92E8590D65E7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: A5952C9AA5D9E475F20B586BB6F43D85
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 998F35EBE6AEF7E8C587E320EB7C1F3E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 6D095947A0C202E84F288E465A7CC1EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: BE36F301A9B61CF276D599161C4A5BC4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: AA86EDA244E0EE63DD90387AA2C91F17
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: 9ABADE1EEDAC18D42437FD82AB412119
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 89D08818CB1EFCB9B373C32D809D55DE
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Frame ID: DB8097CF4A43E18498BF93E8D96E2A06
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Frame ID: A2C6FC268B1DCC2A4916C37CD98951E7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFRVN0xXTnNBQUJQcEdUYjhldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: BEC07FC900B5EE3BEB84392EC96A1C5E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQBPOBiABd
Frame ID: 30B208BB71F5EF3A843A1994C3EF19EF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
Frame ID: 9189688B9A846F7F6B24A3DC4D88BF46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Frame ID: 02958DCDA09BE50FE931DD73A06981D5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 737F21F7CC67C7BF0D7A044F2F40CAFA
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Frame ID: B0CC20D60C275E931FB76DC2C3134B83
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQA7yBigBd
Frame ID: 56A82A10F09BFC01477461EFC6FA882F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B42D7898F5F1ADB163C1ABB962E13059
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 55FA71FA0743ACC2CAE117892FDC3E4D
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: CCB7B6F2EAAABDA77C31F8B8AD0C61A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qvt2npgs1Rrmg45&gdpr=0&gdpr_consent=
Frame ID: CB8B1376159FEAFC647C772D6842F8B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Frame ID: 1CC08D36DA8756B9D8A037AB2D00B655
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Frame ID: EEC804808448A2A01BEE444F28B712F7
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Frame ID: DA2F6A2340528039502D2B4335D6649F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQB0bjMgBH
Frame ID: 061A56CF388ACD68440D6238C977E669
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 90965E09544E7A5ECF0CE755CEA4FB0E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 736647F3808AA8D5F648A9CD192B1A60
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: BBC13D03FABBF4DAED0BC94B4F58B63F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mh9iFSOt1Rrmg55&gdpr=0&gdpr_consent=
Frame ID: EDBA159B969326BB54A0EDC9469C2CC8
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: A3A44309460F80E5BD03C2D54D4D8661
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 205955103EC48BFFFA42EC4B20908EBE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BAE3A8015438896C122C9BB926B35829
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 3DCC8481E1A45AE74C2812329489DFCD
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6843F66F8560EF164ABBE5DEA570D847
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 5472CC5486DD55B63B8CA08D21340C85
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 1573F8BD956B73D4DF309DB02508AE9A
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 4E2C9A6DD410A01D78CC326C12B63753
Requests: 1 HTTP requests in this frame

Frame: https://ums.acuityplatform.com/tum?umid=6
Frame ID: 1D7563EFADE936F0228F0A32CA41FAA5
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 5F3DCD991818C2D5B297872B4D6E7C53
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 6A150BF9E0D80AA0A91AF12DC8D6CB79
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: E146893A90DAC1C39DB02CDE2DA846BF
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3F9AD157384EB140E5B4D4E1C844FF9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Happy Thanksgetting! Win a $100 Wegmans gift card

Page URL History Show full URLs

  1. https://link.trenton.townsquarenewsletters.com/click/33344843.43397/aHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8/5be... HTTP 302
    https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsle... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

768
Requests

63 %
HTTPS

0 %
IPv6

131
Domains

207
Subdomains

119
IPs

3
Countries

6367 kB
Transfer

17939 kB
Size

129
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.trenton.townsquarenewsletters.com/click/33344843.43397/aHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8/5bec3c4005e94e67f367c1e8B7d5e9d64 HTTP 302
    https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js
Request Chain 194
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=3a3f254180124f5296e0083b3bb0e34b&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D3a3f254180124f5296e0083b3bb0e34b_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&us_privacy=1---&rev_dt=1705799046682 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D3a3f254180124f5296e0083b3bb0e34b_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&puid=3a3f254180124f5296e0083b3bb0e34b&rev_dt=1705799046682&s=2&us_privacy=1--- HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
Request Chain 195
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046687 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046687 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=a66e6375-923b-41c7-a0b0-e6a4b80f0d17&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ssp=revcontent&us_privacy=1--- HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Request Chain 196
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=3a3f254180124f5296e0083b3bb0e34b&us_privacy=1---&rev_dt=1705799046694 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=3a3f254180124f5296e0083b3bb0e34b&us_privacy=1---&rev_dt=1705799046694 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Request Chain 198
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=60c8733550164698988ebf949307ef0d&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D60c8733550164698988ebf949307ef0d_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&us_privacy=1---&rev_dt=1705799046709 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D60c8733550164698988ebf949307ef0d_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&puid=60c8733550164698988ebf949307ef0d&rev_dt=1705799046709&s=2&us_privacy=1--- HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
Request Chain 199
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046726 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046726 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ssp=revcontent&us_privacy=1--- HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Request Chain 200
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=60c8733550164698988ebf949307ef0d&us_privacy=1---&rev_dt=1705799046732 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=60c8733550164698988ebf949307ef0d&us_privacy=1---&rev_dt=1705799046732 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Request Chain 220
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Request Chain 266
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=8e52d55c-d38f-4728-8ff8-b420b9172630&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Request Chain 267
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=8e52d55c-d38f-4728-8ff8-b420b9172630&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=TTAAqoQvrJ&nc=false&trid=-1770702112
Request Chain 268
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=c9022297-ca90-4b2c-8a97-e832368e8156&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Request Chain 269
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=c9022297-ca90-4b2c-8a97-e832368e8156&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=VhvUrS9Hde&nc=false&trid=1193672478
Request Chain 271
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=747ad36c-35cf-49be-a775-75eceae6ded1&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Request Chain 272
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=747ad36c-35cf-49be-a775-75eceae6ded1&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=afRKvV1gct&nc=false&trid=-134670844
Request Chain 305
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f49ccc6a-84d2-466a-be91-9432e41a94f1
Request Chain 306
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3488006515469156000V10
Request Chain 307
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=12927d71-4ced-4778-9464-b42f91227243
Request Chain 353
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 355
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=60f66d7c3cd405ed&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMqpaMzA6jjANmDx7NAAAAAAA&expiration=1705885453&is_secure=true
Request Chain 356
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-b46dbnuoV4hSvw9r8PAlyKyLD02t8mIpu0KCMZFoTA
Request Chain 357
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Demxdgt.com%26id%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Demxdgt.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Request Chain 361
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 362
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LWThEMFdSRTJ1SkUuczBtcVBBV244YUliTUxBV2c4U35B
Request Chain 383
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2227546027579844602145
Request Chain 385
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zaxti78jkzqvZqfLnwLzmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHfeM5hSd2wr9IopGEKEhvc&google_cver=1
Request Chain 386
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zaxti78jkzqvZqfLnwLzmQAA%264193&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Zaxti78jkzqvZqfLnwLzmQAA%264193&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8c8855abf5bf41098e2cf5f002167e02 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2798585505725352149
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zaxti78jkzqvZqfLnwLzmQAAEGEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIW09Ut93rWEUaQKlJ1NE_4&google_cver=1
Request Chain 388
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&expiration=1708391053&gdpr=0&gdpr_consent=
Request Chain 391
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=009ba73f-4c41-4edb-aaa1-0a080c99f456&ssp=index&expires=30&user_group=5&bsw_param=f49ccc6a-84d2-466a-be91-9432e41a94f1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 392
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Request Chain 427
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dappnexus%26userId%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D&gdpr=&gdpr_consent= HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=appnexus&userId=2158602717580314586&gdpr=&gdpr_consent=&us_privacy=&gdpr=&gdpr_consent=
Request Chain 428
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEMEFBMUYtOUIwQS00RTkwLUJCQjEtOEVENDg1NzA4OUMy&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Request Chain 429
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D?gdpr=&gdpr_consent=&us_privacy=&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=grid&userId=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 430
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dtriplelift%26userId%3D$UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=triplelift&userId=2227546027579844602145&gdpr=&gdpr_consent=&us_privacy=
Request Chain 433
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3488006515469156000V10&gdpr=&gdpr_consent=&us_privacy=
Request Chain 435
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%5BUID%5D HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=sonobi&gdpr=&gdpr_consent=&us_privacy=&userId=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
Request Chain 438
  • https://bh.contextweb.com/bh/rtset?pid=563052&ev=1&us_privacy=${us_privacy}&gdpr=&gdpr_consent=&rurl=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpulsepoint%26gdpr%3D%24%7Buser.gdpr%7D%26gdpr_consent%3D%24%7Buser.consentStr%7D%26us_privacy%3D%24%7Buser.usPrivacy%7D%26userId%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.cootlogix.com/api/user?partnerId=pulsepoint&gdpr=${user.gdpr}&gdpr_consent=${user.consentStr}&us_privacy=${user.usPrivacy}&userId=9PS0nlhv1IqZ&ev=1&us_privacy=${us_privacy}&pid=563052&gdpr_consent=&gdpr=
Request Chain 462
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=51151705799052744673b2 HTTP 302
  • https://emx-match.dotomi.com/match/bounce/current?DotomiTest=510f724894b405ed&is_secure=true&networkId=46227&version=1&nuid=51151705799052744673b2 HTTP 302
  • https://e1.emxdgt.com/put?d=d48&uid=AAAMqpaMzA6jrgNa3-fDAAAAAAA&expiration=1705885454&nuid=51151705799052744673b2&is_secure=true
Request Chain 465
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=emx HTTP 302
  • https://e1.emxdgt.com/put?d=d35&uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
Request Chain 467
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D&_test=ZaxtlQAQBlfjLgBH
Request Chain 476
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%% HTTP 302
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=EuTcCbbZzRCv&pid=561594
Request Chain 477
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=a2a4f764-8e99-415e-b1f5-293d70c57410&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Request Chain 478
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=2158602717580314586&d=d1
Request Chain 482
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Request Chain 486
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429221422365
Request Chain 488
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f49ccc6a-84d2-466a-be91-9432e41a94f1
Request Chain 491
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=177f8272-30b0-4fb6-a4be-5f3821fc1ae8
Request Chain 492
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=3e252df9-dac8-4322-b3e8-cfc2a8315d6a&gdpr=0
Request Chain 493
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIxNDEyMzAtOTdGQy00N0ZGLUJGRTUtQkFCMDQzOTQ0RjEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 494
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2158602717580314586&gdpr=0&gdpr_consent=
Request Chain 495
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
Request Chain 502
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 539
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 541
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
Request Chain 542
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
Request Chain 543
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Request Chain 544
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
Request Chain 546
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
Request Chain 552
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%2C%2C
Request Chain 555
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
Request Chain 556
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
Request Chain 557
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Request Chain 558
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
Request Chain 560
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
Request Chain 566
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
Request Chain 569
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 581
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 582
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
Request Chain 583
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Request Chain 595
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 598
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Lf9Nc6hFRZKCLYx_47i76g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 599
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
Request Chain 602
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkRGRjRENzMtQTg0NS00NTkyLTgyMkQtOEM3RkUzQjhCQkVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 603
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOGWgF6_VPuIGq-3b_i7OEQ&google_cver=1
Request Chain 605
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
Request Chain 608
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2a4f764-8e99-415e-b1f5-293d70c57410&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 609
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 610
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF6DzX_SS5r4ZVbEXPaEHoE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 611
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D
Request Chain 613
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2227546027579844602145?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-r0o_kSFE2oSX3TY0kIePUc8Y4JZPGXM0spQqOzQSLw--~A&dongle=0883
Request Chain 616
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2158602717580314586&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dkdZNW5QZTNsN0ZHQklGQU9VaFlIQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAJbIw5kf2u_LRv6YlUJJfI&google_cver=1
Request Chain 621
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJNU1BMRkItMjUtSEFQUg==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqHCtmqvNSAYy4AMbdfZ3A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNU1BMRkItMjUtSEFQUg==&google_push=
Request Chain 622
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/en4CuXuoH45jLkahuRMIAcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-X.kAtRFE2oKdOlaA_QYcVicgjqNWMLc_jZPqZw--~A
Request Chain 623
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8w8DDYpNkI1bIK-zVNj4I&google_cver=1
Request Chain 624
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 625
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=&expires=30
Request Chain 626
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bqepVRFjQDWMHG4fjW0DgQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bqepVRFjQDWMHG4fjW0DgQ
Request Chain 627
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZkNjM1ZWRkNTVmNjI2YzMyOWVmMTVmOTA1NmZkZWIzNmI2NjU0Mw&us_privacy=1---
Request Chain 629
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 631
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRMSPLFB-25-HAPR&us_privacy=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMSPLFB-25-HAPR
Request Chain 632
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 633
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 634
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRMSPLFB-25-HAPR&redir=true&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRMSPLFB-25-HAPR&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kS2NLWG9ORTJ1RTNDTENmQi5xYUtQOXU3TjhqanNCQX5B&ovsid=LRMSPLFB-25-HAPR&dpid=58160&us_privacy=1---
Request Chain 635
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 636
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 639
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 641
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=2158602717580314586 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=2158602717580314586
Request Chain 645
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
Request Chain 647
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 665
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=20986&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Request Chain 670
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 671
  • https://ssc-cms.33across.com/ps/?_=1705799056831.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=212429221422365 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212429221422365
Request Chain 673
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1705799056831.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=cfc665ac-6d91-4c00-87ba-3050a858ed2a
Request Chain 674
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4%7EA&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 675
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=6df3ead976a023a7&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABzNAy0PximgN_hvA9AAAAAAA&expiration=1705885460&is_secure=true&us_privacy=
Request Chain 676
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2227546027579844602145 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2227546027579844602145&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 692
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
Request Chain 693
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YjVjMzZlNzktMjEzMy00ZmNkLWIwMDYtZWVhMDIxNmVmYzM2 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 694
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=48af09a9a0780511&is_secure=true&networkId=44410&version=1&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACGvkU-pRzKAM77Kw0AAAAAAA&expiration=1705885458&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 695
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212429221422365
Request Chain 700
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 702
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 704
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 707
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&nmuid=&us_privacy=1--- HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR
Request Chain 708
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=20986&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://ssp.wknd.ai/magnite-sync?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Request Chain 711
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LRMSPLFB-25-HAPR HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRMSPLFB-25-HAPR HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRMSPLFB-25-HAPR&ts=1705799060&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 713
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Request Chain 714
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Request Chain 715
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFRVN0xXTnNBQUJQcEdUYjhldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 716
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQBPOBiABd
Request Chain 722
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Request Chain 728
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Request Chain 729
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Request Chain 730
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Request Chain 731
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Request Chain 733
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQA7yBigBd
Request Chain 737
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qvt2npgs1Rrmg45&gdpr=0&gdpr_consent=
Request Chain 738
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59ec41b9466905ed&is_secure=true&networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-gwN6i5_mAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 744
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Request Chain 745
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Request Chain 746
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Request Chain 747
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Request Chain 749
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQB0bjMgBH
Request Chain 750
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16017d6524f505ed&is_secure=true&networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-hgMdqKYkAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 754
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mh9iFSOt1Rrmg55&gdpr=0&gdpr_consent=

768 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nj1015.com/thanksgetting-2023/
Redirect Chain
  • https://link.trenton.townsquarenewsletters.com/click/33344843.43397/aHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8/5bec3c4005e94e67f367c1e8B7d5e9d64
  • https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
211 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
44ec3ae5cf9a947dc48a0b016a8702f41d3e392ff78a1e0b9b46d44173b8bb39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
42075
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:03:47 GMT
etag
W/"34c64-w81x+aicAIKrAfbA9dI4nw"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
B
x-cache
MISS
x-content-type-options
nosniff
x-device
desktop
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-ua-device
desktop
x-varnish
365851832

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 01:03:46 GMT
location
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
server
Sailthru
x-robots-tag
noindex
base.css
nj1015.com/styles/desktop/ 		553 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/styles/desktop/base.css?ver=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4&livedesign=design_option_live-3
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
1756982eb654a274c9d64df3bc51a08b3bd66a8cf191f168e957efc3634bfbd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:48 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
20057
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
120967
last-modified
Fri, 19 Jan 2024 19:29:29 GMT
server
ECS (sac/256A)
etag
W/"8a577-HBsF5J2qwqq4xe8bXS8jGw"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
874034615
cache-control
no-cache,max-age=0
accept-ranges
bytes
main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js
townsquare.media/public/dist/desktop/ 		838 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2531) / Express
Resource Hash
c2ce35add78a9b68de1a358ce7fa05e3412e9f512ebc2204dec65242508393fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:50 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
20053
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
244848
last-modified
Wed, 10 Jan 2024 21:36:43 GMT
server
ECS (sac/2531)
etag
W/"d1648-18cf54e5f21"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
361095085
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
css
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
f968a7df841e8cb736584a22b1ba046a43fca39479240c7abdd92a1f709f26b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 01:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 00:39:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 01:03:50 GMT
osano.js
cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/ 		385 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
f4b04cff79b71d59b9bee863cbec83eec5d899355d9c1b29deb8f5df8df09b3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:52 GMT
content-encoding
br
via
1.1 f6860256b1898079de872f02c7f7a03c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90509
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jan 2024 22:34:42 GMT
server
CloudFront
etag
"6e37dc9c8396c1d397c73fd637b72444"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
fLPyHsLfDsb3QZ4524j7cfqThTzBe7hv_THb7CyxBiNyA5nIWE_ioQ==
script.js
cadmus.script.ac/d1180od816jent/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1180od816jent/script.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec17fff186e21c5cfd4c21b30eee0b8fb3c2f32cc71c15d9d04988042d6e80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:53 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2024 11:16:15 GMT
server
cloudflare
age
0
etag
W/"4f4dbdce5e5c8e2524e8bc9d4b29d7252a3ff2eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
848ba3d8ae7f6064-YVR
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
a874943ff664af6f14029d4ed8bb73b377c859dda7b29ad52beea846733ee5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29840
x-xss-protection
0
server
cafe
etag
655 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:03:55 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab0ae1a219545415f5e31daccc3730231951bd262fc4727a36f42a70352fa25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 21 Jan 2024 00:51:35 GMT
server
cloudflare
age
679
etag
W/"da4e91-7e27-60f6a1d77c0f0"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
848ba3e2dc6f2d72-YVR
expires
Sun, 21 Jan 2024 05:03:55 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 		390 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2517) / Express
Resource Hash
f2b758923154d24230301c92b66abb9edd79154f9891c5ca5a1eb5ef3c21c00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
age
17962
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
118168
last-modified
Sat, 20 Jan 2024 20:04:30 GMT
server
ECS (sac/2517)
etag
W/"61769-YohrN3CWppmEeDWZDipLgA"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-varnish
874518209, 874518207
accept-ranges
bytes
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:03:55 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21929
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"619578e938ea6244"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:03:55 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:55 GMT
content-encoding
br
x-cdn
fastly
etag
"62d32c28f14783b94192cd8d35bc010d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
203
delivery.js
assets.revcontent.com/master/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-105.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2666881b4ede4e0d6e634a6f1d50b98b78b01d359803da5e01908d9600d9bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:27:03 GMT
content-encoding
br
via
1.1 c5670948bece41c6bb9df947cb650b7e.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 17:26:58 GMT
server
AmazonS3
x-amz-cf-pop
YTO50-P1
age
27413
x-amz-server-side-encryption
AES256
etag
W/"2adc70d9454e2bf6d1178533cad2272f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gISs_AtnsJ4h-g9lV8053l0nFGq9CajlkVylRHiV7X33dav7ftAlXg==
nj1015b2.png
townsquare.media/site/385/files/2018/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/08/nj1015b2.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
b2a453513a60efac072fa1afebcec57b7f9891b50c36cfd514c338667e21bdcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
4433216
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
8352
last-modified
Thu, 08 Jun 2023 16:50:47 GMT
server
ECS (sac/256A)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
4181887227
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
attachment-Wegmans-Thanksgetting.jpg
townsquare.media/site/385/files/2022/11/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2022/11/attachment-Wegmans-Thanksgetting.jpg?w=980&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2520) / Express
Resource Hash
3ce9b27d921b29543b3aac0c8bc698040bf6993fbb505048f23ecee80d29621b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
10795802
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
168609
last-modified
Wed, 02 Nov 2022 20:46:16 GMT
server
ECS (sac/2520)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2262712218
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
cogitoergosum
nj1015.com/rest/high/api/ 		128 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/high/api/cogitoergosum
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
1ec4fc5438a13a88ea09a1618dcdfa922c66ae15dcac3d5755fdeb09313a1f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 21 Jan 2024 01:03:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"80-TEFgzbbFcHVAzMBVOu+MiOgD5c8"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
content-length
128
677fa678-e630-432f-8cdf-65f05d166264
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/677fa678-e630-432f-8cdf-65f05d166264
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:55 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kiad7000126-IAD
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
82185f1a61433c2b2f8d5cc3602120ae8fe369d40abb9ff15cfdc2c02bd66b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:03:55 GMT
content-md5
cK9jVW464zGqePAonqci3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
6uVIwfBFmbFlOwR0Usx3kXg4tHDEc1p27giXz8HA3xf8nkU+4UJWPG98NCapv84ETb0YcExvFmOhvmG4Ww+eDg==
x-fb-content-md5
2d97a1f0fba5100e92e7e89b1c9496c6
cross-origin-opener-policy
same-origin-allow-popups
etag
"ec1677dd760a2e026ee360cb973ab14a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:23:51 GMT
NJ1015_bg-2.jpg
townsquare.media/site/385/files/2018/06/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/06/NJ1015_bg-2.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4&livedesign=design_option_live-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2575) / Express
Resource Hash
5f73aa06d8df02a1b0fa5441cbcae3f93edb479c92a8b1c2ddf5d92dfa72d578
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:54 GMT
via
1.1 varnish
age
18342306
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
159180
last-modified
Thu, 05 May 2022 01:32:26 GMT
server
ECS (sac/2575)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1332503227 1305008416
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		247 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e68ac90135ae1cbddfbae659fef33f34ac2bb2b7d0b714fee67222762608e649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78679
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jan 2024 01:03:55 GMT
/
cdn.production.townsquareblogs.com/aleph/ Frame 67FA 		2 KB
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/aleph/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2508) / Express
Resource Hash
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
141
cache-control
public, max-age=0
content-encoding
gzip
content-length
708
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 01:03:55 GMT
etag
W/"7dd-17eb77f56cd"
last-modified
Tue, 01 Feb 2022 22:54:42 GMT
server
ECS (sac/2508)
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
HIT
x-powered-by
Express
x-varnish
365811713 365811683
nj-header-bg.jpg
townsquare.media/site/385/files/2018/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/08/nj-header-bg.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4&livedesign=design_option_live-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2526) / Express
Resource Hash
51e2529e6e1b696560e8ce848486e41cc52e9952c0b4c3a7e3aab27b13364e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
4433248
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
2688
last-modified
Thu, 05 May 2022 01:32:23 GMT
server
ECS (sac/2526)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
4181881264
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
nj1015b2.png
townsquare.media/site/385/files/2018/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/08/nj1015b2.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4&livedesign=design_option_live-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
b2a453513a60efac072fa1afebcec57b7f9891b50c36cfd514c338667e21bdcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
4433221
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
8352
last-modified
Thu, 08 Jun 2023 16:50:47 GMT
server
ECS (sac/256A)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
4181887227
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
cogitoergosum
nj1015.com/rest/high/api/ 		128 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
239c6f76baaae5d44dea80b232c15f466498444a2d2c52b2d216b386407cf5d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"80-7T3WLoYQQXTD3RX1+xhrM982SFE"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
content-length
128
chunk-4.16e2355a4e5ac7c4c318.1704921818134.js
nj1015.com/public/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-4.16e2355a4e5ac7c4c318.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2520) / Express
Resource Hash
112f6dff031ffd03233fc810ceb97d018becd8cfeea490490693d53f73e2bada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1806
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2520)
etag
W/"10d5-18cf54e676a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763685
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-22.a853a02a028e57c77322.1704921818134.js
nj1015.com/public/dist/chunks/ 		665 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-22.a853a02a028e57c77322.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2531) / Express
Resource Hash
656eedabc5f352ea799897a41ffba91cdcaadd828b70813d48754eb3e0a30710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
665
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2531)
etag
W/"299-18cf54e6281"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763575
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-19.c7bf8fe311e227734ae8.1704921818134.js
nj1015.com/public/dist/chunks/ 		859 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-19.c7bf8fe311e227734ae8.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2538) / Express
Resource Hash
9409c8a0dabb9655efdbd466720b12c77f2c130319a36a749d6e8feb459e0061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12349
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
859
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2538)
etag
W/"35b-18cf54e6528"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763606 875756925
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-21.8c96b2318bc032f19570.1704921818134.js
nj1015.com/public/dist/chunks/ 		690 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-21.8c96b2318bc032f19570.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2552) / Express
Resource Hash
2abd3643ec212061e1e2487227015f22ac9df27a47ed41448958dad46acd5f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
690
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2552)
etag
W/"2b2-18cf54e6766"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825709
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-20.1be79a7c46ba0a0fe273.1704921818134.js
nj1015.com/public/dist/chunks/ 		1023 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-20.1be79a7c46ba0a0fe273.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2552) / Express
Resource Hash
28aef22c9fff6969f23e3ce54b4ef67a95891b2a84e53c1b02043325dc78a4a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1023
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2552)
etag
W/"3ff-18cf54e6861"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825758
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-44.7ff56611abf8ee8b7f9e.1704921818134.js
nj1015.com/public/dist/chunks/ 		1 KB
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-44.7ff56611abf8ee8b7f9e.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
6289fbb97d9e326c4af9f7194fd1d8dfc406275010bfc5c7a6e0194549e2ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12325
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
592
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/256A)
etag
W/"46b-18cf54e6285"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763639 875762842
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-32.96407e69c97faff3fa7b.1704921818134.js
nj1015.com/public/dist/chunks/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-32.96407e69c97faff3fa7b.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2562) / Express
Resource Hash
32c3f0d651e0628cd956db00e636b2d0c4dd87f46368d7477c6e3814d2db4e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12355
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
12132
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2562)
etag
W/"a0d0-18cf54e6281"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763586 875755429
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-14.e14d0419c4a7e4d67602.1704921818134.js
nj1015.com/public/dist/chunks/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-14.e14d0419c4a7e4d67602.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2555) / Express
Resource Hash
c36bf9bc830116dfdeb783c8654c8f9e6614e376ba88b9f59a29db4056d65faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7996
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2555)
etag
W/"67ba-18cf54e627d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825724
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-52.c001e8e2946fbcf6daeb.1704921818134.js
nj1015.com/public/dist/chunks/ 		961 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-52.c001e8e2946fbcf6daeb.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
964528750814b7f250ebd2fc129b6ba7001fd1205c079fe78d31720e1ac42e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12325
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
961
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/256A)
etag
W/"3c1-18cf54e652c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825718 362825023
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-31.cf60b8974bbaaa01a678.1704921818134.js
nj1015.com/public/dist/chunks/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-31.cf60b8974bbaaa01a678.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2569) / Express
Resource Hash
c1d9714fc9d35dc8b130121b4db311a5f3acfed6f27d84779ff05701e737723a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12344
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
6237
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2569)
etag
W/"3a63-18cf54e6528"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875803895 875758148
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-53.2fb19515fc3e0d1e9288.1704921818134.js
nj1015.com/public/dist/chunks/ 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-53.2fb19515fc3e0d1e9288.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2542) / Express
Resource Hash
1a2648d2251fa3a298cb7d96b88a61b89b455db623072382532e71f96eeba634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12344
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
638
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2542)
etag
W/"5a4-18cf54e6285"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875786209 875758149
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-34.7859a4be4e91254043af.1704921818134.js
nj1015.com/public/dist/chunks/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-34.7859a4be4e91254043af.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2544) / Express
Resource Hash
f153a14717db34b5174b73824ba45c5678c7e6e6d939ccf3b3f3d18ce0988598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
47031
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16136
last-modified
Wed, 10 Jan 2024 21:36:43 GMT
server
ECS (sac/2544)
etag
W/"c04c-18cf54e5e59"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
354843156
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-35.14fc80f37e6c5a63c6e0.1704921818134.js
nj1015.com/public/dist/chunks/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-35.14fc80f37e6c5a63c6e0.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dab/4B67) / Express
Resource Hash
424248a20db7dfa231489ae4eefd05563d2cf4b39d96fe8049244439be5f633a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12891
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
10964
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (dab/4B67)
etag
W/"9c6f-18cf54e6285"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875627674
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-28.425c7c4844937f984b06.1704921818134.js
nj1015.com/public/dist/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-28.425c7c4844937f984b06.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
deeab3e089718b6836db56aa1c3592e3a3aa04efcd335186642846a233b990fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12155
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2053
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/256A)
etag
W/"12f5-18cf54e6528"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875803898
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-3.d34ab6b1a6a620a17dd9.1704921818134.js
nj1015.com/public/dist/chunks/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-3.d34ab6b1a6a620a17dd9.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/257F) / Express
Resource Hash
cb4c12362b5ef03557f68bfa03f27a50b01423063d69509ea9934f2ce22ac4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12325
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
8176
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/257F)
etag
W/"6560-18cf54e6281"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362848356 362825076
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-48.c79c4668611fd6d8af56.1704921818134.js
nj1015.com/public/dist/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-48.c79c4668611fd6d8af56.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2544) / Express
Resource Hash
130c1f6344ef81ce8ad11bbdfb17e6e2d53042b9e6b90af3adc5f582fe50597d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1004
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2544)
etag
W/"969-18cf54e676a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362836529 362825805
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-18.91101d93831e59023ba8.1704921818134.js
nj1015.com/public/dist/chunks/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-18.91101d93831e59023ba8.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2552) / Express
Resource Hash
e6a678518ac5c2d2ae9245f6d89fa9afeb5c2e790f25d4b12f6c36d2acea97ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12349
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16838
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2552)
etag
W/"10459-18cf54e6861"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763638 875756934
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-15.ad439d4680fa2cecae34.1704921818134.js
nj1015.com/public/dist/chunks/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-15.ad439d4680fa2cecae34.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2542) / Express
Resource Hash
467f5a05f4f8cb5dcb01d06d9e563a1598de54ede7d28788ad15b65477aa781d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12322
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
13809
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2542)
etag
W/"dea5-18cf54e685d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763622
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-11.439f24c89800226d34f1.1704921818134.js
nj1015.com/public/dist/chunks/ 		986 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-11.439f24c89800226d34f1.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2569) / Express
Resource Hash
c574041f943d6b8e5ba9ad3fd40d9f33926ee061e2e83a48c728e088bc28b499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12349
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
986
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2569)
etag
W/"3da-18cf54e627d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825776 362819409
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-12.6d13bc171f680b952d1a.1704921818134.js
nj1015.com/public/dist/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-12.6d13bc171f680b952d1a.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2517) / Express
Resource Hash
5e7f72175da1c4149b90b734a736bb8e7ce87a60fc07dcc9e8b2c12d411c1831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:57 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12349
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1477
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2517)
etag
W/"dee-18cf54e6524"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875763577 875756939
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
610865413ce4c37a292b22ffee4f1be1b898478e3273564d6fcb662b0fff0a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51191
x-xss-protection
0
server
cafe
etag
5021163758800714523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 21 Jan 2024 01:03:59 GMT
/
nj1015.com/internal-ad-api/ 		2 KB
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/internal-ad-api/?kw[]=townsquarenewsstaff&kw[]=thanksgetting-2023&kw[]=contests&kw[]=news-nj&kw[]=vip&kw[]=no-gallery&kw[]=pagetype-post&kw[]=post-1172924&kw[]=hasonair&kw[]=device-desktop
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
19cbb74a471bd001d99029ebc4dcdc50087d13dff8cbd9d7b278aac17303e669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:03:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
0
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
895
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-varnish
365854591
accept-ranges
bytes
attachment-Wegmans-Thanksgetting.jpg
townsquare.media/site/385/files/2022/11/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2022/11/attachment-Wegmans-Thanksgetting.jpg?w=980&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2520) / Express
Resource Hash
3ce9b27d921b29543b3aac0c8bc698040bf6993fbb505048f23ecee80d29621b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
10795809
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
168609
last-modified
Wed, 02 Nov 2022 20:46:16 GMT
server
ECS (sac/2520)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2262712218
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
cogitoergosum
cdn.production.townsquareblogs.com/rest/high/api/ Frame 67FA 		128 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
9390d21998777f226e885b7866ac6f6ef03e65c571580a4a9144e9267359140e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cdn.production.townsquareblogs.com/aleph/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 21 Jan 2024 01:03:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"80-bkqYYbR1H3VBm1G7c980UjWc53s"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
carbon
content-length
128
logo.jpg
townsquare.media/site/385/files/2018/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/04/logo.jpg?w=300&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2542) / Express
Resource Hash
4b9c2f01a76c804d7a74859c42f52e9333303fc3b5b80abf63a214dfd3a80bd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:03:58 GMT
via
1.1 varnish
age
17850838
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12138
last-modified
Wed, 14 Jun 2023 20:40:06 GMT
server
ECS (sac/2542)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
900583767
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
/
cmp.osano.com/ Frame 213C 		0
0
/
cmp.osano.com/ Frame 213C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
23115
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Sat, 20 Jan 2024 18:38:44 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 f6860256b1898079de872f02c7f7a03c.cloudfront.net (CloudFront)
x-amz-cf-id
2ytKHNSEpt2FCjNXgj5gFuq5O3Kf64iWoxYg_xE6xornQtIVa25HAw==
x-amz-cf-pop
IAD12-P2
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
osano-ui.js
cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano-ui.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
797f8dd85fad9cd385ae08796fd183104959540f9238e88148a8eabdf575f5ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
u7WF8imuhN6UuMNjmUf8P9T5rIAAVLjg
content-encoding
gzip
via
1.1 f6860256b1898079de872f02c7f7a03c.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 00:30:32 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P2
age
2007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jan 2024 22:34:42 GMT
server
AmazonS3
etag
W/"13ffe6c85ecf67701d3a3155090cd79f"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, no-transform, public
x-amz-cf-id
p2GBJYcp_JPJwPcm2YRkFtnPnWV74zbJp_W-5_ma4MGepAO4MyrxrA==
en-ca.json
cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/en-ca.json
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfa5a63d1e48b09a9835fc81cd3ab92981ece7f7ff19338d9afbd51ad9c7f746
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 20 Jan 2024 20:49:12 GMT
x-content-type-options
nosniff
x-amz-version-id
7C6DcowgienFTS4QVxAbTNXO6zzG4XuW
content-encoding
br
via
1.1 33aa60037dccf2345c8ade9dffbf1192.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
age
15288
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jan 2024 22:34:42 GMT
server
AmazonS3
etag
W/"0cb7207f9906e0273667df430f5fa340"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, no-transform, public
vary
Accept-Encoding
x-amz-cf-id
FmdNQ_p8HztY9v7r-NQMnkmUMGVbfbx2ClhlVV_XJO_VGHMn7212-Q==
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
f968a7df841e8cb736584a22b1ba046a43fca39479240c7abdd92a1f709f26b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 01:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 00:42:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 01:03:58 GMT
sdk.js
connect.facebook.net/en_US/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=6cc1e566680465c254cc1436ee7ac4c1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
3608f5e06c52930fac7e601c61b487c88e844d75f48c33fe6558db42247d1010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nj1015.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:03:58 GMT
content-md5
baUEiqtJO0AC8UZAjj/zyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88390
reporting-endpoints
x-fb-debug
BxUg5rw4EKECILvTX8fEkaT7KHX1RhOgxi/f3JzBRtvxciqwuPYDNIZ3hEpxxSUe8Fyw9cxIHvoOs0bn9QqOMQ==
x-fb-content-md5
af86abd63f666e644da9020392d8b20d
cross-origin-opener-policy
same-origin-allow-popups
etag
"057139f18dce9ae17d340484af3e40cd"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 19 Jan 2025 23:50:31 GMT
en-ca.json
cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/en-ca.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 21 Jan 2024 01:03:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-id
Q2yeuvEKs6n5qhYSZBnkcmbcs4GOEB-LQqJh1YIc6A0DoQxANsSdqA==
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2fdad072-d49d-4e4b-9517-4382308f9c56
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/2fdad072-d49d-4e4b-9517-4382308f9c56
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 02:16:47 GMT
x-content-type-options
nosniff
age
254833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 02:16:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 02:36:54 GMT
x-content-type-options
nosniff
age
253626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 02:36:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 02:36:58 GMT
x-content-type-options
nosniff
age
253622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 02:36:58 GMT
76963a13-b26f-426a-8f06-96cf66acedcb
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/76963a13-b26f-426a-8f06-96cf66acedcb
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
1db18638-ee04-4a07-95f0-3643a2fdec66
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/1db18638-ee04-4a07-95f0-3643a2fdec66
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
1121fb16-4f97-4bf3-8df4-f4f44960d520
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/1121fb16-4f97-4bf3-8df4-f4f44960d520
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
cogitoergosum
nj1015.com/rest/high/api/ 		22 B
88 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:04:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
content-length
22
chunk-51.619b34cfa0c414924319.1704921818134.js
nj1015.com/public/dist/chunks/ 		761 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-51.619b34cfa0c414924319.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2526) / Express
Resource Hash
9b70178fef5a402424fbc219d85a0c3100af3a82ac12a0b771ab4c722bcc5f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
12362
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
761
last-modified
Wed, 10 Jan 2024 21:36:43 GMT
server
ECS (sac/2526)
etag
W/"2f9-18cf54e5e59"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362825862 362817226
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
/
nj1015.com/rest/carbon/api/vip/sweeps/widgets/65415988d7983135397ee393/ 		32 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/carbon/api/vip/sweeps/widgets/65415988d7983135397ee393/
Requested by
Host: nj1015.com
URL: https://nj1015.com/public/dist/chunks/chunk-35.14fc80f37e6c5a63c6e0.1704921818134.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
b4cf27f0514b398a78fb23a7780b062eabafb859ba3c2eb87f98ad8f14d481b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"800a-dMmYvI/lcYpW4Mv7KvA79PZ6Kow"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
64be966e5c71ca65dec8b499
nj1015.com/rest/carbon/api/gallery/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/carbon/api/gallery/64be966e5c71ca65dec8b499
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
9dc7fe9d1bd504ce36e311e7007ad3ae44ea8a71a8ccdc4d96dab614efb4e4e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"19be-5SRqwdw4KiuRNqsNVxFCzSFhDWQ"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
645a69a06995aa3ef95a3357
nj1015.com/rest/carbon/api/gallery/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/carbon/api/gallery/645a69a06995aa3ef95a3357
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
d713cbae8110407274fed9bbc1bbd47cc0fc78c9645295e0d0d7351a02aa10a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"194a-ToO73kJYUGC3E2hx5wpcDPxUWVQ"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
640a18cc9c2202217bcc818f
nj1015.com/rest/carbon/api/gallery/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/carbon/api/gallery/640a18cc9c2202217bcc818f
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
885c77fcf69ba04964985f7c01843fa692198b271f8b9466000006f3e8a247f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"2897-lyFrGJahg58cbH+5G7NxzGpWNDI"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
nj1015-promo.jpg
townsquare.media/site/385/files/2018/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2018/01/nj1015-promo.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/styles/desktop/base.css?ver=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4&livedesign=design_option_live-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2552) / Express
Resource Hash
7b0bb9cd525a386744d13b2034574f2e2d33ecf2926f8b98134511bfee225968
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:04:00 GMT
via
1.1 varnish
age
26463680
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
3348
last-modified
Mon, 02 May 2022 16:16:22 GMT
server
ECS (sac/2552)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3859254997
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
attachment-vasilina-sirotina-59S8qiyCohE-unsplash.jpg
townsquare.media/site/394/files/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/394/files/2024/01/attachment-vasilina-sirotina-59S8qiyCohE-unsplash.jpg?w=300&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/251D) / Express
Resource Hash
19d22056f0f273216d4435938e1fa2a68d6ac5360312d2786db281a9477e4efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
229111
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
29545
last-modified
Thu, 18 Jan 2024 09:24:49 GMT
server
ECS (sac/251D)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
827574811
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
3673d8a7-dccb-4ce4-8d95-bcdac5127eea
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/3673d8a7-dccb-4ce4-8d95-bcdac5127eea
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-13.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:03 GMT
content-encoding
gzip
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"e948714383ee3a6ce71fba0a9cce1448"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
30732
x-amz-cf-id
vEMqYLt6kU1E7Xpg1GoMmB9PzoyM_TSh7t2-VVDOQ0upozTsOwxVuA==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Sun, 21 Jan 2024 01:04:02 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
9VKTNVPFV7W344D7
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
0wZeppYlnjKqRsx9T5yGA2OLeKEc6MNURztf3PB6sv7LZYZ3Lwx+FCSv336V4tvRlVCXNNzTImk=
attachment-NJ_Shore_Hankensack_970x100_Page-Header-Desktop.jpg
internal-ads.production.townsquareblogs.com/files/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internal-ads.production.townsquareblogs.com/files/2022/01/attachment-NJ_Shore_Hankensack_970x100_Page-Header-Desktop.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.152.143.250 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / Express
Resource Hash
0fb0405035e03b2fdd4e78a324055ac035255ba429a235c28b73416fd0e3f757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
Date
Sun, 21 Jan 2024 01:04:02 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
112504
x-powered-by
Express
X-Cache
HIT
x-carbon-image
compressed-gm
X-UA-Device
desktop
Connection
keep-alive
Content-Length
15951
X-Device
desktop
last-modified
Tue, 30 May 2023 17:20:23 GMT
Server
nginx
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
access-control-allow-origin
*
X-Varnish
365855749 340471435
cache-control
max-age=1209600,s-maxage=31536000
Accept-Ranges
bytes
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 7F05 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnj1015.com
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:02 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kiad7000126-IAD
22d71937-ba9c-487c-b874-ac73b40937eb
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/22d71937-ba9c-487c-b874-ac73b40937eb
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
041b208e087d4812d0f496ce51e1e5291143a4d5c0e88e11415760cd979e1e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91769
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:02 GMT
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9ET8PCMQTR&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c827aa566d8faa54ed7bea617ecad6a7c19e15af9d7a456e3e4ed27e53eff231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84530
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:02 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9X9M7SL1M&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4b5576b0960e5166d7fbe25664c3fd43631b0ff09d2153bc41908f0dc77d3fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:02 GMT
/
cmp.osano.com/ Frame 765F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
23119
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Sat, 20 Jan 2024 18:38:44 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-amz-cf-id
lcKKXtjvPgfjqZJFBFD3IXG7ZrmKSvq4w9M03WpXUpYI5bzAMBpi6Q==
x-amz-cf-pop
IAD12-P2
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:04:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21929
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"619578e938ea6244"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:02 GMT
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-94.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 21 Jan 2024 01:04:03 GMT
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
x-amz-apigw-id
R3YMnFR5oAMEliw=
x-amz-cf-id
KBJSGoaNsMtgYbf3-j14XY5CqGnjSLAh1dxxfy1Um_8pftoT4t8f5A==
x-amz-cf-pop
YUL62-C1
x-amzn-requestid
e76a311c-2e72-4237-97cb-633be6f5ce5b
x-cache
Miss from cloudfront
script.js
cadmus.script.ac/d1180od816jent/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1180od816jent/script.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec17fff186e21c5cfd4c21b30eee0b8fb3c2f32cc71c15d9d04988042d6e80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2024 11:16:15 GMT
server
cloudflare
age
0
etag
W/"4f4dbdce5e5c8e2524e8bc9d4b29d7252a3ff2eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
848ba41a9c656064-YVR
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e79a6ef2ebaa23fd42e743fcddedc0e894975889e59ab9dde2d90faf802a3c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29840
x-xss-protection
0
server
cafe
etag
881 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:04 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab0ae1a219545415f5e31daccc3730231951bd262fc4727a36f42a70352fa25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 21 Jan 2024 00:51:35 GMT
server
cloudflare
age
688
etag
W/"da4e91-7e27-60f6a1d77c0f0"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
848ba41ba9eb2d72-YVR
expires
Sun, 21 Jan 2024 05:04:04 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:09:22 GMT
content-encoding
gzip
via
1.1 d9057c384f4ac5ba2672d2ff44de7e08.cloudfront.net (CloudFront), 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
3284
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
8xV2V0ZrEoUSDqYXYmhmEHleY4x3s0IwjIHytCaXOAouqcHwboZC5g==
delivery.js
assets.revcontent.com/master/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-105.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2666881b4ede4e0d6e634a6f1d50b98b78b01d359803da5e01908d9600d9bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:27:03 GMT
content-encoding
br
via
1.1 c5670948bece41c6bb9df947cb650b7e.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 17:26:58 GMT
server
AmazonS3
x-amz-cf-pop
YTO50-P1
age
27422
x-amz-server-side-encryption
AES256
etag
W/"2adc70d9454e2bf6d1178533cad2272f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7X30ttgKL3bqBYdvQjlD_JttECxJ4N0gzfLjiiMpkELHbQ9mlz2aOA==
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.19091629079380534
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
content-encoding
br
x-cdn
fastly
etag
"3725764cf05d1a0938de73d398772331"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
18679
record
consent.api.osano.com/ 		0
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-94.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amzn-trace-id
Root=1-65ac6d84-544d086326754643426bcb10
x-amzn-requestid
892c4435-ee4f-42b2-a558-c1e407f8ecf4
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
R3YMuFphoAMEr4A=
x-amz-cf-id
kWDWa_c606FTf65AGvsamYnDFN137GfYsO3IUPUAvnAD7-a8E8NpZA==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1096102534197907&input_token&origin=1&redirect_uri=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6cc1e566680465c254cc1436ee7ac4c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security
max-age=15552000; preload
date
Sun, 21 Jan 2024 01:04:03 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
6RoGbsJwGeXSmMlReiWUlmxxmai1xim1pZ3ZCF12xXA7couYZn8snGW45wRaDsO/EPVkEF7/YSaoKCxGNXnIRA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
embed.js
www.instagram.com/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/embed.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
31.13.66.174 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
instagram-p42-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
2f969e4a9dca14e00f06efb32ff03e90cf29be2062651999cbec085a765951f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000
content-encoding
br
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:04:06 GMT
content-md5
+Ofji5LCxuMoIZ1DloZlAw==
document-policy
force-load-at-top
edge-control
cache-maxage=1200s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19723
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug
6d/ktwcwGmkqV+9WAYybmNBPU6WkDE3RR5+S3eOnBjlX1ACb1xCRu8hLTlmLwQU/GZBPZOfyH/gqt89zKcyJAw==
x-fb-content-md5
e91e02c83f4398aa89712c7d8e1489bb
cross-origin-opener-policy
same-origin-allow-popups
etag
"e35740ee6d87aefe7974e74256a36641"
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:24:06 GMT

Redirect headers

location
https://www.instagram.com/embed.js
date
Sun, 21 Jan 2024 01:04:05 GMT
server
proxygen-bolt
content-length
0
content-type
text/plain
cogitoergosum
nj1015.com/rest/high/api/ 		22 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
content-length
22
attachment-my-project-1-2023-07-24t102921-861.jpg
townsquare.media/site/385/files/2023/07/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2023/07/attachment-my-project-1-2023-07-24t102921-861.jpg?w=980&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2538) / Express
Resource Hash
bf1b29085b99c85c5948f20a9f2e9360ac853799191d0290dfbcdcb320223aa8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:04 GMT
via
1.1 varnish
age
15585690
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
120458
last-modified
Mon, 24 Jul 2023 15:32:44 GMT
server
ECS (sac/2538)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1890320993
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
chunk-8.f77ae1b2dd170e095c06.1704921818134.js
nj1015.com/public/dist/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-8.f77ae1b2dd170e095c06.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2508) / Express
Resource Hash
342a2d7c17220a9f5e2758502a5004dc3ecaf67d6a118774ebc8055728183282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12325
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1184
last-modified
Wed, 10 Jan 2024 21:36:44 GMT
server
ECS (sac/2508)
etag
W/"c5f-18cf54e6530"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875770692 875764863
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-13.292daae475a3a3553f25.1704921818134.js
nj1015.com/public/dist/chunks/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-13.292daae475a3a3553f25.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/256A) / Express
Resource Hash
8c04edb7566feeb2a539aef8a0b151dd87bf1ec1be1705252fb0fdb2d8b3a1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
12300
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
6885
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/256A)
etag
W/"6a73-18cf54e6762"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
362832678
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
chunk-2.62dc5c5f50c4bb3d2e00.1704921818134.js
nj1015.com/public/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/public/dist/chunks/chunk-2.62dc5c5f50c4bb3d2e00.1704921818134.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2520) / Express
Resource Hash
62b6bb20f5167449fc8274832a8104143627776a33c26efaa119b16150ac651a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
13789
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1888
last-modified
Wed, 10 Jan 2024 21:36:45 GMT
server
ECS (sac/2520)
etag
W/"11ee-18cf54e6861"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
875796641 875436382
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
fpc
at.teads.tv/ 		56 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_19545&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.193.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-193-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8f673c66255684d2833552c3f07543a23c8f31ab78e405842dd483c6ef3a3ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:04 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://nj1015.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
56
Expires
Sun, 21 Jan 2024 01:04:04 GMT
settings
syndication.twitter.com/ Frame 7F05 		870 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6192b2daaa847dbcadb5844f7c0a7f5c29980bfb
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnj1015.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_p /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
6
date
Sun, 21 Jan 2024 01:04:03 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sun, 21 Jan 2024 01:04:03 GMT
server
tsa_p
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
bea703cd5ad774c6
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
76d3f0e33ccf2dcb6454245a8c97c1df95a3325d69f54762e6aeaea8ac619c38
content-length
338
bmoxMDE1LmNvbQ==
static.solutionshindsight.net/assets/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/bmoxMDE1LmNvbQ==
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-13.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1be6ef3faa268b35446e3348d53c352298972b9188169a896dae69f233c36ff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 01:04:05 GMT
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 01 Dec 2023 19:08:50 GMT
server
AmazonS3
etag
W/"444d3a7ec49c244604624eeb04f87ee1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
0UqODdqBHkcR7H5iQNFHRe07FGtOnHU0WEazfQ8mCgK8ErQRZRY56w==
collect
analytics.google.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NZRGD1BLM6&gtm=45je41h0v893359007z877143010&_p=1705799034439&_gaz=1&gcs=G111&gcd=11r1v1r1r6&dma=0&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_s=1&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&en=page_view&_fv=1&_nsi=1&_ss=1&ep.call_sign=WKXWFM&ep.site_classification=Local&ep.genre=news-talk&ep.market=Trenton&ep.site_type=Local&ep.tags=thanksgetting-2023%2Cvip%2Cno-gallery&ep.categories=contests%2Cnews-nj&ep.gtm_version=72&ep.page_type=post&ep.author=townsquarenewsstaff&ep.publish_date=2023-11-05%2016%3A28%3A48.000%2B0000&ep.anonymize_ip=true&ep.blogId=385&ep.postId=1172924&ep.content_id=385%7C1172924&ep.content_type=post&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&tfd=18167
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1B654B07SV&gtm=45je41h0v893359007z877143010&_p=1705799034439&_gaz=1&gcs=G111&gcd=11r1v1r1r6&dma=0&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_s=1&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&en=page_view&_fv=1&_nsi=1&_ss=1&ep.call_sign=WKXWFM&ep.site_classification=Local&ep.genre=news-talk&ep.market=Trenton&ep.site_type=Local&ep.tags=thanksgetting-2023%2Cvip%2Cno-gallery&ep.categories=contests%2Cnews-nj&ep.gtm_version=72&ep.page_type=post&ep.author=townsquarenewsstaff&ep.publish_date=2023-11-05%2016%3A28%3A48.000%2B0000&ep.anonymize_ip=true&ep.blogId=385&ep.postId=1172924&ep.content_id=385%7C1172924&ep.content_type=post&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&tfd=18167
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je41h0v893359007z877143010&_p=1705799034439&_gaz=1&gcs=G111&gcd=11r1v1r1r6&dma=0&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_s=1&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&en=page_view&_fv=1&_nsi=1&_ss=1&ep.call_sign=WKXWFM&ep.site_classification=Local&ep.genre=news-talk&ep.market=Trenton&ep.site_type=Local&ep.tags=thanksgetting-2023%2Cvip%2Cno-gallery&ep.categories=contests%2Cnews-nj&ep.gtm_version=72&ep.page_type=post&ep.author=townsquarenewsstaff&ep.publish_date=2023-11-05%2016%3A28%3A48.000%2B0000&ep.anonymize_ip=true&ep.blogId=385&ep.postId=1172924&ep.content_id=385%7C1172924&ep.content_type=post&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&tfd=18167
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=190849881.1705799044&gtm=45je41h0v893359007z877143010&aip=1&dma=0&gcs=G111&gcd=11r1v1r1r6
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=190849881.1705799044&gtm=45je41h0v893359007z877143010&aip=1&dma=0&gcs=G111&gcd=11r1v1r1r6&z=1351149849
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R9X9M7SL1M&gtm=45je41h0v9122473698z877143010&_p=1705799034439&_gaz=1&gcs=G111&gcd=11r1r1r1r5&dma=0&cid=190849881.1705799044&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&en=page_view&_fv=1&_ss=1&ep.featuredTag=&ep.featuredTagType=artist&ep.tags=thanksgetting-2023%2Cvip%2Cno-gallery&ep.categories=contests%2Cnews-nj&ep.author=townsquarenewsstaff&ep.market=Trenton&ep.network=Local&ep.genre=news-talk&ep.timeOfDay=Afternoon%20Drive&ep.containsWidget=false&ep.anonymize_ip=true&tfd=18709
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R9X9M7SL1M&cid=190849881.1705799044&gtm=45je41h0v9122473698z877143010&aip=1&dma=0&gcs=G111&gcd=11r1r1r1r5
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R9X9M7SL1M&cid=190849881.1705799044&gtm=45je41h0v9122473698z877143010&aip=1&dma=0&gcs=G111&gcd=11r1r1r1r5&z=652634672
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		253 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
61fbffcb29f05ad83ad861be376134b4e710e21a86faaed8948e4f1941c4aba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88767
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 16:15:00 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		740 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
9baf429d0489f1220480eb2b4567f360827304feec569746483c3d66f4c49497
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 16:17:35 GMT
36f03c76-06af-4636-9665-f2ff78292aae
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/36f03c76-06af-4636-9665-f2ff78292aae
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2620
x-served-by
cache-iad-kiad7000126-IAD
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
subscribe_embed
www.youtube.com/ Frame 1B9C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
ESF /
Resource Hash
01c3a1eff29fdb06c7d871d6910f6d287124d315f51276ca7e3020e9e274415a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="youtube_main"
date
Sun, 21 Jan 2024 01:04:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
80492277-6aaf-4db8-897d-f2bf33dab0fe
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/80492277-6aaf-4db8-897d-f2bf33dab0fe
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
tag
btloader.com/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e4abd1032a0417a8f48845687cd41c7951bf67361ee6ab9f35532363f729a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 21 Jan 2024 00:05:47 GMT
server
cloudflare
age
3485
etag
"fefca694f8afeb7ba8195825640ab3c9"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
848ba421ef701372-YVR
content-length
25066
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:04:04 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 21 Jan 2024 01:04:04 GMT
server
nginx/1.21.6
via
1.1 google
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 15:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
33569
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138162
x-xss-protection
0
server
cafe
etag
1666572220375911148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 Jan 2025 15:44:36 GMT
wp-banners.js
static.solutionshindsight.net/teju-webclient/ 		264 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-13.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
gzip
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"bfd90e72f071d7e0a81d7e0bac6ce9a0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
Vrv-DIEXhf-NultjrWYvAJs3UXH-8PfVapWD0I1lk75BqBXrybByYA==
identity
api.rlcdn.com/api/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
aa39c5d9ff00c78634620d90de4e522d1f27a6fb61ded4cc41ced7137a071c13

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 20 Feb 2024 01:04:05 GMT
cef40b79-e14f-4620-9d5c-29dce97eede1
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/cef40b79-e14f-4620-9d5c-29dce97eede1
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
626e996e-b3ca-4ca4-b98e-106f557cd721
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/626e996e-b3ca-4ca4-b98e-106f557cd721
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=85678
accept-ranges
bytes
content-length
68444
expires
Mon, 22 Jan 2024 00:52:03 GMT
/
trends.revcontent.com/api/demand/ 		650 B
908 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=277567&us_privacy=1---
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f63564672e9e9e8a4dfc808a923f6d87d30bc6a4bb432e35b6bdbe1cbb262f96
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:05 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
650
sync
trends.revcontent.com/ 		0
0
/
trends.revcontent.com/api/demand/ 		650 B
907 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=277568&us_privacy=1---
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
18e1d767716d5bab2fd107598de710d504fb9356dc92ba10320e5968c3c7e238
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:05 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
650
sync
trends.revcontent.com/ 		0
0
cogitoergosum
nj1015.com/rest/high/api/ 		22 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nj1015.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.95116bc74f5dcc73ba3efb265ceed29c989705e5.js?mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.133 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
x-device
desktop
content-length
22
logo1-4.png
townsquare.media/site/385/files/2014/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/385/files/2014/07/logo1-4.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/251D) / Express
Resource Hash
c51f896f99910be676a94e1b4ddc9411af3880c9eb2df8d82d22c1ba2bfffb3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:05 GMT
via
1.1 varnish
age
17685462
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
6703
last-modified
Wed, 31 May 2023 14:20:36 GMT
server
ECS (sac/251D)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
938987859
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 23:22:02 GMT
x-content-type-options
nosniff
age
6123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 23:22:02 GMT
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 1B9C 		38 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
64050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5155
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 07:16:35 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 1B9C 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=newjersey101point5&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fnj1015.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 07:05:49 GMT
ac511cb5-0e6c-4098-879a-edbc63398b05
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/ac511cb5-0e6c-4098-879a-edbc63398b05
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
embeds
syndication.twitter.com/i/jot/ 		43 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22nj1015%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1705799045435%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=6192b2daaa847dbcadb5844f7c0a7f5c29980bfb
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
8
date
Sun, 21 Jan 2024 01:04:05 GMT
strict-transport-security
max-age=631138519
last-modified
Sun, 21 Jan 2024 01:04:05 GMT
server
tsa_p
vary
Origin
content-type
image/gif
x-transaction-id
397a0e06bea10909
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
76d3f0e33ccf2dcb6454245a8c97c1df95a3325d69f54762e6aeaea8ac619c38
content-length
43
c740c429-ac2c-406b-8983-47ddf9757bb6
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/c740c429-ac2c-406b-8983-47ddf9757bb6
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
like.php
www.facebook.com/v2.8/plugins/ Frame 40C0 		48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27580a71a12c14%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff3777472d04e354%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
8b5237b3bf8b0db501efea7b151525f295cfef23e1aab044b35bdf57c762ffb9
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 01:04:05 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
5cvfmzuK0kKHwjr13a8COOxiKGHo4Nq+lm4q7tQEqCMo4CHoTdpbRe89SQq57NBiCL8GxR9n8PQJYTAMc5s9cg==
x-xss-protection
0
follow_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 3F09 		37 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c36e9bb2e913500763aa0f62ac2c2990247d78660b55dccff382a3b7e6dd5b8e

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
13712
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:05 GMT
etag
"bf4801052efb5f8f12057c849e9b590f+gzip"
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kiad7000126-IAD
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:06 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:06 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:06 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:06 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
3227
config.aps.amazon-adsystem.com/configs/ 		532 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3227
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-88.iad79.r.cloudfront.net
Software
CloudFront /
Resource Hash
9715cca2180b927c98368c563123504361e86f002d7f5c081315c09d6d12deff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:59:45 GMT
via
1.1 68bb623bd1a01bfb6607a40643084c92.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD79-C1
age
261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
_biF8jBsA-EO47CI6LGZh8PqKrVTL3XVQga255nCkfOucVsTWnYUjQ==
config
c.amazon-adsystem.com/cdn/prod/ 		797 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fnj1015.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
2176ef4808c0e4ad3b78d7c9c96cf4e7a89c398b0c12fcb20dd0ad641ee0cf2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:21:03 GMT
via
1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
2581
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
797
x-amz-cf-id
kTSywsUuAqRs1J2-EITaGoxUvT3c6w8LNb3IacRs6i64u3jTsoi7bA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 18:26:58 GMT
x-amz-cf-pop
IAD89-C1
age
23829
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cNJYwhVvkImIVjuce46fYRbwO7bYyf6zRZrTe8oivsrJXrsyQ1LDKA==
_bulk
funes.solutionshindsight.net/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.212.64 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-212-64.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nj1015.com
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 21 Jan 2024 01:04:06 GMT
server
uvicorn
vary
Origin
_bulk
funes.solutionshindsight.net/events/ 		615 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.212.64 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-212-64.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash
ad6c5537fce72b91ff583dbf6bba1900efedc40e6bc1a38f3a427f8c79719882

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:07 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
615
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7179 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
d00bcc19635acdf4db9078ac8d0c81bd55337a28d756a16d9ee98721128084aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29843
x-xss-protection
0
server
cafe
etag
297 / 19743 / 31080550 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:05 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/ Frame 7179 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/didna_config.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f207.1e100.net
Software
UploadServer /
Resource Hash
b2eab21c4f300ce29df5b010cb8deb4d97fb29ea057fd1ed5c446801d2457ed1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:06 GMT
x-guploader-uploadid
ABPtcPoppJ61zPMZZBQc1HCNslgRF3iH9S0M4rHOdrZa4iroQfO5KveJwm7WqnQlqsaziR_NYSdu4wHWdQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11051
last-modified
Wed, 08 Nov 2023 17:19:30 GMT
server
UploadServer
etag
"3255d89bc48bc39917f2cb2f80023b74"
x-goog-generation
1699463970384282
content-type
text/javascript
x-goog-hash
crc32c=d7JAWA==, md5=MlXYm8SLw5kX8ssvgAI7dA==
cache-control
no-store
x-goog-stored-content-length
11051
accept-ranges
bytes
expires
Mon, 20 Jan 2025 01:04:06 GMT
3abc6940-5e1b-4b86-9fa8-f3a638f82766
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/3abc6940-5e1b-4b86-9fa8-f3a638f82766
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2389175
x-guploader-uploadid
ABPtcPqw7p0T53HvhCqA4cU6BlyxOMpd4Giy91rdxj0lcXRoKkloFjGCjeU_HeV9dH_kNQQF5cYr-kY7wA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU%2B7j2v%2Bch9WlBHFLt5WZwpNF34mF2aSKFHTHxw5xu1w7f8ApMCP%2BaDpopsWPGqu7cyYtv1b%2BB0VuSRljW%2B4oOTBp1RJhhqVOhRr73Szfkqnrgjl5FYfZizVf4ozbEloRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
848ba42e8d4a8419-YVR
expires
Sun, 24 Dec 2023 10:07:49 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Jan 2024 20:29:02 GMT
px.gif
ad-delivery.net/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6951165881781467
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2389175
x-guploader-uploadid
ABPtcPqw7p0T53HvhCqA4cU6BlyxOMpd4Giy91rdxj0lcXRoKkloFjGCjeU_HeV9dH_kNQQF5cYr-kY7wA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF94DbHaSk6F3W1IFbGpl6nDQVnTTAbnLBK%2FrndJyYkeDRVNCPPTPhpyMIIMoJ05ZXSSfmGeGjWgkYPcZA4zf4TVz2mP59ANmN6XhGzFruf2odkYuEsqVSpZqaoIgAq31g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
848ba42e8d488419-YVR
expires
Sun, 24 Dec 2023 10:07:49 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 40C0 		299 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27580a71a12c14%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff3777472d04e354%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 21 Jan 2024 01:04:06 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
reporting-endpoints
x-fb-debug
V8Nr5hZeABhp87K1+BFOJRbCGjRX13xWWkz1Eg5gYggxHEKFWsS0hBAt09SH4zSUKEdGgyZjCkLpOn6FkDNkjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 10:20:52 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.13.65.87 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-65-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 21 Jan 2024 01:19:07 GMT
i.js
tag.wknd.ai/5351/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/5351/i.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
15b0f722d371765f5105c59f0b0734634a6d7c98671944355d55843fb33a32d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:58:52 GMT
content-encoding
gzip
via
1.1 google
age
314
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2330
server
istio-envoy
etag
c53b7bc81daa25
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
/
log.pinterest.com/ 		0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=m_9wMvZhACwe&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&viaSrc=canonical
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 21 Jan 2024 01:04:06 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
18
x-pinterest-rid
1780663876791908
content-length
0
x-served-by
cache-yvr1531-YVR
pragma
no-cache
server
envoy
x-timer
S1705799046.415900,VS0,VE96
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame 1B9C 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 15:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45646
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 15:57:00 GMT
truncated
/ Frame 3F09 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
M6wu7El2pZB.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yj/l/en_US/ Frame 40C0 		527 KB
137 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yj/l/en_US/M6wu7El2pZB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1096102534197907&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27580a71a12c14%26domain%3Dnj1015.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnj1015.com%252Ff3777472d04e354%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
915079520950e4dcb52df27cf94659147e234f9fa59960f5f83f03af0065bf4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
d4MruOeY6jUg9hpKgFksgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
139228
reporting-endpoints
x-fb-debug
n7JIpMus1UyUdPfvkbhInVcgHLSirGsNaX5wug9SUeZh53hvocoZHdMR99EY/C/DyCzK89axPG3eoEhtpcFIyg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 18 Jan 2025 00:33:12 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=272477
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86c059df7a6d61738a6eec59227ea23f35001203e4d942cd3e4159f67ef5b63

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRMxUxmJpS0RCX2ecWyemvff6D%2FjlS1zoI36Pt7x653CNA2y4ebDp4dmNeW4B2nn6FmxfG4Ajz%2FkBW5d6OZ1ld%2FGp0kSnIEbl0uQq5WdU0E%2B%2BlJ4kMv%2BAW%2BGSyWeIYL8iZw8ekZ3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848ba429bbca605f-YVR
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/ 		16 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 01:04:06 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		83 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.156.240.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-240-123.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
088b8e918c48615555d05ba0d8b2273a4af0b979f23e4fef71c6bb539b0719dd

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
prebid
krk2.kargo.com/api/v1/ 		2 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
hb
hb.undertone.com/ 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		269 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&pid=mVB1CeD9ywsI1&cb=0&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22tsm-ad-in-article-pixel-1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-in-article-pixel-1%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
d0b255f059c60b2aca607c6c3e0dc6bcb2387ee65136b4800a29afa4b24e4d94
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
WVBHJKA7MHT2FVHK5045
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
269
x-amz-cf-id
1m530wsj79FZx8tSGkpavFYD6zAXUJk1IIVNE6lF8TGTRwKnLFbllQ==
auction
tlx.3lift.com/header/ 		0
0
prebid
krk2.kargo.com/api/v1/ 		2 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
trinity.json
apex.go.sonobi.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=272481
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ecdb9ede7481a3f2d11c11b1b5ffbd0a5af8298d076d894b7fed998fe765e3

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joMkUITiK%2F8DCl8k4fDmrqEfprZTnoJyNw1oZaph61O%2F91HFdSheBSlP1%2FKS4jjhAgwdcWnqUKVTDCmMpzMcSkGR5Zz0THgiEqm%2BlI%2FSaXJ0Z%2FBsDisBmWQFTXmF8oPMPc4%2FBAOQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848ba429bbcf605f-YVR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
hb
hb.undertone.com/ 		0
0
bid-request
a.teads.tv/hb/ 		16 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 01:04:06 GMT
prebid
ib.adnxs.com/ut/v3/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.156.240.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-240-123.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d80716b0ba40f5c6473a3b259d571f724a726f2f3405104b7a5267fb7dcf5f5f

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
49
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
imp
g2.gumgum.com/hbid/ 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		304 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&pid=mVB1CeD9ywsI1&cb=1&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22tsm-ad-728c-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-728c-1%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
894a789591c4989be605de0c004fd46d15cbfc87b169c06b4f7817589182877b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
3790P955681F8KXWNYGN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
304
x-amz-cf-id
IVc7l3kZm1mpht7K2ZDXPP5naqZgrWlUqzpXXzlxhRn-JeVXKSr-zw==
bid
aax.amazon-adsystem.com/e/dtb/ 		269 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&pid=mVB1CeD9ywsI1&cb=2&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-970a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-728a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-728b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
931639d3acfb2a34a1d0ee51a9bc97c851e40e9f580cb22b00fb6888b066abd3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
YZYH4H6WCS1WYHQ7AQ9F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
269
x-amz-cf-id
bFfCKryfWwkQYyHp5JWGVzU34VFqOtVToztuMLx2ukmHpePCz_dsAg==
bid
aax.amazon-adsystem.com/e/dtb/ 		269 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&pid=mVB1CeD9ywsI1&cb=3&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22tsm-ad-300a%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-300a%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
b8164b6e44ff6fbf007dc6867dde1db97c1187c1da6dc3a97c46c65b113c5eeb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
2WM3MFGQSBKVX5MMSGEP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
269
x-amz-cf-id
uqKj5OllRIzzHVM8XMM2tqoJ222edrEDSz3-MFYTsVIkT4kngqx4SQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		269 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&pid=mVB1CeD9ywsI1&cb=4&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22tsm-ad-300b%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FTrenton%2FWKXW%2Ftsm-ad-300b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
c37f09c89e2cc7db32545885c28dfff9b2591ed1bb0c5b1a7bbd890a8120c672
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
XB1RVHD6EM0YV4EPMEM8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
269
x-amz-cf-id
ayP8qBBR5aKhvBy0qeO1HDFoJQGjBmp9tSgMuCeY-4sglNLteui_Rg==
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 1B9C 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 19:31:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
192745
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Jan 2025 19:31:41 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=3a3f254180124f5296e0083b3bb0e34b&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D3a3f254180124f5296e0083b3bb0e34b_2%26...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D3a3f254180124f5296e0083b3bb0e34b_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26c...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:08 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
72
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
210
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046687
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046687
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=a66e6375-923b-41c7-a0b0-e6a4b80f0d17&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ssp=revcontent&us_privacy=1---
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:09 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Date
Sun, 21 Jan 2024 01:04:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=3a3f254180124f5296e0083b3bb0e34b&us_privacy=1---&rev_dt=1705799046694
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=3a3f254180124f5296e0083b3bb0e34b&us_privacy=1---&rev_dt=1705799046694
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:08 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=3a3f254180124f5296e0083b3bb0e34b&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
trends.revcontent.com/api/delivery/ 		26 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=277567&width=1600&us_privacy=1---&rev_allow_cookies=1&site_url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&icr_url=&va=0&user_uuid=undefined&time=1705799046708&up=pc&bn=chrome&bv=120&widget_width=926&style_id=0&an=false&mr=false
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
4978a62672be1f4bf64153b84006add4cbbf034ad2fddea25b61ad97345b721b
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:06 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
59
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=60c8733550164698988ebf949307ef0d&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D60c8733550164698988ebf949307ef0d_2%26...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D60c8733550164698988ebf949307ef0d_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26c...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:08 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
72
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d_2&bidder=3&bidder_uid=l5tbTLZF3gDZjVqOPWTf&callback=dspCMCallback&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
210
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046726
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1---&rev_dt=1705799046726
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ssp=revcontent&us_privacy=1---
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:09 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=f49ccc6a-84d2-466a-be91-9432e41a94f1&callback=dspCMCallback
Date
Sun, 21 Jan 2024 01:04:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=60c8733550164698988ebf949307ef0d&us_privacy=1---&rev_dt=1705799046732
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=60c8733550164698988ebf949307ef0d&us_privacy=1---&rev_dt=1705799046732
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:08 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=60c8733550164698988ebf949307ef0d&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
trends.revcontent.com/api/delivery/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=277568&width=1600&us_privacy=1---&rev_allow_cookies=1&site_url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&icr_url=&va=0&user_uuid=undefined&time=1705799046747&up=pc&bn=chrome&bv=120&widget_width=300&style_id=0&an=false&mr=false
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
2f6b85ec73ded21620bceabe549b4915635e81248734cba74d40afba78b7c671
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:06 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
50
56aaf295-f76b-4d51-9007-3d999e6c4533
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/56aaf295-f76b-4d51-9007-3d999e6c4533
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
d4d937f6-f7ae-4ed0-acce-2a18aa21507a
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/d4d937f6-f7ae-4ed0-acce-2a18aa21507a
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-35VHJHR2SD&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c26ee46951fbdb09a9633f53c857e2a720bb23f3d9599efc2ee49460bb4603fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84303
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:07 GMT
runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:07:08 GMT
content-encoding
br
age
698219
x-guploader-uploadid
ABPtcPolX8qt5hwp54g_r741h4IvyiQrUl_zioXsegvAz2gPFwC-0ojBacXOIz7SxcfiyqWNdNy_3mZb0nz-yJFJMDNVmg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
last-modified
Mon, 13 Nov 2023 15:33:51 GMT
server
UploadServer
etag
"dbc90523c425a5d782995c1a39051881"
x-goog-generation
1699889631731187
x-goog-hash
crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1317
accept-ranges
bytes
content-type
text/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ Frame 7179 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
63079
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138095
x-xss-protection
0
server
cafe
etag
16105826302836755247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 Jan 2025 07:32:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 7179 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:09:22 GMT
content-encoding
gzip
via
1.1 d9057c384f4ac5ba2672d2ff44de7e08.cloudfront.net (CloudFront), 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
3286
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Bjg7ROk-TqdPmnQMUVc2-IkI-0nrebkbl6tbwke-Bu1PceWkCHCwhw==
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:07 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
postmessageRelay
accounts.google.com/o/oauth2/ Frame 2E7C 		565 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f84.1e100.net
Software
ESF /
Resource Hash
7985a8ce1cd65f003d29442e9b50dbcf3962646b3b70e958f35d3b6d9f149b5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qLdcClwWUq32W65PnRx9ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qLdcClwWUq32W65PnRx9ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sun, 21 Jan 2024 01:04:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
8328825
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/8328825?ers=3
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
2885de1ea14928bce380e346d97c1e11ab62ab68de0a8612fb79a21e53ae9b4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3dCqIVwRVgJD3eGOYJoEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-3dCqIVwRVgJD3eGOYJoEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1ff6b9f3-3437-43a8-baa7-599afcc86ba4
https://nj1015.com/ Frame 7179 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/1ff6b9f3-3437-43a8-baa7-599afcc86ba4
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-105.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f163220d1e6cc83c476f1a433099e861c6b96e7c5b80d37604ec372ca7636e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:27:03 GMT
content-encoding
br
via
1.1 bfb1eb580f1b74920e77f7f003dbce62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 17:26:58 GMT
server
AmazonS3
age
27425
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
etag
W/"bb6e4f92dea2798528abed953331a52a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
I6jJVXwB2pBD6g7zNLi6fbrU0olkefB_CXVYVLaJoKU4XX6pcwH0Aw==
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-105.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
300ba12de70470c68806b51cdd64c098916b20bf57e1fd3886352ca762301c7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:27:03 GMT
content-encoding
br
via
1.1 bfb1eb580f1b74920e77f7f003dbce62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 17:26:58 GMT
server
AmazonS3
age
27425
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
etag
W/"a8d5ffd6ac5a8cbd3c053390a6aa23d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NsUrOxVd4KJLH8EDHX6Nnqbl9OXelZ-VpLJZPJqE7XcZHAFahFuY7A==
feedWidget.delivery.js
assets.revcontent.com/master/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.17.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-105.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
844df235672a5effb5caaa2acb0bdd01ac47bfd4c6ae763ad2b82cfe6cfa0ebe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:27:03 GMT
content-encoding
br
via
1.1 bfb1eb580f1b74920e77f7f003dbce62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 17:26:58 GMT
server
AmazonS3
age
27425
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
etag
W/"8aca89a0d48983ec6efafc20f5a6e205"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LtV5Ut6bxddC7saFNcf_l218Nez08lBuYvbNA-kUAuxYgXw8Vs-y9Q==
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:07 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=g8mjta7n&w=5633661832527872&o=5642230212591616&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&sid=6yclQy9qA&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_2?le=scs
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
d26a6c542ab08c02db2df8a29aa8c881d6d1e78db6e035a31e0504ac32ce3d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9220
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 16:02:18 GMT
0e89a84c-43c6-4d37-8c8d-1a11fbd5994a
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/0e89a84c-43c6-4d37-8c8d-1a11fbd5994a
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
iu3
s.amazon-adsystem.com/ Frame 13EE
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&...
398 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bc7398c2353dfe979b11907494656d7324938cfb8123a1ee2b61860f2b1396be
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
398
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 21 Jan 2024 01:04:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RY378FB8KV4V8X8B85QG

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Jan 2024 01:04:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9YJ0GZDE5KTYCYYMWGGN
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=25ae0544-bf83-4b8e-b800-90f5d029b45d&cid=8CUMP71D3&crid=814318245&adunit_count=1&dn=nj1015.com&requrl=https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users&istop=true&event=client_timeout&value=1&rd=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:09 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Jan 2024 01:04:09 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=d562bc9a-8c45-42db-886b-126e06f34138&cid=8CUMP71D3&crid=833361413&adunit_count=1&dn=nj1015.com&requrl=https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users&istop=true&event=client_timeout&value=1&rd=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:09 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Jan 2024 01:04:09 GMT
hb
hb.undertone.com/ 		0
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=nj1015.com&ccpa=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-57.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://nj1015.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
TM3C3ekP0vU2zaeOuebBiNxFt0oPNrSWtBW5YgGkz1gtP8GJrpy_yg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
832 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-728a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=65104c706b14282&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&slots=1&rand=0.9478873195082431
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f60cb42ac7ba736d7d8b93ac54aba7049521564a5dc4d624ff0eb666f3f5c594

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-728b&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=662dc0216ebe2fd&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&slots=1&rand=0.8152151926261917
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a64572803eac9d86078943f6cea7bf0f54f8a82d5482a3dfa33e1c8ebd94700f

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
834 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=57&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-970a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=672db63a2074ebd&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a&slots=1&rand=0.8502259234396223
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c682686316993ba9fa50ec040cb91eb56db193ea10695e97274a26810a2c3168

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
502
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
832 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-728a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=68c83121908e75d&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&slots=1&rand=0.28654006135754573
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d7f1fdcd058f813b38d5dcf864fb9f6d4f5b146cbba662d8bbe4369cf263fefe

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-728b&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=69f736922563f6c&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&slots=1&rand=0.18261083881414475
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a5b4cf080630199327fa1a678014e6f06b78fa423d9b1a8b973ebda0d7d6f979

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=57&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-970a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=70a36c7d38d7a26&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a&slots=1&rand=0.9255684069778103
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ffed57336a5aa649a6b72783ce80f5e438c1688e4958878d15e96b45abd2d948

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
502
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		83 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.156.240.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-240-123.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9c51e2e21338bbefb18c15773e014f41a25283d218606ad2ccce1691ddac203b

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:08 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2e42b62cdc02d20959b083a45461865123467a3f977ab671c6eba96796cf43cb

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:08 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tmax=1500&us_privacy=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.121.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-121-224.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:10 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 01:04:08 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:09 GMT
content-encoding
gzip
an-x-request-uuid
380aa61c-51ed-4371-9e8f-e66828f53a26
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		8 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=272479
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bfc7a98fabb704beefca5f1f5e6c6253d8adbeba8aef7a5f76c2a7cf633a07d

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzTej0CFOyuPiCugZDEYQ3oP2Olh9G7leVHB97eqoOp%2B3HxF6vkmHuHagA5iuBGOXKksuL9sA3%2BF%2BpS5ZiUqZ9EFzeVio6jV9qeOWcRxRYP9q9wbBht3HEmw%2FN65euvFycrj%2Fwf5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848ba4347c8e605f-YVR
alt-svc
h3=":443"; ma=86400
expires
0
trinity.json
apex.go.sonobi.com/ 		206 B
912 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22143db17dd6f14c37%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a%2Cc%3Dd%2C%22%2C%22144234e0330bde49%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b%2Cc%3Dd%2C%22%2C%221457a27af04fc1af%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a%2Cc%3Dd%2C%22%2C%22146be33edceb4daa%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a%2Cc%3Dd%2C%22%2C%221478269468cfaccc%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b%2Cc%3Dd%2C%22%2C%22148879d00594b34c%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-970a%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&s=e8edd6cd-ce55-437b-b70b-12cf386bdde3&pv=7949025a-21ff-4572-9f68-133d71232bd5&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%22ae13d764-0ee2-4c89-94ff-2c0ab9bf93a0%22%2C%22pcidDate%22%3A1705799046394%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22nj1015.com%22%2C%22keywords%22%3A%22contests%2Cultimatenewjersey%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nj1015.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&kw=contests%2Cultimatenewjersey&us_privacy=1---&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bdb29a4f559837e088e3c49e4c3b99c8343f953d593a0b9c9315a9aaea7d3cac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
160
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-35VHJHR2SD&gtm=45je41h0v9175575035z877143010&_p=1705799034439&gcs=G111&gcd=11r1v1r1r5&dma=0&cid=190849881.1705799044&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705799048&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&en=overlay_impression&_fv=1&_ss=1&ep.call_sign=WKXWFM&ep.site_classification=Local&ep.market=Trenton&ep.genre=news-talk&ep.site_type=Local&ep.overlay_type=SailThru&tfd=22991
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:08 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:08 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:08 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:08 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:08 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:08 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
d477d8c7-3d2b-4354-8eff-8e5787a8ab4b
config.aps.amazon-adsystem.com/configs/ Frame 7179 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d477d8c7-3d2b-4354-8eff-8e5787a8ab4b
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-88.iad79.r.cloudfront.net
Software
CloudFront /
Resource Hash
11209b14d884bfcdde972cb0013a2608eeb3c4580f166febc4e7d67e82f1a87a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:10:55 GMT
via
1.1 68bb623bd1a01bfb6607a40643084c92.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD79-C1
age
3194
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
rM7ouCoTLgyvChSlfj_TeE_f4hgxx_cYJDTwF9RYKjKsCt9zAKUbgA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 7179 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnj1015.com&pubid=d477d8c7-3d2b-4354-8eff-8e5787a8ab4b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 22:05:42 GMT
via
1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
10705
x-cache
Hit from cloudfront
access-control-allow-origin
https://nj1015.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
qhdgy4_J5PM_UA9p1F_RKeKOcDrYhfdQAP5SJOPBD0BARQi-6zFbSA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 7179 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 18:26:58 GMT
x-amz-cf-pop
IAD89-C1
age
23831
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
I9AEqY6vmmeAvtzFw673_05diRpi3MCD8cQCaYAlWALTXlyrI-AhYw==
main-v2_b669f0854e04d626374d9b5ff1506c80.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		478 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b669f0854e04d626374d9b5ff1506c80.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f6242116061fd7a6d6b1e1cddf5d78fc46ebf84c52ea4390411da5c3dd41ca6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:26:51 GMT
content-encoding
br
age
808638
x-guploader-uploadid
ABPtcPoIInjwidwJUWqQEPq0w9GY-8PmORp8lCom1osI8tOMHfPNqzC5CXrS2UgVy-Wq9Kgzl1Q0x1owFw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106500
last-modified
Thu, 11 Jan 2024 16:26:40 GMT
server
UploadServer
etag
"379ae1cc02fe42a678f86d1909b79b90"
x-goog-generation
1704990400577898
x-goog-hash
crc32c=yO7WXA==, md5=N5rhzAL+QqZ4+G0ZCbebkA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
106500
accept-ranges
bytes
content-type
text/javascript
cjs_min_1e55b565811f11b08485230cf1d150d6.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 10:28:57 GMT
content-encoding
gzip
age
1089312
x-guploader-uploadid
ABPtcPoQLpXytdaY-mxsmAF0qdpwco8h-xkLZdvGZTRuRwmvrTnjYTck507PmP4_AgYy5gU_m8hE0nWAEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15751
last-modified
Wed, 13 Dec 2023 16:23:11 GMT
server
UploadServer
etag
"d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation
1702484591435387
x-goog-hash
crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15751
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
4fcee20fdadd863f392c2bfc83a8f48c.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/4fcee20fdadd863f392c2bfc83a8f48c.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
8c20e84434525b4a0e3c27e768b75022938ca27a812ae5bd41fb6fba04ce9313
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 19 Jan 2024 13:08:05 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
129497
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17259
last-modified
Thu, 08 Jun 2023 15:27:06 GMT
server
cloudflare
etag
"c4c56dee05cecf319778894c57024cef"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83d9a0ea2a210842-IAD
timing-allow-origin
*
x-amz-cf-id
Un6qN2cFxn1XX_NS8LzAjt0LhKrXsAq4qxLr466TJYhThx81iVXLiQ==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
8303d2d8ad46da79400f9ff757e3a4ce7e74dff74bbf3c3df746181601824d4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 18 Jan 2024 00:11:27 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
262362
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11060
last-modified
Thu, 11 Jan 2024 00:06:18 GMT
server
Cloudinary
etag
"c0c85dc0a3e97e23f11f221d8e4397a1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
MtQm80sAobaWFbF_RnGSvvTnkgCYPrBeiC6LEKr4k4aomKlMyV6f0A==
658ff703ba32e8-15251956.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/658ff703ba32e8-15251956.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
442725f2ec03a6334987bf0a9fb123bd41225e73761d5b8165abcdf6e1c2dd37
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 16 Jan 2024 15:08:44 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
381325
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
19432
x-request-id
a1f06548f9ceaedc32eef9f1c94069a4
last-modified
Tue, 09 Jan 2024 15:05:15 GMT
server
Cloudinary
etag
"9f475c547d431a2b7f807ce4d8e41365"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1mgYNoNTYOIoFIsgWZwj43ai2rfRpiSXtQhH8zfQVDR9TufAMrBBLA==
ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nj1015.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 02:40:27 GMT
x-content-type-options
nosniff
age
253422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28696
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 02:40:27 GMT
888d15ec269d6f00014d071f0919e4b9.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/888d15ec269d6f00014d071f0919e4b9.jpeg
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
a97f7901eda6514458776eee65da634e815d6eae45eea44b17ce7c6025e285fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 19:10:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
21213
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16051
last-modified
Sat, 20 Jan 2024 19:09:05 GMT
server
cloudflare
etag
"e279bb3b306842ee5eef4204aa0d8445"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
84899e55cbd13b1a-IAD
timing-allow-origin
*
x-amz-cf-id
CL0kzkqqvU7FVwT9ZNLsgbg_jdWRt9Kd5BHuoIEjT-AR_wUsJ6g73w==
5ef45dff6f3e91-09802935.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/5ef45dff6f3e91-09802935.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
f57627d3e911a7932c07ff140eaf0fb9e0a0f0e8df676c29f2005805c5825202
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 11:53:15 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
479454
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15426
last-modified
Thu, 08 Jun 2023 15:27:01 GMT
server
Cloudinary
etag
"4dae1b34f47e90a7444e439959bc942f"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hDxKHLU_8mweGur8cQITQnXOswcVRMA_wUiMub9AY6PDVh4YorH9Pg==
658cd4f0ab17f7-67915436.gif
images.revcontent.com/revcontent/image/fetch/f_gif,fl_lossy,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_gif,fl_lossy,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/658cd4f0ab17f7-67915436.gif
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
16551ff6c6dd43d578ac17db726a6ccc0cd273f1becc332430e94d678e49f949
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 02:50:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
512044
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14980
last-modified
Thu, 28 Dec 2023 03:03:18 GMT
server
cloudflare
etag
"d868849ec058d721f453cc466607ccd5"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
845acf254a320815-IAD
timing-allow-origin
*
x-amz-cf-id
rbpeH50C4t6GfWkyJuMAzJhFgso3d2qoNH4fiSFmlpYDDjJ_Tx0n5Q==
659c181b7130c4-26977426.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/659c181b7130c4-26977426.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
b6c8c8e74ee9cac5e20a47012b583b82eaa6764daf0b841412d8e59301431abe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 16 Jan 2024 00:56:00 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
432489
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11038
last-modified
Tue, 09 Jan 2024 00:55:18 GMT
server
cloudflare
etag
"1a577817563733f0494374da65326cfb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8428b7a93a905997-IAD
timing-allow-origin
*
x-amz-cf-id
RVFyGfUTawNHiB0aPZyrEbgml4rtOIsTwcr6_DJneFPm7xynavdskw==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
1047bf2303165f70fb18f2e4ab0bb2baed7918de0243565d99a601feccbb7a25
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 16 Jan 2024 11:51:42 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
426920
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8561
last-modified
Mon, 01 Jan 2024 12:21:22 GMT
server
cloudflare
etag
"eb5905ce8402dd93f488c3427831df44"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
842c774f3e2b821a-IAD
timing-allow-origin
*
x-amz-cf-id
x-zPI7un-2fE3rWI5Ew7GgqP80wwEcrZlqloxMlPuS7htALjyjiRIw==
65abe2066bee78-84380025.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/65abe2066bee78-84380025.jpg
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
98839cb177b37792c94aa69a4e69256db6a873d788c031792a74bc8f060fd211
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 15:20:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
35030
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13136
last-modified
Sat, 20 Jan 2024 15:20:07 GMT
server
Cloudinary
etag
"0dadc1501257f4ca49d59a3577fb83d5"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
31YKZoMoN7gdUdIP5Mkcg0wv8Z4zm85iNM_aVcS9_dCV7THthdhFrw==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=8e52d55c-d38f-4728-8ff8-b420b9172630&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:11 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
date
Sun, 21 Jan 2024 01:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=8e52d55c-d38f-4728-8ff8-b420b9172630&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=TTAAqoQvrJ&nc=false&trid=-1770702112
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=TTAAqoQvrJ&nc=false&trid=-1770702112
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
g8_BMwzo9wo8ckumjI_xHgNkgo9AY-NXW1aoWLHJ-VObOUN21rWjbA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=TTAAqoQvrJ&nc=false&trid=-1770702112
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
cw1kgnycjpHS77Ug0M9lsYQLCM92PYfOolsVCT6tzbMy1csedUlBAA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=c9022297-ca90-4b2c-8a97-e832368e8156&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:11 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
date
Sun, 21 Jan 2024 01:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=c9022297-ca90-4b2c-8a97-e832368e8156&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=VhvUrS9Hde&nc=false&trid=1193672478
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=VhvUrS9Hde&nc=false&trid=1193672478
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
vZ3bjFZrEZai9_QPnON8xOoCFNhZW0fSOa-HM0ftufh7OFnaYCocXg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=VhvUrS9Hde&nc=false&trid=1193672478
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
kDSI2PxMBlbpF01zsHZ0Wb7idUHKEtkXu8X4OjwW7EMzANkTMX54rw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.139.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-139-75.yto50.r.cloudfront.net
Software
cloudflare /
Resource Hash
5b78221b464f2f4d7dbdd964cf28336f141e391f22de761e65047a7b6c7d75ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 18 Jan 2024 00:24:29 GMT
x-content-type-options
nosniff
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
261580
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6955
last-modified
Thu, 11 Jan 2024 00:07:05 GMT
server
cloudflare
etag
"f323acb062616e96b8bf41b397a6a820"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8439035f499e20ae-IAD
timing-allow-origin
*
x-amz-cf-id
gtSjsWDdkxIQ4-9It4rGwtoFgK2yUGB53YjOqlgYadMmoqQMJPIrRw==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=747ad36c-35cf-49be-a775-75eceae6ded1&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.243.62.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-62-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:11 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&callback=dspCMCallback
date
Sun, 21 Jan 2024 01:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=747ad36c-35cf-49be-a775-75eceae6ded1&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=afRKvV1gct&nc=false&trid=-134670844
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=afRKvV1gct&nc=false&trid=-134670844
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
q7p0LuFZR6QRp4twJQncL4d8W1RxZF5uRgGfHHsX3qjni1pAmFYbYQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17&ckls=true&ci=afRKvV1gct&nc=false&trid=-134670844
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Xf5heroBxVvPgMFPTco8LKpISqzcS7FBd7L-86HDKBJSoLe4MnhfgA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:20:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
63798
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 07:20:52 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:09:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
64510
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 07:09:00 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:25:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
63522
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 07:25:28 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:21:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
63758
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 07:21:32 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:31:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
63147
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 07:31:44 GMT
cspreport
accounts.google.com/o/ Frame 2E7C 		0
230 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f84.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-YFGVJOJs0GfDKezsfSM87Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-YFGVJOJs0GfDKezsfSM87Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
478691279-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 2E7C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5186
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 03:05:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Jan 2025 07:14:38 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 2E7C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fnj1015.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 01:04:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7122
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"82744994a59c0fbb"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:09 GMT
5f352f95-3f42-4921-84cb-10b2f6c636d4
https://nj1015.com/ Frame 7179 		146 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/5f352f95-3f42-4921-84cb-10b2f6c636d4
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5e217ee8a059e5fd0860a9f4a75e30caf62646613163e47323664dbe423fd0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
149916
Content-Type
text/javascript
pr
s.amazon-adsystem.com/v3/ Frame B486 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ce7d17a32ba87dde73cab1b875cb16fa2313659f2ebf120b206109a10ff53115
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4402
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 21 Jan 2024 01:04:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EVVEE9YBBA89SSZD3K0H
57734dc9-f0bf-4d9d-8f93-ba00bd9f17fe
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/57734dc9-f0bf-4d9d-8f93-ba00bd9f17fe
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 01:04:12 GMT
x-content-type-options
nosniff
content-encoding
br
age
19368
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yvr1527-YVR
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 03:45:02 GMT
content-encoding
gzip
age
76752
x-guploader-uploadid
ABPtcPrxvT1V4urcPkSJJ6yLxinIgUg80Yaz0m8-7dO9Fd_DZQXI_FyzieZ5k5NOz-sU6PY_g5zzrnlDNA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 Jan 2025 03:45:02 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
277125
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
848ba447be832d7e-YVR
expires
Wed, 24 Jan 2024 01:04:11 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 Jan 2024 01:04:11 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 22:47:33 GMT
content-encoding
gzip
via
1.1 2fe59031aaa28adeac35bcf3408ddada.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
8200
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Vlkim_Z8FKvLyZW6wLKm5OCLugBnwTQ1X6RPgrkjGUgujbCTSpRCwg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:12 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
1f8d17ea84c1339922bfe92dd604abdc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
4WB5S328XH2EX6Z3
age
1441
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848ba44cbb312d72-YVR
x-amz-id-2
AiIOagZ4iyD493Lc04vCAu/cl+pRFHOZWt6hJ7bpwS8oGd4x7dIFEheaBjfaATH0wE5UCbLbNgJzpLLkXb8LZw==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.141.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-141-120.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 20 Jan 2024 10:02:27 GMT
Via
1.1 71c905b4598d7bc2693cb47f711520b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YTO50-C2
Age
54106
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
-RlxlV2cy25Jmhzm3UoC_3RfSFV8TTVrlOntysfxDO_vGwcwxEhWxg==
ads
securepubads.g.doubleclick.net/gampad/ 		874 B
522 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=3625876569568860&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Csharethrough&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x3&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799050454&lmt=1705799050&adxs=275&adys=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=730x20&msz=730x0&fws=4&ohw=946&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3Dfloat%26inf-scroll-article%3D1%26impressionkw%3D1&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=4044228931&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
7dd73aa2b217f0c4321699906f5892822a588c67dbd6411eff09ee758c710217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
492
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		190 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1063160881964781&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799050489&lmt=1705799050&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3Dinterstitial%26impressionkw%3D1&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=3005944993&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
7dddb57160dce8ee91d8a4b4c3db8041d66f21109e0c5b3a1bdd9e0b7a5e5b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53139
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1578892685100812&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Csharethrough&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C300x250%7C336x280&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799050497&lmt=1705799050&adxs=275&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=730x20&msz=730x0&fws=4&ohw=946&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3Dinarticleoop%26inf-scroll-article%3D1%26inf-scroll-article-d%3D1%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=1363379833&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
7e7196a107963ed1b891c186b7d498aeda5cc4538e2c8a7e459da2de6166e3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18823
x-xss-protection
0
google-lineitem-id
6381777739
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138460807007
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=2495712004440243&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799050504&lmt=1705799050&adxs=177&adys=36226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=926x90&msz=926x0&fws=4&ohw=946&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D728c%2C728b%2Cmid728%26inf-scroll-article%3D1%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=4103478560&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
3f0d580bb9640b8713a911759c26c4a4beb9d69d53d4aa2700dd9fcf901f1ba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18920
x-xss-protection
0
google-lineitem-id
6424858782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461600124
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl_page_level_ads.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
63588
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13863
x-xss-protection
0
server
cafe
etag
12572411096080002997
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 Jan 2025 07:24:22 GMT
config.js
cdn.confiant-integrations.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ Frame 7179 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9fda47e07514096d78ef84e0648458aa627c97600d72ad0d9e5f703ac031e753

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Jan 2024 21:28:13 GMT
server
cloudflare
x-amz-request-id
ZZHPSG46AKCJHV9X
age
226
etag
W/"30d35a7ac5b493cc170964162dbcc855"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
848ba47ccbaf841f-YVR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oTRO69fRiceFwyCLWKxjVCUzNm669bnKpwpodCoGqf+33lMV+SBsulSuWU3YKHErrxJrh/2SmgM=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ Frame 7179 		216 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e34f8ae558af205e8ac32253e941ed4c8e4c743d7a67073af5f309d2b4239e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:40:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=88217
accept-ranges
bytes
content-length
66653
expires
Mon, 22 Jan 2024 01:34:27 GMT
vcpm-event
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:11 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
vcpm-event
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:11 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
vcpm-event
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:11 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:10 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-east-1a
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:10 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nj1015.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nj1015.com
content-length
0
date
Sun, 21 Jan 2024 01:04:10 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-east-1a
ecm3
s.amazon-adsystem.com/ Frame B486
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f49ccc6a-84d2-466a-be91-9432e41a94f1
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f49ccc6a-84d2-466a-be91-9432e41a94f1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WNJX26WGS7YZKF4ZV7Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f49ccc6a-84d2-466a-be91-9432e41a94f1
Date
Sun, 21 Jan 2024 01:04:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame B486
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3488006515469156000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3488006515469156000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KH8XC0ZMN4403G2ARJV9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:11 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3488006515469156000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 21 Jan 2024 01:04:11 GMT
ecm3
s.amazon-adsystem.com/ Frame B486
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=12927d71-4ced-4778-9464-b42f91227243
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=12927d71-4ced-4778-9464-b42f91227243
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TWX8SK2E8GT99EH0A65Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:19 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=12927d71-4ced-4778-9464-b42f91227243
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
49adbbf3-fc73-4da4-ade7-44896273625c
https://nj1015.com/ Frame 7179 		699 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/49adbbf3-fc73-4da4-ade7-44896273625c
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.148.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.148.149.34.bc.googleusercontent.com
Software
/
Resource Hash
5d8b255182de2684e2e17f2d36273f83d72287116879d7ef038c4c24dee84cee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.157.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.157.102.34.bc.googleusercontent.com
Software
/
Resource Hash
830dfa6240c93c6032af71aef861cb4c027e2696eb418a82b2a28780c76076bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.255.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.255.102.34.bc.googleusercontent.com
Software
/
Resource Hash
17d6e1248e5e81ec8e777e135f721350005d3a43e579fd28ea94f0c4f3b76ab9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:11 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=41ca7c26-5ee5-45da-b111-54b4f152d3bb&cid=8CUMP71D3&crid=586528316|647112449|335570835|586528316|647112449|335570835&adunit_count=6&dn=nj1015.com&requrl=https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users&istop=true&event=client_timeout&value=6&rd=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:12 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Jan 2024 01:04:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		81 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1845853390031803&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799051331&lmt=1705799051&adxs=315&adys=207&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D970a%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=2530175188&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
8f985fcbcf3c73a3b25d6277f960cca3d6c269feac6511d43bc87003f605bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18647
x-xss-protection
0
google-lineitem-id
6381777739
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461364193
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		81 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1845853390031803&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799051336&lmt=1705799051&adxs=444&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=728x110&msz=728x0&fws=512&ohw=0&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D728a%2Ctop728%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2%26hb_format_ix%3Dbanner%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.05%26hb_adid_ix%3D233e80572ca97873%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D233e80572ca97873%26hb_bidder%3Dix&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=516350904&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
092bbd7adcaa78b953f53ff62a6da9485cb23674c23ea81c9e78b121849e1543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18663
x-xss-protection
0
google-lineitem-id
6381777739
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461364091
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1845853390031803&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799051340&lmt=1705799051&adxs=157&adys=37905&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=1286x90&msz=1286x0&fws=0&ohw=0&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D728b%2Cbottom%2Cbottom728%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=3696914201&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
8ca21eb8e54bb565c83c9947473943770b64768a39d5058c5bdff84ba2a6f8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18705
x-xss-protection
0
google-lineitem-id
6424858782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461600124
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		621 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1845853390031803&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799051345&lmt=1705799051&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3Doop%26impressionkw%3D1&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=100649269&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1cdb434b2dcec7d3bb5593e227b5d89a5a8c58d5bf34621935ddebfad9e244a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		549 B
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1845853390031803&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x3&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705799051351&lmt=1705799051&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3Doop2%26impressionkw%3D1&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=995131251&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
26e6326b53bdf9dd4b2365b8ea29ae8ad2e5b912f567f9a9b01d1be79ba157ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
276
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 01:04:11 GMT
auction
tlx.3lift.com/header/ 		19 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tmax=1500&us_privacy=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.121.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-121-224.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=nj1015.com&ccpa=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-57.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://nj1015.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
J_SDkYWaHcx7OnrF4x7qRnAOJjGOentf30L543ppVSe4tyWo59ILUg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2c1f56bd9914a1b5baa367ede5c376c2af4d059ec78e322ae695bf864d5951d1

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
prebid.media.net/rtb/ 		2 KB
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c31def1ebd01f472cee3f19d0ebd6ce0c6f66d8c5b51078cf70a849cda3833b5

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
78
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:11 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.156.240.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-240-123.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c6bc882abc8750f3a3414a1b691226ae8a03b3bd20cbbb20668dc95faf431c59

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
29
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
trinity.json
apex.go.sonobi.com/ 		118 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2217719609e82f85ea%22%3A%2252385cf1a79895898f27%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a%2Cc%3Dd%2C%22%2C%221785b80360fbf797%22%3A%2252385cf1a79895898f27%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&s=2080d4a1-8bf1-43ac-8602-44a43a5ef553&pv=7949025a-21ff-4572-9f68-133d71232bd5&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%22ae13d764-0ee2-4c89-94ff-2c0ab9bf93a0%22%2C%22pcidDate%22%3A1705799046394%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22nj1015.com%22%2C%22keywords%22%3A%22contests%2Cultimatenewjersey%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nj1015.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&kw=contests%2Cultimatenewjersey&us_privacy=1---&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1fd7c30f7a5b8666819929a1cf1bdcdab1e260f4fbebe8d0eb733384aed0c541
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
143
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a106465c11c6c1c93c600cf2b9e5e101aaab1f46451c89b0a7325731bb9dc4cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
an-x-request-uuid
faf2f2a8-f53e-40d5-b9fd-039d90fb2bfc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
258
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		522 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-300a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=183939e55a5d23ee&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&slots=1&rand=0.721631264910986
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d533b0b49814181e57d850d223c86463953546584ef90f349655da43b57e780c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
522
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		522 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-300a&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=184849c9ee26428a&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&slots=1&rand=0.9555521276971422
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7d4417fecb3c3bc6e9475a0490ee05c466994d1bb97c0557b628dceb40dc69c6

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
522
expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=272476
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d5ceabc8c823367249ff6a32ab5a59e3f3f169854aa5d7df4b923dcdd31879

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B6gKrOP7nZfbvDhC4nAPY0%2BbLajXNSJLNvwvON5oaPltfg%2FR6%2F921804kvivTeSza9bPdrUAgUB42VPYycxp8LgE98BdMiYuaoSXd490rUZY%2B5T2s9lObQqc72O1QwT8WozAM35"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848ba4476c4361ee-YVR
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a57b3c94098d8cc1be5fa80e9cf678fb4297562f0b13bf7393dbca38dc65372a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		23 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
828297d343f6e3cc3384b10a6337a610eb1ae5e43cfb14bcc31335bb9d80342a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
an-x-request-uuid
886fa349-acf6-43c1-a30d-ff897447665f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		2 KB
831 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
17096d113c4339d6c0b5e631ffa17f09010e3a4eec50304ac438de018c17bd18

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:10 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
52
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 01:04:11 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.156.240.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-240-123.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
dacc347e28dbeed15c7c86e258a6daa721241ec272d246854a73110db156b055

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:11 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=272477
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7c5425d5085547af12cddd78fac290f74c93df8167289bf793e26977d88c05

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tea2nF9WzVNfmDVpR8EqAdkdeAnybHLmoTNY4LI8IonRqNpUmk2iUprkOXtYgLVT4a07OMu9ZkAvcGtdfxDAp65j35Ws23mwJMkp1zncRsDmA%2FuD0duYeTnuzuG8L8GslV9srn0K"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848ba4478c5a61ee-YVR
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
hb
hb.undertone.com/ 		0
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=nj1015.com&ccpa=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-57.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://nj1015.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
s8TDtHPBFwv5CJMWxslQTH_Nsz1MlmrCO8jnv8qHFsp5XcMHrYxLhQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		611 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222195aa05ff2d64f%22%3A%22810bf2d7e35a61283050%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b%2Cc%3Dd%2C%22%2C%222204904c75f6c65d%22%3A%22810bf2d7e35a61283050%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&s=61536756-477d-474e-b235-a832c310282c&pv=7949025a-21ff-4572-9f68-133d71232bd5&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%22ae13d764-0ee2-4c89-94ff-2c0ab9bf93a0%22%2C%22pcidDate%22%3A1705799046394%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22nj1015.com%22%2C%22keywords%22%3A%22contests%2Cultimatenewjersey%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nj1015.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&kw=contests%2Cultimatenewjersey&us_privacy=1---&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7832ee285312fb3dd8de0b332090a2df8be728d610f18a8ea1378ef887a77871
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
346
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-300b&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=222563a1f9bb625&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&slots=1&rand=0.8574534168618932
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
60f70f56032b6116a6f22d6030eff1115bdf62cc99dea6bd1fef9bd9ca839de7

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
502
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=tsm-ad-300b&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=2231093852898be9&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&slots=1&rand=0.15328717610238796
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b38a5265bf062b3aeb0e42ab7e1e98fe5bfef1207e383788429f09f397bc5b8

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
502
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nj1015.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 01:04:11 GMT
auction
tlx.3lift.com/header/ 		19 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tmax=1500&us_privacy=1---
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=nj1015.com&v=95116bc74f5dcc73ba3efb265ceed29c989705e5&mver=122&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.121.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-121-224.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:11 GMT
accept-ch
sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
view
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/view
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Sun, 21 Jan 2024 01:04:11 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
b7d41367-a79a-4b59-a24a-460c6b6cccbf
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/b7d41367-a79a-4b59-a24a-460c6b6cccbf
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
9c30ce27-bcaa-4b1c-addd-9fa05c71f17e
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/9c30ce27-bcaa-4b1c-addd-9fa05c71f17e
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
onsite-v2_5631bf90701659009118a89f964ae570.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 04:00:11 GMT
content-encoding
br
age
1026240
x-guploader-uploadid
ABPtcPpUmEbjYYG1vJF4wBA7q9aia01K0CsnBszNXzPj39OYgkmU-yZbkrKEmGa21tMFmriu2A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
last-modified
Thu, 04 Jan 2024 21:33:01 GMT
server
UploadServer
etag
"801d41813e7b11c4986b4ca00307283b"
x-goog-generation
1698960936310274
x-goog-hash
crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4962
accept-ranges
bytes
content-type
text/javascript
ads-v2_d639085d70dd54880f3dfcd56d5c66b0.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		175 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_d639085d70dd54880f3dfcd56d5c66b0.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
31e3ff445123b7a0383fe99704a5b23edcb602952b4bfb2d6adfaa0e29b83b9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 14:31:11 GMT
content-encoding
br
age
815580
x-guploader-uploadid
ABPtcPqYuuFR37NjzVNd3tDAuYF0eXAHmLpAXuwi5bJQIbHisiWrCOXUdtx4mzhngZWcx6_lybJPdFzUXH_6SyqqihYGwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39042
last-modified
Thu, 11 Jan 2024 14:30:58 GMT
server
UploadServer
etag
"1fea6d88380eb4639ccb1d0d945cf483"
x-goog-generation
1704983458305671
x-goog-hash
crc32c=jD97aA==, md5=H+ptiDgOtGOcyx0NlFz0gw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
39042
accept-ranges
bytes
content-type
text/javascript
usermatch
ssum-sec.casalemedia.com/ Frame 0075
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5540d3df62e506a8f48a946ca5163e2692763cb24e638cd538b080a9b1109a84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848ba44cba5761ee-YVR
content-encoding
br
content-type
text/html
date
Sun, 21 Jan 2024 01:04:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk%2BQlKCw1HzhWt0qu9%2BIrq0zaR06feUHItHlmExitT%2FZI266O8xrBSf37L8Dq95ePmaj%2BYELE9%2B0U4ZXFeBTWATrzMcxBxUgf1HF3DYKbLqyj9z%2Bw1XXNGf70fXSRtzXFcGnh9sO0A6hnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848ba4494f5f605f-YVR
content-length
0
date
Sun, 21 Jan 2024 01:04:11 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRM4LEZNHM0ek31Kkq8RClcYoxZo6p0xBGKrPgH7FJV7I0n1pIHgSGcWHs3U4dkK2vSLtUDBrz2Zes4O26P2ctn3Wjc%2F5zNe%2FjaiTi94icNXsSAANoICXIxHLK6bqQTNh1iG%2FYRUVxFtTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 6602 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 21 Jan 2024 01:04:12 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 8394
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=60f66d7c3cd405ed&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMqpaMzA6jjANmDx7NAAAAAAA&expiration=1705885453&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMqpaMzA6jjANmDx7NAAAAAAA&expiration=1705885453&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2FA4591KVWTWECEBTDSP

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMqpaMzA6jjANmDx7NAAAAAAA&expiration=1705885453&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 0B45
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-b46dbnuoV4hSvw9r8PAlyKyLD02t8mIpu0KCMZFoTA
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-b46dbnuoV4hSvw9r8PAlyKyLD02t8mIpu0KCMZFoTA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
S8P4HWQEWGDK5RNJM7PK

Redirect headers

date
Sun, 21 Jan 2024 01:04:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-b46dbnuoV4hSvw9r8PAlyKyLD02t8mIpu0KCMZFoTA
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
umcheck
e1.emxdgt.com/ Frame D301
Redirect Chain
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Demxdgt.com%26id%3D%24UID
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Demxdgt.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYX...
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9le...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
9185040762922c98a89681e9452da33866da323b6b927a42d98ad425abd6e919

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
2681
content-type
text/html
date
Sun, 21 Jan 2024 01:04:12 GMT
pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d04ecc4e-c9fe-475f-a410-2a2eb6d78e05
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 35C4 		773 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
a08f1b669fcb439e60b551b9ab1d2b5e80692d05aca16cc6db35dd30fec4f2dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
773
date
Sun, 21 Jan 2024 01:04:17 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB36 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117125
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 21 Jan 2024 01:04:11 GMT
expires
Mon, 22 Jan 2024 09:36:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FEC6 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:12 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 0794
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
cd1f15f87f856ee2b098881762c0a65ba0b350ca51329125732fe85525a85757
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6658dc8946-gdlcv
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6658dc8946-gdlcv
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 817A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LWThEMFdSRTJ1SkUuczBtcVBBV244YUliTUxBV2c4U35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LWThEMFdSRTJ1SkUuczBtcVBBV244YUliTUxBV2c4U35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SXEEAQ3PFVWQANEJYSWQ

Redirect headers

age
0
content-length
0
date
Sun, 21 Jan 2024 01:04:12 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1LWThEMFdSRTJ1SkUuczBtcVBBV244YUliTUxBV2c4U35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
65354ca311421d643073bbdb
syncaps.cootlogix.com/api/user/html/ Frame 92ED 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.138.160.21 Atlanta, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
155.138.160.21.vultrusercontent.com
Software
/
Resource Hash
2ff7afaf492e9bf5974fc86de94e3958c9a6b0255c2a0b5e4bb3950e827a54ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
4648
content-type
text/html
date
Sun, 21 Jan 2024 01:04:13 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
pd
u.openx.net/w/1.0/ Frame 49FB 		0
0
usync.html
eus.rubiconproject.com/ Frame 9455 		0
0
sync
eb2.3lift.com/ Frame 1346 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E60 		0
0
usersync.html
cdn.undertone.com/js/ Frame 4128 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame CCCD 		0
0
subscribe_embed
www.youtube.com/ Frame BD90 		757 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
ESF /
Resource Hash
8e2b18a2ecba2cf7e9c1d3ce625c2bc1e543b564c54db5ed209f1767496393b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="youtube_main"
date
Sun, 21 Jan 2024 01:04:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
amazon
ap.lijit.com/beacon/ Frame AFE4 		0
0
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame 1389 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
15874238783061330568
tpc.googlesyndication.com/simgad/ Frame 1389 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15874238783061330568
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
6982bc272051cc5f99de59d15c870cc19f884fec6a2789ae5a559c64897f22bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87836
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:37:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame D14E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
2947049684429512504
tpc.googlesyndication.com/simgad/ Frame D14E 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2947049684429512504
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
9cf6b431763fa0fceb389b784b32b01372d7caeda6a0159e2d032e7c2cd23555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 01:04:13 GMT
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68828
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:00:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
93df75e1-b3d1-4af2-b23d-80e20710468c
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/93df75e1-b3d1-4af2-b23d-80e20710468c
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
388ced82-220a-4705-aaff-07aa39e19902
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/388ced82-220a-4705-aaff-07aa39e19902
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
69254d87-bde1-4dc9-ada6-7dfab0887eaa
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/69254d87-bde1-4dc9-ada6-7dfab0887eaa
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
6b634b3a-b262-4d15-94b0-1ea5042b1dae
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/6b634b3a-b262-4d15-94b0-1ea5042b1dae
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
86c7fb18-369a-48f2-bcbe-3ab36650340b
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/86c7fb18-369a-48f2-bcbe-3ab36650340b
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
25570a2c-b789-426f-ae97-09427e90061e
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/25570a2c-b789-426f-ae97-09427e90061e
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1C5C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4c620ea7c0734d5bf76c5ea6ae05c6324a24f81f36bd1ee2d71e45bfac289fac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Sun, 21 Jan 2024 01:04:13 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
ecm3
s.amazon-adsystem.com/ Frame 6732
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2227546027579844602145
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2227546027579844602145
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZYTTKE1AVX33QMQPQQVA

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 21 Jan 2024 01:04:14 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2227546027579844602145
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame 2E7C 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23557
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 16:07:17 GMT
crum
dsum-sec.casalemedia.com/ Frame 0075
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zaxti78jkzqvZqfLnwLzmQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHfeM5hSd2wr9IopGEKEhvc&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHfeM5hSd2wr9IopGEKEhvc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72ulqXtSBG40PfAImgBq3FJS1E49WDX0zJIHETU8XmIeaWfY1dXeYp4Ys4J3ox%2F0dVF5dtvVnT0yMujE5Pr774%2B9CIerv1xFNStBqm2dtBS6hNrpMLn%2BBBwcR%2BqH%2FDReMWrZiObMjU9Vog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848ba4558b7661ee-YVR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHfeM5hSd2wr9IopGEKEhvc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
53233
i.liadm.com/s/ Frame 0075
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zaxti78jkzqvZqfLnwLzmQAA%264193&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Zaxti78jkzqvZqfLnwLzmQAA%264193&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8c8855abf5bf41098e2cf5f002167e02
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2798585505725352149
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 0075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Zaxti78jkzqvZqfLnwLzmQAAEGEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIW09Ut93rWEUaQKlJ1NE_4&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIW09Ut93rWEUaQKlJ1NE_4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWNaimEvRoDft5yqJcW7sX116WdM8oyX9xNPX27BQzvnk65Hn%2BE5m6ATH%2BRUk%2BgHuCdSVEHhatUtIZX9EyGbMOSXj1VcvKMWdSxQMMUTkKRzjofpkioADUCL76eCCa6x1Gji6%2BtOcuvZpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848ba4558b7761ee-YVR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIW09Ut93rWEUaQKlJ1NE_4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0075
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&expiration=1708391053&gdpr=0&gdpr_consent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&expiration=1708391053&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZqGAFg2zLQr0Yx9pvneygZRqt2%2BaeCaWfin97HzCQaznsvRkRcvoGLSNDMhDsgY82bl43JQ4Uq0w1KTsUU2DAWJ%2Bx1FiJtCvi7MbZGBOsXYKzTSSjndOOQseaXcBSwn2LW%2F1%2BS4HUf8mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848ba45419ee61ee-YVR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&expiration=1708391053&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 01:04:13 GMT
server
Kestrel
content-length
323
i.match
a.tribalfusion.com/ Frame 0075 		0
0
cm
p.rfihub.com/ Frame 0075 		0
0
rum
dsum.casalemedia.com/ Frame 0075
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=009ba73f-4c41-4edb-aaa1-0a080c99f456&ssp=index&expires=30&user_group=5&bsw_param=f49ccc6a-84d2-466a-be91-9432e41a94f1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqnbm8Qngpi7EavKj9NxZleluiNrUAJIxEUN75qTQfCpMCCM0r2HoqwrqCDtOVegXNKHj1SS7FAdtdsW6E46oaWeEKquSieWrxgiCaEi1m%2Fao1Wr9yTRIJVOgSC0fEN59O76Bgmw"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848ba45c0e96605f-YVR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 21 Jan 2024 01:04:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ping_match.gif
pm.w55c.net/ Frame 0075
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
0
0
ecm3
s.amazon-adsystem.com/ Frame 0075 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Zaxti78jkzqvZqfLnwLzmQAAEGEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XJ6YDXQSC1J3MHADQ1DK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame D312 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
6955135743073609694
tpc.googlesyndication.com/simgad/ Frame D312 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6955135743073609694
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
1267e59e6ef999146b80bfdf63103ea018832c46ad4dbd9ab362d0fdcbe5c1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10889
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:52:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
l
www.google.com/ads/measurement/ Frame D312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaST75uMJQE7YXE4FsDVf6wF4OHgFgXfpQyP3JTCV284_ylVylP53uVXCzEP7GG2FSAXfX3qSBKwxJpGhb7Pen2ydZofSw
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
AGSKWxWtHeo-nPo6GTQ-T2W0hYsTTfloR1swlvtBEb4m9HBKP0R8UKsm2OQIE4dDvo6Dd1Xt6KJUsfCT3sIoRBWjpLVQ39AO6vtBtceW0Gi8PA3gyp2x4uNVXMStmTMAtW2wqfY7ujqjbQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWtHeo-nPo6GTQ-T2W0hYsTTfloR1swlvtBEb4m9HBKP0R8UKsm2OQIE4dDvo6Dd1Xt6KJUsfCT3sIoRBWjpLVQ39AO6vtBtceW0Gi8PA3gyp2x4uNVXMStmTMAtW2wqfY7ujqjbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Nzk5MDUwLDMyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8iLG51bGwsW1s4LCJraEp2RGVGc21iUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
1d775040d5cde963bae2bd1cc89bf9748b1be9c8e9e02bdad4368c8bb929d2a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BeSUCEdxrgN0IDFT31udEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BeSUCEdxrgN0IDFT31udEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B13 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
Mon, 20 Jan 2025 01:04:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame 429B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
2947049684429512504
tpc.googlesyndication.com/simgad/ Frame 429B 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2947049684429512504
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
9cf6b431763fa0fceb389b784b32b01372d7caeda6a0159e2d032e7c2cd23555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 01:04:13 GMT
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68828
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:00:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 429B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgrzJxk6oCeYgPnIvhd5yyxzzl6sM4-zJ-l5U29U7Lk2IbF62i9VL3na2WKXr_KFs3ARn3j2qZp4f5Cr12Zb5X6a8O6w
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame BD90 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 07:33:51 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame BD90 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f136.1e100.net
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDkDKxDButZ3ltEDLjbe-_g&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 07:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 07:05:45 GMT
40ac7004-4d64-4050-9749-3117cd1064f5
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/40ac7004-4d64-4050-9749-3117cd1064f5
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
usync.js
eus.rubiconproject.com/ Frame FEC6 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62120
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1389 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufe8_NEkJcDmXX7_6ynJUI47fSggHmjHBupHQRzb12oHMLwb1OkPcMPCp_WY7NM0n-70iZQpgc88yc3jzlD2UmLDIJSXjhSF8o2xERI_JRkIDaDUlW9ryh9P4usFO6-QLtf6sLPq_cTo8meHWYBRAM2PFQ1QiUc0PX5PRycIpEp47Kg3ojgQ095YAV8oCFr7Rp82oWbIxvZoII1fWBwb5t6ustPfLTk3-xR_a_INlQsQM9y7ShFMghDvq6-TwY8YXnAHfpJlWYFXAM6Dy09GrYQNk_weav92Dcz4_ywc94RcSozs0-cix4d9ILf6k7_e6roYl2qD65dfWdC06_KoJHzP8i9onZncmaS6w&sai=AMfl-YRZftJm9EpKDbG2aI7GFhMHmx3UVOjak6H0b7-zYIRhnUS1cF6FreD3uMfCeS0_gVORPTdloAsfLLkeMQPFG6Z670Kcq0dMVnzkv-kbsLDcAaoj767ihp-mwIGSSkeFFLA3Uc90Cp-hNLGhE3aliK4PpDRi7apzYsF_bZW99lQxsKFb30wMlUaHtZa20mhv4sOB-2AVh5dCujpJil_8DywLxmndM8nNMbR8O4uq17gNQA&sig=Cg0ArKJSzN7-lk_ktqyMEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1389 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1389 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:13 GMT
15874238783061330568
tpc.googlesyndication.com/simgad/ Frame 1389 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15874238783061330568
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
6982bc272051cc5f99de59d15c870cc19f884fec6a2789ae5a559c64897f22bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87836
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:37:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
2947049684429512504
tpc.googlesyndication.com/simgad/ Frame D14E 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2947049684429512504
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
9cf6b431763fa0fceb389b784b32b01372d7caeda6a0159e2d032e7c2cd23555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68828
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:00:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D14E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMzI9BAC72okpteW29b0jz8NhSJ7vOtV9GGvCpvpxtdChzHdBK63hMibN8tKlQYFZBDskDe8Xy5QehfFuODp_jY8dMOOm9mo4f3bFASmTW6p3tfop9kuI-HZ1Pm6vsnRnncieRtw63N3vRi3QAEIJd-0erM4gphfYa8T9vvj7adHtVt0TIGfWF8LSPgfWxhLHODqkuv3mF_a4ti0SA2HKoofrfXQKLM_hV0WqsS_dZbbuwXSv_fUsSI8rpQxBmFMB-rX-e9z5ipvgLs2NeYI5ATnTc5o3Kh1SKJUKXoIYR4bIbDl-zYQjsDzqRMt-A94sr-4dpWu6bj3hkGaNfvgZxrsyt6hJDODZ2MS1R-o0BcHFmP_QgUAOJbJuCHQ&sai=AMfl-YQfJL5D2YLZNeNbDlUYm_Oe0X425BSw6fKoawuG5RwIvyqlms-2Wkkv2gGzK_bsyMT34hHqZpseN4Ibv--7TiXyuvwO3hg2KNFL0IQ5HL5XUzZgowgH81ATRv4gxKGpgThNH1VtJAcWMI_x3hc8gg7B1zZRjBvwG1SeHfRK6QLpBhHnpylxjnGWIip38jU9t5Sjuqg_Owa2d8JIOuyfBVlTnqcLdcv78XK1WbLvrK5l-Q&sig=Cg0ArKJSzAXO3SFIltQWEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D14E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D14E 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:13 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=02c53166-1225-4b88-8435-029049f05921&cid=8CUMP71D3&crid=621213722|621213722&adunit_count=2&dn=nj1015.com&requrl=https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users&istop=true&event=client_timeout&value=2&rd=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:13 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Jan 2024 01:04:13 GMT
timeout
krk2.kargo.com/api/v1/event/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krk2.kargo.com/api/v1/event/timeout?aid=02c53166-1225-4b88-8435-029049f05921&ato=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires
0
content-length
0
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 UTC
ads
securepubads.g.doubleclick.net/gampad/ 		81 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=845376700489793&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dda22f1eebd3110cd%3AT%3D1705799051%3ART%3D1705799051%3AS%3DALNI_MatYhF0BIm6FOaEsDXdutxf9yfwrw&gpic=UID%3D00000db8d3d300d3%3AT%3D1705799051%3ART%3D1705799051%3AS%3DALNI_MbA_h7yk25EYZtn0VAVE9mnXqs0YA&abxe=1&dt=1705799053403&lmt=1705799053&adxs=1123&adys=268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmzKxdHxEbsHAP2F-7KVCAeJ96Ir1Og21kmvuwLDkl5QaAGR5jgzCQpY6xs1yFadn-Zj2xOrgNo5PW3ujIYgKCXDgEdHEjgNg%2CAOrYGsmz6RZCx3kx2H4Zw9qQWu2UVRBS1St4ddTf7nnDiIy_xqIK5iXZvTh9dEOW3uyPGQmqycdq3g_zw--gJW-DG16SoNMzF3dJkg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsm8A--so7jLDDOtfdf0Zn0N24UHifR27xiazFoGgx9epb9-3gYi-N_3Db1JxWlmNGrPb481vH3PvrGq5UcW_4-X3eK1CzHVP38%2CAOrYGsk8vU-nR2_6z-qOj2MLgAnczjMr_K7oyV7YvBj9J1_dZZ6TDEZdwQEaIf9yOQRdtzo-Yaxeca0KfmX3_AFpO00cam1-L5aPrg&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D300a%2Cright300top%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=4067820261&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
842fe092c730ed9b2e246b8b257bd55da1e8d4fd32c57a7197f1386784964285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18496
x-xss-protection
0
google-lineitem-id
6381777739
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461364118
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=25244b9f-9074-4c0b-ad97-aaa9a785129a&cid=8CUMP71D3&crid=385018261|385018261&adunit_count=2&dn=nj1015.com&requrl=https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users&istop=true&event=client_timeout&value=2&rd=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:13 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 21 Jan 2024 01:04:13 GMT
timeout
krk2.kargo.com/api/v1/event/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krk2.kargo.com/api/v1/event/timeout?aid=25244b9f-9074-4c0b-ad97-aaa9a785129a&ato=1500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-226-172.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires
0
content-length
0
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 UTC
ads
securepubads.g.doubleclick.net/gampad/ 		81 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346508008433930&correlator=1694897919066404&eid=31079957%2C31080255%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=8328825%2Clocal%2CTrenton%2CWKXW%2Cpost&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dda22f1eebd3110cd%3AT%3D1705799051%3ART%3D1705799051%3AS%3DALNI_MatYhF0BIm6FOaEsDXdutxf9yfwrw&gpic=UID%3D00000db8d3d300d3%3AT%3D1705799051%3ART%3D1705799051%3AS%3DALNI_MbA_h7yk25EYZtn0VAVE9mnXqs0YA&abxe=1&dt=1705799053419&lmt=1705799053&adxs=1123&adys=508&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmzKxdHxEbsHAP2F-7KVCAeJ96Ir1Og21kmvuwLDkl5QaAGR5jgzCQpY6xs1yFadn-Zj2xOrgNo5PW3ujIYgKCXDgEdHEjgNg%2CAOrYGsmz6RZCx3kx2H4Zw9qQWu2UVRBS1St4ddTf7nnDiIy_xqIK5iXZvTh9dEOW3uyPGQmqycdq3g_zw--gJW-DG16SoNMzF3dJkg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsm8A--so7jLDDOtfdf0Zn0N24UHifR27xiazFoGgx9epb9-3gYi-N_3Db1JxWlmNGrPb481vH3PvrGq5UcW_4-X3eK1CzHVP38%2CAOrYGsk8vU-nR2_6z-qOj2MLgAnczjMr_K7oyV7YvBj9J1_dZZ6TDEZdwQEaIf9yOQRdtzo-Yaxeca0KfmX3_AFpO00cam1-L5aPrg&ga_vid=190849881.1705799044&ga_sid=1705799050&ga_hid=1847351085&ga_fc=true&dlt=1705799028215&idt=18112&ppid=682fe08a-b078-541c-9a39-597832627d8c&prev_scp=pos%3D300b%2C300d%2Cright300mid%26impressionkw%3D1%26amznbid%3D2%26amznp%3D2&cust_params=hasApp%3Dyes%26catid%3Dcontests%252Cnews-nj%26tags%3Dthanksgetting-2023%252Cvip%252Cno-gallery%26id%3Dthanksgetting-2023%26author%3Dtownsquarenewsstaff%26kw%3Dtownsquarenewsstaff%252Cthanksgetting-2023%252Ccontests%252Cnews-nj%252Cvip%252Cno-gallery%252Cpagetype-post%252Cpost-1172924%252Chasonair%252Cdevice-desktop%26genre%3Dnews-talk%26device%3Dweb%26amznbid%3D0%26amznp%3D0&adks=2672902926&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
dc4f99ea59b85a8a679c72d2e36f1566f410c36a8c4813ebc193cea58783e16d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18540
x-xss-protection
0
google-lineitem-id
6424858782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461732699
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1389 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7c6b580528f56d5c1db3e108caa06161b383c5cd00dd2e8ca11a5e4b227b848

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D14E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76fa42cc45141bd368c2689c065f88ba8ec6755857cc62ab1ff0f645fe8f3f25

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
increment
id5-sync.com/api/esp/ 		0
0
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame B4AD 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
1105096335624456952
tpc.googlesyndication.com/simgad/ Frame B4AD 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1105096335624456952
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
ab8db044d7e690f04112aad0ec9d2e62dfb9ec530ef26bc88ce57119df1f1893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57684
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:37:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
l
www.google.com/ads/measurement/ Frame B4AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNo6AlEB_sV8ZKmmAQwiEOa92BTKRUpGGftCjcA-fdL3xrtCTpaOL2oZ35qTI4Ub9VvrUKVocvEg45ajVvMc9H8h1veA
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 92ED 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vidazoo.com&id=b7c8d710-4306-2f39-dfac-972e8eaf4593
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PE3F9R05J4PDQNSTCWWF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dappnexus%26userId%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D&gdpr=&gdpr_consent=
  • https://sync.cootlogix.com/api/user?partnerId=appnexus&userId=2158602717580314586&gdpr=&gdpr_consent=&us_privacy=&gdpr=&gdpr_consent=
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=appnexus&userId=2158602717580314586&gdpr=&gdpr_consent=&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:17 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
an-x-request-uuid
bf7580d8-fbe7-428f-ba8b-6b589e5d97f2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.cootlogix.com/api/user?partnerId=appnexus&userId=2158602717580314586&gdpr=&gdpr_consent=&us_privacy=&gdpr=&gdpr_consent=
x-proxy-origin
176.100.43.67; 176.100.43.67; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 92ED
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D%26gdpr...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D%26gdpr...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzlEMEFBMUYtOUIwQS00RTkwLUJCQjEtOEVENDg1NzA4OUMy&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
0
0
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D?gdpr=&gdpr_consent=&us_p...
  • https://sync.cootlogix.com/api/user?partnerId=grid&userId=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=grid&userId=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

Location
https://sync.cootlogix.com/api/user?partnerId=grid&userId=f49ccc6a-84d2-466a-be91-9432e41a94f1&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 21 Jan 2024 01:04:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dtriplelift%26userId%3D$UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
  • https://sync.cootlogix.com/api/user?partnerId=triplelift&userId=2227546027579844602145&gdpr=&gdpr_consent=&us_privacy=
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=triplelift&userId=2227546027579844602145&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

location
https://sync.cootlogix.com/api/user?partnerId=triplelift&userId=2227546027579844602145&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 21 Jan 2024 01:04:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cm
u.openx.net/w/1.0/ Frame 92ED 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=4241c706-9fd2-4ae4-b2d7-c9f8d34e773c&ph=f4cc9fb1-057b-4e7a-b393-325ee9109574&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dopenx%26userId%3D%7BOPENX_ID%7D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 92ED 		0
0
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D%26gdpr_conse...
  • https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3488006515469156000V10&gdpr=&gdpr_consent=&us_privacy=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3488006515469156000V10&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3488006515469156000V10&gdpr=&gdpr_consent=&us_privacy=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 21 Jan 2024 01:04:13 GMT
vdz.gif
sync.colossusssp.com/ Frame 92ED 		0
0
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%5BUID%5D
  • https://sync.cootlogix.com/api/user?partnerId=sonobi&gdpr=&gdpr_consent=&us_privacy=&userId=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=sonobi&gdpr=&gdpr_consent=&us_privacy=&userId=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.cootlogix.com/api/user?partnerId=sonobi&gdpr=&gdpr_consent=&us_privacy=&userId=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
64c1283ce8079d0513dfaade
sync.cootlogix.com/api/user/html/ Frame 92ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user/html/64c1283ce8079d0513dfaade?redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dillumin%26id%3D%24%7BvdzUserSyncMacro%7D%26gdpr%3D%24%7Buser.gdpr%7D%26gdpr_consent%3D%24%7Buser.consentStr%7D%26us_privacy%3D%24%7Buser.usPrivacy%7D
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
csync.loopme.me/ Frame 92ED 		0
0
user
sync.cootlogix.com/api/ Frame 92ED
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=563052&ev=1&us_privacy=${us_privacy}&gdpr=&gdpr_consent=&rurl=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dpulsepoint%26gdpr%3D%24%7Buser.gdpr%...
  • https://sync.cootlogix.com/api/user?partnerId=pulsepoint&gdpr=${user.gdpr}&gdpr_consent=${user.consentStr}&us_privacy=${user.usPrivacy}&userId=9PS0nlhv1IqZ&ev=1&us_privacy=${us_privacy}&pid=563052&...
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=pulsepoint&gdpr=${user.gdpr}&gdpr_consent=${user.consentStr}&us_privacy=${user.usPrivacy}&userId=9PS0nlhv1IqZ&ev=1&us_privacy=${us_privacy}&pid=563052&gdpr_consent=&gdpr=
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://syncaps.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.cootlogix.com/api/user?partnerId=pulsepoint&gdpr=${user.gdpr}&gdpr_consent=${user.consentStr}&us_privacy=${user.usPrivacy}&userId=9PS0nlhv1IqZ&ev=1&us_privacy=${us_privacy}&pid=563052&gdpr_consent=&gdpr=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-cgfmk
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame D312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3mmXw9CYl2MJbqTYY0vhiJr4ytfzSLF81A5n9S2mMAix_QNe51wno5_oNvj-lhPCb-MjKKInEIcsC6b41PFV4tdL-XaQQnfIFOWH8yQHooy0DAEDo7ZHnOVBylqnh_qiQ9sRc2FbN6EWURPUXVeBQ1YGVWjpEjJPP2OZ--zh3IpKhqifALDgtxstN-Fl26oZoaE03kUxVfiuU5DL8WsnTXdR2VNePrnW23Q5G3sSO4bhI4AG8dR89qwf9Y0eUJvKVDvQLVO1nahDYVb42HIteaWbMWR72Td2NOexkGY461g2RkcOFANWWWz03_ZgPpuJJHNV4dNRfAVrQTz2Q1gDkDeRS&sai=AMfl-YRu1skjwojaKK4xFLBn7O1o0J0wVbU1Ap3aeftjJ9-yAEpLK7bYzSUJAqrqyTVFACU9QzU2KFW9fq0O9rXGXfJ3tFjrWcr8nV93RxQ4-3Lw5Kag6PUPMxyj3Q9MjxUTetRiMOroy3OV4IG3zrrlZt8&sig=Cg0ArKJSzPWVxje5bSpvEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D312 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D312 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:13 GMT
6955135743073609694
tpc.googlesyndication.com/simgad/ Frame D312 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6955135743073609694
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
1267e59e6ef999146b80bfdf63103ea018832c46ad4dbd9ab362d0fdcbe5c1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10889
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:52:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:13 GMT
l
www.google.com/ads/measurement/ Frame D312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaST75uMJQE7YXE4FsDVf6wF4OHgFgXfpQyP3JTCV284_ylVylP53uVXCzEP7GG2FSAXfX3qSBKwxJpGhb7Pen2ydZofSw
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame BB36 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69547126&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
262dcfac3604d10ff5241abbee6b6e33fcc7877c73b01a5f6a13c9f9a619ecbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
1736
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 429B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvks2GhJb6fKZEJWdLU7KmGadGgZ_R3FDXCIjeky05RLzGpSRx0G69MOuSz6DllTIOYLuU9jBLC1hsf_lU-c_VOjXOFHi556I5hhoIy_rApoQJ1IyaE_BzyMNbBpXh2C6XYHzEIPQIxiQQYswOUfIWwvgT7SP85Pw7erQKQ3d6ZKUipVz3bdsH3DE5dCSLf1SJYujUk0hlrlwrcUG_SZTj0PZNuOqHHKxg_OixxJxfBjDxYsRRm_vTAWXCHnwttIIMyaHH8AtXYa9MpJrL597zWoGfpXwe6xKZ85uJjmUZI_vTg6GE9OCBzVYuv7BQghotTG_n4t7uHPCdOLluVcTjLWpauTYBv2__Lu1kPRFaO45lb3TINQNYKSI9DgQ&sai=AMfl-YSne0PK4Iow-cQNs7egaD3shVXi6_m19fL-UdkWVYfubKhmzd7s8S0BEVI6YRU4edovL5KT4YQEWLD73cfsSGYP4h-LjO_Gf8bNmcCWIad5dL0PIi7FUsrPazCNQg8p8Y0unZS8VAj0Kf1sm-qg3cA&sig=Cg0ArKJSzLdOBjSmnRjrEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 429B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 429B 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:13 GMT
2947049684429512504
tpc.googlesyndication.com/simgad/ Frame 429B 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2947049684429512504
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
9cf6b431763fa0fceb389b784b32b01372d7caeda6a0159e2d032e7c2cd23555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 01:04:13 GMT
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68828
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:00:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 429B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgrzJxk6oCeYgPnIvhd5yyxzzl6sM4-zJ-l5U29U7Lk2IbF62i9VL3na2WKXr_KFs3ARn3j2qZp4f5Cr12Zb5X6a8O6w
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 19:57:13 GMT
content-encoding
br
age
18420
x-guploader-uploadid
ABPtcPqngi2OSJv1kxeaFW6fJhjz865SI9vLJJ5Uzzhli4e_vDDwrrFAGcmeaAD4Sxsdk5yY2VE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31592
last-modified
Thu, 11 Jan 2024 16:26:10 GMT
server
UploadServer
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-goog-generation
1704990370811177
x-goog-hash
crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
89476
accept-ranges
none
content-type
text/javascript; charset=UTF-8
sync
eb2.3lift.com/ Frame 1346 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
88a682273b158e34339ae70bb931aa02a0581e34443c68be8aaedd26da54dc6d

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:14 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 9455 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:13 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E60 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117123
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
Mon, 22 Jan 2024 09:36:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 49FB 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 21 Jan 2024 01:04:13 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame CCCD 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
129
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
848ba45578c72d72-YVR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
Sun, 21 Jan 2024 05:04:13 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 4128 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-72.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44019
content-encoding
gzip
content-type
text/html
date
Sat, 20 Jan 2024 12:50:36 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e4d959ba5c709b88eb04934bd0d1eeea.cloudfront.net (CloudFront)
x-amz-cf-id
KqjsYaUC2eHlzFCyfGYj_5sy1fe-JH3_XS_SYv0ix1dtiVzsJ-zumA==
x-amz-cf-pop
YUL62-C2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
151
match.deepintent.com/usersync/ Frame D301 		0
0
/
b1sync.zemanta.com/usersync/emx/ Frame D301 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/emx/?puid=51151705799052744673b2&cb=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd57%26uid%3D__ZUID__
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:13 GMT
Content-Length
26
Content-Type
image/gif
enginemx
tr.blismedia.com/v1/api/sync/ Frame D301 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame D301 		0
0
match
c1.adform.net/serving/cookie/ Frame D301 		0
0
put
e1.emxdgt.com/ Frame D301
Redirect Chain
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=51151705799052744673b2
  • https://emx-match.dotomi.com/match/bounce/current?DotomiTest=510f724894b405ed&is_secure=true&networkId=46227&version=1&nuid=51151705799052744673b2
  • https://e1.emxdgt.com/put?d=d48&uid=AAAMqpaMzA6jrgNa3-fDAAAAAAA&expiration=1705885454&nuid=51151705799052744673b2&is_secure=true
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d48&uid=AAAMqpaMzA6jrgNa3-fDAAAAAAA&expiration=1705885454&nuid=51151705799052744673b2&is_secure=true
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://e1.emxdgt.com/put?d=d48&uid=AAAMqpaMzA6jrgNa3-fDAAAAAAA&expiration=1705885454&nuid=51151705799052744673b2&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame D301 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D301 		0
0
put
e1.emxdgt.com/ Frame D301
Redirect Chain
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=emx
  • https://e1.emxdgt.com/put?d=d35&uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d35&uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//e1.emxdgt.com/put?d=d35&uid=d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
date
Sun, 21 Jan 2024 01:04:13 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
aorta.clickagy.com/ Frame D301 		0
0
1522
sync-tm.everesttech.net/ct/upi/pid/ Frame D301
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D&_test=ZaxtlQAQBlfjLgBH
0
0
emx
sync.1rx.io/usersync2/ Frame D301 		0
0
emx
match.prod.bidr.io/cookie-sync/ Frame D301 		0
0
cm
cm.ctnsnet.com/int/ Frame D301 		0
0
sync
x.bidswitch.net/ Frame D301 		0
0
p-9zQtGV7AscK_-.gif
cms.quantserve.com/pixel/ Frame D301 		0
0
cm-notify
creativecdn.com/ Frame D301 		0
0
cm
p.rfihub.com/ Frame D301 		0
0
cs
ad.turn.com/r/ Frame D301 		0
0
put
e1.emxdgt.com/ Frame D301
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%%
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=EuTcCbbZzRCv&pid=561594
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d8&ev=1&uid=EuTcCbbZzRCv&pid=561594
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://e1.emxdgt.com/put?d=d8&ev=1&uid=EuTcCbbZzRCv&pid=561594
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-tgj7r
expires
-1
/
e1.emxdgt.com/put/ Frame D301
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1
  • https://e1.emxdgt.com/put/?uid=a2a4f764-8e99-415e-b1f5-293d70c57410&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put/?uid=a2a4f764-8e99-415e-b1f5-293d70c57410&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://e1.emxdgt.com/put/?uid=a2a4f764-8e99-415e-b1f5-293d70c57410&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 01:04:13 GMT
server
Kestrel
content-length
269
/
e1.emxdgt.com/put/ Frame D301
Redirect Chain
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1
  • https://e1.emxdgt.com/put/?uid=2158602717580314586&d=d1
43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put/?uid=2158602717580314586&d=d1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=2158602717580314586&redirect=https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1lbXhkZ3QuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-210-13.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
an-x-request-uuid
0d081f81-6203-4d23-b068-4050df3e066a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://e1.emxdgt.com/put/?uid=2158602717580314586&d=d1
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D301 		0
0
truncated
/ Frame D312 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caee92394ef44100f57cf90ff471fedd55c68a5b56ff620bd91a0febccb33c57

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 429B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9933e4aed02ffbc1a463a96f98fcdea7121d9e023d22de4c44aebfaac142694

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame C2FB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://syncaps.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
server
AkamaiGHost
usersync.html
cdn.undertone.com/js/ Frame DDDA 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-72.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Referer
https://syncaps.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44019
content-encoding
gzip
content-type
text/html
date
Sat, 20 Jan 2024 12:50:36 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e4d959ba5c709b88eb04934bd0d1eeea.cloudfront.net (CloudFront)
x-amz-cf-id
duZUeXRzpTjFBqwwvmAThS49Q9hT-4i5cFDyKi13-2igyC4sscn_sg==
x-amz-cf-pop
YUL62-C2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
sync
cookies.nextmillmedia.com/ Frame B18E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
6fe5475e36422db30e6f9c845234a1fd065c9c32a38079642b66a5708779b846

Request headers

Referer
https://syncaps.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
3123
content-type
text/html
date
Sun, 21 Jan 2024 01:04:15 GMT
server
fasthttp
cksync.php
contextual.media.net/ Frame 1C5C 		57 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sun, 21 Jan 2024 01:04:15 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429221422365
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429221422365
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429221422365
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
rmpssp
sync.1rx.io/usersync2/ Frame 1C5C 		0
0
cs
cs-server-s2s.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f49ccc6a-84d2-466a-be91-9432e41a94f1
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f49ccc6a-84d2-466a-be91-9432e41a94f1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f49ccc6a-84d2-466a-be91-9432e41a94f1
Date
Sun, 21 Jan 2024 01:04:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame 1C5C 		0
0
user-matching
ads.stickyadstv.com/ Frame 1C5C 		0
0
cs
cs-server-s2s.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=177f8272-30b0-4fb6-a4be-5f3821fc1ae8
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=177f8272-30b0-4fb6-a4be-5f3821fc1ae8
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=177f8272-30b0-4fb6-a4be-5f3821fc1ae8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=3e252df9-dac8-4322-b3e8-cfc2a8315d6a&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=3e252df9-dac8-4322-b3e8-cfc2a8315d6a&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=3e252df9-dac8-4322-b3e8-cfc2a8315d6a&gdpr=0
date
Sun, 21 Jan 2024 01:04:17 GMT
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1C5C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIxNDEyMzAtOTdGQy00N0ZGLUJGRTUtQkFCMDQzOTQ0RjEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
cs
cs-server-s2s.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2158602717580314586&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2158602717580314586&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:13 GMT
an-x-request-uuid
a95dd85d-7790-4b0c-bf2f-c038c9a6f629
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2158602717580314586&gdpr=0&gdpr_consent=
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 1C5C
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1C5C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=nzfBleEzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SBN4WN4T6WZHDCNX4V2Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
attachment-austin-distel-n5ihQiSF-a8-unsplash.jpg
townsquare.media/site/394/files/2024/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/394/files/2024/01/attachment-austin-distel-n5ihQiSF-a8-unsplash.jpg?w=300&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2526) / Express
Resource Hash
d129feb419ec5e7fdfcf98a6a8ec8337e31cc35ae2b8b0d33e040cde48f23935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
141659
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12401
last-modified
Fri, 19 Jan 2024 09:40:16 GMT
server
ECS (sac/2526)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
334001743
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
e6780936-bc85-48fc-9b70-019495d254c6
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/e6780936-bc85-48fc-9b70-019495d254c6
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
map
bcp.crwdcntrl.net/6/ 		0
0
container.html
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E24 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 01:04:13 GMT
expires
Mon, 20 Jan 2025 01:04:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
onetag-sys.com/usync/ Frame DE26 		0
0
usync.html
eus.rubiconproject.com/ Frame A219
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame E5F6 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
15874238783061330568
tpc.googlesyndication.com/simgad/ Frame E5F6 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15874238783061330568
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
6982bc272051cc5f99de59d15c870cc19f884fec6a2789ae5a559c64897f22bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 01:04:13 GMT
date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87836
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:37:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame E5F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4GgPcjjq7RKhGmiXkAIcQUde6qTClCiTfcFXuKGTteWkivahVAgc1LFkG6-KBeSqwB2Hze0rWpeDWjiof2mHL8b1hQQ
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame BD90 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
sffe /
Resource Hash
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 15:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45646
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 15:57:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B4AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1NRvrKlvFYiqBPBJInakpo45KEB4YlL9kZXWFD5gwyY-kTswHafsm8Bbz3CIJkzZHk6GXsnSsJ_PqxUPg4v148NrugD0MxMpxry9yullZRVIyv8boMdfRL9rdD-Af9E33tBHrHte3QRHtfgtHuLNC5zPpR9nvZ27_3ymGbUuTwurwsmvJUiXElvID0zwjSxyRoDPVKxgPtAxwkZ6veYGQr9DMHOnAdD4qXxb4rC70l-cy-KEqVDB8uLwBbo9LdjUNlrps_vSTLRpR-u_WUHqUnLqTk4xlnihNg54IhSjSm2gDQ3VrV-oNFOeZuGi1y_aFwAYbUZd3UocyFVyqXKc0u1xb&sai=AMfl-YSnn7arngUYSaDlxN_kIJD4n_mIW4H7EO-5EFqu-juDnmHKNUYLiq7FtrfL99838c-WU_0IAJjapQvLmt_XFSCHOEvDQJE-MeE8C7zYlh1hlqAf2A48AU7UIPeQ_AN0iWM7GBvbrUb9mfX1HWElLg&sig=Cg0ArKJSzFY-SQqV_2UQEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B4AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B4AD 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:13 GMT
l
www.google.com/ads/measurement/ Frame B4AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNo6AlEB_sV8ZKmmAQwiEOa92BTKRUpGGftCjcA-fdL3xrtCTpaOL2oZ35qTI4Ub9VvrUKVocvEg45ajVvMc9H8h1veA
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 9455 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62120
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
truncated
/ Frame B4AD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
132c8991d901ec97cc0e44996f0895e9d1d3b040c31390347472acd6e58f4805

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D14E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhgLEdM-5u0vpp9OYo7Ml_XsFQ8d92UfkHlmCGj35jJHrQkRXMavlxWEfekU-6UhT5t3fdCHKIFDgWlcLTsZnqijYhrzLl6mD8XmSxhvlr4C1Cu60g_fAhQJrvtB2ek99KbJH7iBhBXqnL4XUqcIZQbWc12T9kBd4wQ--dcYPaC-z-42Q77KCDsakh57e2p6l0LqL0OfArwhHOEK_miJLJZfr30E0PbKbuySvnWBdrFyXgjy0Lnu2kAfjaqchy2fXu7Putd_E1QEiaLzoamtckVB2_4fAbuT6UhGT3wU56ere4eZPuf6sn9rDzLXS7YryvJuUNX5tTo1-1O81j3ICx0e5ZlHAeZwnoW0zLH7H5FMOyxC_86dUYN9rNIK6W&sai=AMfl-YSdQS1t5LnMf9kl5KmdsR0b_4v29lFkvjvQpXYOu29METCHPtTcXqPxILnQ95ws9FRmcDDRmyp42OMlHS_7x1T68uHPwWHhwwUxNZM0xEw1le8wRexU9vuJ6EB9ruYANcI4CL61n1GczzKIU8Cntv0hXbkzuh08ymrXhmTqSLbHeBXnP0EUlVe7-RVSi2gqgcfyE7fxVEprXhK0dxflL3VdVcM72ELAyywJc93JBBTxZA&sig=Cg0ArKJSzNkNs7Kl3IuPEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1389 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2_xAFsTHwXeHtio21xWvkGd6jS5NhNWUnbi6mnFTgPkWfr-FgKxKsgnqkYn5Tqk9cogGUmHhpnxLPEGWvorXQnUlzAxrfcyQUDHsBkrMPyp4sPqnxL3A5b6nocpwbq5Oc-0PhVupXbFrlF7BchWrbdruRyMMGGOCHOtAXEst40ktL2qxhW7QVEerybAIB5ClzzRJKK2QNB05aPM9y2FScKrbM-ADK9SyVYYZa_K5eRvACXN4F_bef9p4y4amW-bI_5cO2ER75ksiNE_LEbpgqkPSqBzc3etBysQrRpKe1auB7lH09HnRTSofSss41h5vlrRUuiqQz-GHFvPNKX01MYJNkumuhhjeYZiWJmg&sai=AMfl-YTpCVLiSv0ymaEssJF9hnsOoU-YtdofHUcRiGTmellxRQAMvcMM_xHPqHhDvY_erEmp7stilLsVSinJf6vL5ZC9F52xFF0rk6_bojbcBTQE-rDL4v1cG5M3fQuT1ziAREF9haiYmsJzS76LTUbmSEP_DWTogED5Gve4dTZwFj4MCL6JZH5jnYkXuacLJvve8DE-GTtiwoRReKJmIUH0Efh04UWI9CmgAio2cBuP-v6MFA&sig=Cg0ArKJSzCekAiFhGnxyEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:14 GMT
khaos.json
token.rubiconproject.com/ Frame FEC6 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 55C9 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
13039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Sat, 20 Jan 2024 21:26:55 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 11 Jan 2024 16:26:08 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1704990368356821
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ABPtcPrnuvHhIlCvDjvGY8ECdlYcuaSijQ9qutY9Gn2ac2TtqgfUNZy9t6EfAMJ3WoHGHzggX2E
css2
fonts.googleapis.com/ Frame 9E24 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
URL: https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:53:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 01:04:14 GMT
css
fonts.googleapis.com/ Frame 19BA 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:35:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 01:04:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19BA 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
16812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:24:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 19BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:34:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
16206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:34:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 47B4 		143 B
272 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 00:24:01 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 19BA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
16353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19BA 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:14 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 19BA 		0
0
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 9E24 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
URL: https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:18:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
17174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:18:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E24 		0
0
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E24 		0
0
grumi.js
d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/ Frame 9157 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-90.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
14845212982284190183
tpc.googlesyndication.com/simgad/ Frame 9157 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14845212982284190183
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
b109b99892f49498dabf4253aaea738fb8390ef0921fd343f079327a117c9448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79337
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:00:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Jan 2025 01:04:14 GMT
l
www.google.com/ads/measurement/ Frame 9157 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7DAcme96ECd37yo3hUEiLty1r1lwdu3gGrE9EydJQSMx3QFqJD3X1WbYJWRc5VGHEPio4wUyw1uKKzuEdpDzageBb4Q
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 429B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAtlxuP52jXXIJHPymM3l_HDDPObFWU2FlQl2ySgR_6ILssTI-JSMxjNINLUZc_8wQs-VGx-SvVNsNsGQkYNLNi7lRM0HQ4H5H8uYbTYw3DkrRjUhKsELl-204EkoSKbIOR-ziePJbN9KBLnffJI66idKc2yigK7sw9MaydSNnUtmn7qo2ASpjsSnKQBxn43oiSBjYc5JrzrGTYvkfiun1mGAsh6ILgsfXdpDX_tbTCdVnZP19wkwH7UE31O6OH5eHCu_Uf0tCNKngd1zJV_w1OZqbCRclrjrPYdKgVWnL4ESbFVmGkzaKf9XPCDqAIiA0ANhcDpjshrpLHfCZS_D05lA9XMh4msTpKarB5ZujI913LrRpMgLZUZJUk9Ut&sai=AMfl-YQlxbLwszk-iE5X9VxW_mJ_tEHm_yZCUgxWXvWHLOyeb0IRokeaeDlVxlkGD5yBoXzi1A4ZkEOgLew0yg-AiaTq39C-RzPiZ4R9rRdB_f85n5kT9pUL5P0WJpu-NIb4fAOcyDCgPQuIm2p2wGU-YUE&sig=Cg0ArKJSzPje7Vzy8Z0dEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B4AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt32DwSjuvFAInA_GrEkoKN6FnvUTESM0freZh-t8rcAo54IKKEeZ4I49wTqk-tXEIMS2-hX_qVpzsV_uwLy0wc3meViv_9o0ELEwI0liy7twHOyQTL59CEgVEusIrGf-sExlL5T5Y8hRLS9dSupzZsizfIWz5ejntbo_R7-8AFzlHBVgvZOF4wSN4aZohcWDvFN15zuWzImet3m_WaEH5NyCYXC7PIaDee8g5HLSwHnFXC5gKGHc3O-1UPt2rboCIeR6nXulI2XbNiMJzOvg6y04N-7fSP8VM-gf9yCV9SYIdirEf7juNpAN_1OqqNFhPip8pRm4Aho4oHfPFyIWT_vH9Y9M&sai=AMfl-YRCJpepQwD0E5fXIQLeQ8nCeeXY0TmlaCp8ua5wZ4VlL6KZucfZD2qiRi-Jrf18jDiETrtVvd0tabx4FiouKZvZGn-iwU1BnQJRYs7iwHM020elAjuAYgBRBK3e4rMWwHQgTBxqZPuFY8eTYm5wEA&sig=Cg0ArKJSzEbbJZQLZg0lEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E5F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2DqaxMSleSYFgycxCR0lme1zhMCmzVOagdfZxP4_pdkYdTB2VU-O0t4vV4_znI9uM3qxQ2TzmXOVSJ8rCIXRMSOUbbX_ADuNxw1LLoYueF2bry7ZF5JUmjl75lfnksVJZnMork7mMPB96Bjx0jhUZJ5mEwM8bcg7q5ut90VS9zgWNnQoRBObGSmv2FOMhA0PNMsziPJ0pNadq_OGZaA_iXxly1KSEiie4baDUPyr42XItoWTzxAf7NOo6ntuN8UpADzniQSvOk3pbOeR205IoCLVLzHwMq4E6z3bjmfdDzFHz4wBNKk3bZM49QSk_1FUzmawmhMQe-bGHsdHyuGRnxeIm&sai=AMfl-YSOnw0PO2gwh0Dumbqu4YiYIEedurt8bKsMSPVVoFP_RcrY5FcaSleRfvd7VlwGNehYxPGkR_QU4-4qvgRlHXWi-RQllc8DJEu1Lc2HnzjZWsJXVfodFAWVmSBMLZL5xU71BnHcRnP6yj_m9o6iUuM&sig=Cg0ArKJSzGbZLHv5om-CEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E5F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E5F6 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:14 GMT
l
www.google.com/ads/measurement/ Frame E5F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4GgPcjjq7RKhGmiXkAIcQUde6qTClCiTfcFXuKGTteWkivahVAgc1LFkG6-KBeSqwB2Hze0rWpeDWjiof2mHL8b1hQQ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame 2503 		0
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848ba45d0ad161ee-YVR
content-length
0
date
Sun, 21 Jan 2024 01:04:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQsgUfunCifsC8HnfXUjejD2xGFRZ3StAXHuYMIXI2szVjaTKsFTQJUhS987JATqDL0MS%2F6%2FLWjcyhE1GkHKKbFZVysOQDOoepu%2ByRi%2Bg%2FAqVbX%2F%2B5NS%2FDh07ZHoL5Thq9Ls805mv9v49w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8909
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 4128 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 4128
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
date
Sun, 21 Jan 2024 01:04:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 4128
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
date
Sun, 21 Jan 2024 01:04:14 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 4128
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
SPug
image4.pubmatic.com/AdServer/ Frame 4128
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4128 		0
0
sync
usr.undertone.com/userPixel/ Frame 4128
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
date
Sun, 21 Jan 2024 01:04:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 4128 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=e995d7df0350411f9a7273a8961d4bed
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.221.222 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-221-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 21 Jan 2024 01:04:18 GMT
ibs:dpid=152416&dpuuid=dtu59l6mqhixbctegh3fc3sod
dpm.demdex.net/ Frame 4128 		0
0
15597
tags.bluekai.com/site/ Frame 4128 		0
0
403716.gif
idsync.rlcdn.com/ Frame 4128 		0
0
usermatch.gif
beacon.krxd.net/ Frame 4128 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=dtu59l6mqhixbctegh3fc3sod
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.240.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-240-117.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n005-ash-prod.krxd.net
date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1705799056
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
receive
pixel.tapad.com/idsync/ex/ Frame 4128
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%2C%2C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=d5c1858b-b124-48d5-9415-d9037347e96b%2C%2C
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
359
/
loadm.exelator.com/load/ Frame 4128 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=dtu59l6mqhixbctegh3fc3sod
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cm
us-u.openx.net/w/1.0/ Frame DDDA 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame DDDA
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ptfXMWtE2uE9ShmoAGCauMhqatbD.KWI~A
date
Sun, 21 Jan 2024 01:04:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame DDDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2a4f764-8e99-415e-b1f5-293d70c57410&ttl=1708391054
date
Sun, 21 Jan 2024 01:04:14 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame DDDA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
SPug
image4.pubmatic.com/AdServer/ Frame DDDA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DDDA 		0
0
sync
usr.undertone.com/userPixel/ Frame DDDA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
date
Sun, 21 Jan 2024 01:04:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame DDDA 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=e995d7df0350411f9a7273a8961d4bed
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.221.222 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-221-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 21 Jan 2024 01:04:18 GMT
ibs:dpid=152416&dpuuid=dtu59l6mqhixbctegh3fc3sod
dpm.demdex.net/ Frame DDDA 		0
0
15597
tags.bluekai.com/site/ Frame DDDA 		0
0
403716.gif
idsync.rlcdn.com/ Frame DDDA 		0
0
usermatch.gif
beacon.krxd.net/ Frame DDDA 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=dtu59l6mqhixbctegh3fc3sod
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.240.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-240-117.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n004-ash-prod.krxd.net
date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1705799056
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
receive
pixel.tapad.com/idsync/ex/ Frame DDDA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3484&partner_device_id=dtu59l6mqhixbctegh3fc3sod
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
359
/
loadm.exelator.com/load/ Frame DDDA 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=dtu59l6mqhixbctegh3fc3sod
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
usermatch
ssum-sec.casalemedia.com/ Frame 9652 		0
688 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848ba45d0ad361ee-YVR
content-length
0
date
Sun, 21 Jan 2024 01:04:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qnONJNp56BZ5zrOTmdEfQU%2FNSt24vZ5%2B7YejoGrEDNs0iUL%2Bk2DMmczIf%2FNYBmH6tc%2F7hqZHqrBQeo%2F8Bnb4GODpks%2FmN1m7zxga6al4QuQWSqmNtHYAvwCMAKacyp0UeF7VGCSlIfILQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F446
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
user
sync.cootlogix.com/api/ Frame DDDA 		0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/user?partnerId=undertonenew&userId=dtu59l6mqhixbctegh3fc3sod&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=59&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dundertonenew%26userId%3D%24%7BUIDENC%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26us_privacy%3D%24%7Bus_privacy%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
0
access-control-allow-methods
GET, HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
view
securepubads.g.doubleclick.net/pcs/ Frame D312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuuTcaQrimUyzhZmtR88zDrRiPxyHJBKwG8P1H4hbkiv_7g_3c0Mo604Mzi9rcihBveUM1EziMVXY9jRRgrNbSMsPJ75Vyz_DZJmvUqubAHourd9p-llWIEr5I-s5Mo_BtzB4ealMpNaZTXKfneAdbb5frILc6NRsJmoia9bFyRR_iMgRZxTb2I8L-ROQNwI-AG_AwQTOU8fCc1VzSl4aXuQGhRCqEOzIIgH5tyPVzKqp6p-qWvEDCfWzOtOVRsjrH8pKr3GLth9Hjk6pdBBxSdGMdF5UYpuqmsJ1tWhQNkKZlwHnRDNg8wzzsi8UwjKZERQLeUCZbIQEA6A4_Xl5J2sytYOI&sai=AMfl-YR1aAT5zVmLVe-USUdj05ByGVNCsl7t_bJ2rik3ReSC0tvP0xLBE47Fxq9kDOy2WZm6j3EMOIkd9cU9sw_4BIKCdYU_FaWE1MIwR54Y2Z3Ztt41Ch_dA3Ktt8MPd-fasonMP1mlkmRTYfsRVhfk0xM&sig=Cg0ArKJSzCEQHJolrdaXEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:14 GMT
truncated
/ Frame E5F6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e5a008c9ecf2ba88cb62c0467b51f3ae26833a276dc5700b2727a12e16b5689

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9157 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOpdKSQxpzeiNC27gl9MuKi6vezU_o6uM0z8mM9bLJJSDHdN74-DmKmkw20Qnl8nGkgt5H94ht9f3MdoqpDXE4lQzp5LKD-lZspnfJVjP0odflSkYZ98Sdc1582DI9siBoof_q8JEk6ow06Gp5ej3ZNMVu2qxGY48-aAQDeD17NDgtoozdEtYcohum_WZI-bhEKz3M0vZ7H8CB7U3aimv7AI2UBc9YhBSu0AqIx23gJN9Sjfw2An2Sdzl2uMfV0RtZWfruB4XUsCllGPf0wpMAkt9zF1AeTEGjGbYZgPBNAftBX2rxA3YYIk4LjkUHmAn8AQ0jPgh2mKLF7XIrmGjAUlW-kmJh1j8x5etd546xzIb5tHsP9-NpL7GTXg&sai=AMfl-YSswskjyUP0H9rhRI-Osg9XFKNg5oloXU2DpY2To4EmeMzJzykNvDWEJgb9p0QUNXhfU0sJzEeRmoOy855HyFvh44RCua8D7n3eoOpN-zH-n7d5zurPf7lDKl_phUzhbdx5_noaJi0NXiqP9fFd-mM&sig=Cg0ArKJSzNMKeTXf6W83EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9157 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
16361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9157 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:04:14 GMT
l
www.google.com/ads/measurement/ Frame 9157 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7DAcme96ECd37yo3hUEiLty1r1lwdu3gGrE9EydJQSMx3QFqJD3X1WbYJWRc5VGHEPio4wUyw1uKKzuEdpDzageBb4Q
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1180od816jent/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
truncated
/ Frame 9157 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c5bdf9ddcfd8b0db942440b90a7e7bf72547b9d4f53f29e0b15eac0f197fbc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
esp
oajs.openx.net/ 		0
0
init1.js
api.bounceexchange.com/bounce/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=732&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGAVkIE4KzSAmYgNk2AC8QoAWADmMwHcApgCMcqYAID6qACZRSAZlL5MAJwE4QAGzhoMBBsWIAPfPV5qYAlWpVRsAQ02bUCAOYS4KzVAAWwYAAOOACk8gCCwbQAYpFRCGD4xPikAHRIIAC2scA+9ggA1jiuAv4urgC09LTysaFROhkSGp5IAqEAIgDK9qiaOSpwkQwNEhkC0qhwWfLtAhk9mkMjSPYZAT2uCB0AcgJ8OJol4iqRdMQAshgpp-TbIABu17Rn+DXPtADCN8RVb8PAjWO03aYSc3wAao4ZN8AKo4Kw4TD3VCiYASdIgfKoARQYKEABCkVomgCRNCEVotD8gRCz3CNxi7ziCSSqXSWSZOTyhWKpTclR+bzojIU9QBTRALTadK6C36g3e-0aYwmU1OMzmCxuSvRq3WqE26vau32h38VhuZ0uCCedDOd0elvorydX3eZ1+2pGQKNoMW7vokOc0idxDhCLJnyJJ0p5MjtDx7WwIEx2NxBKJExDsfplNohC4+A4HGI8i4DC4JdI1FoBkjbtoyOzCfCRDIlGopG45cIJcTSPsKhwAG18gIAJ4SPggFTSHASGCShDSAC6sEc8IHQ+H9gCAQkwBU9hgMFQSAkATU8IQwDXMA3AmTqckoBAEk0g+K680m6EASgvAlP+w4rpgATAHgyZrM4eStAuH6uHY9y5FAQA
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f59bdabe1771a324e969402a1389f5538f3ee6ecb0bf005fe74efa8c7c8d12f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sun, 21 Jan 2024 01:04:16 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
c
ids.cdnwidget.com/ 		442 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=004073014&GCS2=&pe=false&wsid=5351&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A5351%2C%22loadID%22%3A%22yq3AjIqSk7cE6SH%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A527%2C%22IDStageStart%22%3A527%2C%22obsReqdata%22%3A1777%2C%22obsReqview%22%3A1790%2C%22obsReqpage%22%3A1829%2C%22IDStagePrefire%22%3A2742%2C%22netComplete%22%3A3570%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-8%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%222781440386840590260%22%2C%22visitid%22%3A%221705799054886740%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.20.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.20.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d40752df6f4d530e7772ee322c7245bd56641cd478990961b7c1c64c5eac744e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://nj1015.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
442
si
googleads.g.doubleclick.net/pagead/drt/ Frame 47B4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
URL: https://c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 01:04:15 GMT
expires
Sun, 21 Jan 2024 01:04:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
5 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
172.64.151.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
en-CA
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
848ba4695aba6069-YVR

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WKXWFM&ncv=24
access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
848ba466feb36069-YVR
content-type
text/html; charset=iso-8859-1
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
5 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
172.64.151.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
en-CA
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
848ba4695ac46069-YVR

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin
*
date
Sun, 21 Jan 2024 01:04:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
848ba466feb56069-YVR
content-type
text/html; charset=iso-8859-1
17fd90b7-40de-4095-ae64-8861051e9a9a
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/17fd90b7-40de-4095-ae64-8861051e9a9a
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pushly-sdk.min.js
cdn.p-n.io/ 		272 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=1MWvTN3FkUAy4vrMcw4AXQIkp6qMJ3RlVc2f
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6174ddbc7070a222ed3c8ee788f6a9ef1bb7be5c4d66660c17f476f4bf881dad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
content-encoding
gzip
via
1.1 7953c31b7650812341d5a358487e2bbc.cloudfront.net (CloudFront)
last-modified
Sun, 21 Jan 2024 00:40:27 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
190
x-amz-server-side-encryption
AES256
etag
W/"29ed425576c316237e028173a0692768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
AoFoqC9WExzju67Z0bDvdVJRxhpLC4kjgV9PXyVlIegCNJ63nNlSiw==
AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wrqNMRaf9gon6nLvfVbrfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wrqNMRaf9gon6nLvfVbrfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
12940968-504c-4b4a-b6e3-571d361d22b8
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/12940968-504c-4b4a-b6e3-571d361d22b8
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
1dee3a7b-5085-47e1-a6ff-d05d156ab43d
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/1dee3a7b-5085-47e1-a6ff-d05d156ab43d
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11399
x-xss-protection
0
server
cafe
etag
11747613320577944511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 01:22:06 GMT
adchoicesicon.
fundingchoicesmessages.google.com/f/AGSKWxXgXGPP7NcY6EebDXZa5nABuBUXjm2qZOpyJmmkvArAvdj06Yequpj2OJ5pmNyicYLeIDVfXH0ZRQvoGuRRF6Jy0u6aTQrz-L4bLeUKOLXdGf7YuesbIrgLJrBR7mpyYP7U2unjg5dkIR7Xulr6q0EYlJ7Np... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXgXGPP7NcY6EebDXZa5nABuBUXjm2qZOpyJmmkvArAvdj06Yequpj2OJ5pmNyicYLeIDVfXH0ZRQvoGuRRF6Jy0u6aTQrz-L4bLeUKOLXdGf7YuesbIrgLJrBR7mpyYP7U2unjg5dkIR7Xulr6q0EYlJ7NpxiqmmWgUI9yzxzhLLFwsfHxs5Eo_H7I/_/ads125./framead_/728x180-/bennerad.min./adchoicesicon.
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
1118d42f04f16e296250f63cb208424588e576c756c1452508e4c2fb8956631f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_Y3udF_l5Zc7r1gE6aANzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_Y3udF_l5Zc7r1gE6aANzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
c3173f6d-c78d-4913-bf2a-e018f2de44c8
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/c3173f6d-c78d-4913-bf2a-e018f2de44c8
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pubcid.min.js
townsquare.media/public/resources/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/257F) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
A
date
Sun, 21 Jan 2024 01:04:15 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
age
53565
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:25 GMT
server
ECS (sac/257F)
etag
W/"e26f-17880ae892d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
359555455 353649985
cache-control
max-age=1209600,s-maxage=1209600
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame E5F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFbhvHTRqIrQjmWOxMFElCsUhUv8-BgAYBrJ-AyZhtq2igFNUHJmgB0ID6IuxhalP1ydJ9rfuWZGurKpltHX7G-hYlHvvUHg9-Rme6gl9MwDhis7bk-kLd6hDHO1PZqzVSPqkjAE7vUNxVmXQO09MRHLHFiE0-f4GQQkcmVQAg29h9P9NX1erTKsxSrLWIgxmKLmL2sMN9VV2F0LJvsKFSkxb7OiI1eNOENxvOrm_EJXL9D1oS9k_OXBqRNRlS50_4yFpftcLyTXVrITAZchs24t6B-YU3pa0z_G6YOtwix3h61eKpye3Ro9f6yDxWAUNdg5IijFesLkNBdjYxtdtEZHWHEN0&sai=AMfl-YQipIzwmEXJn0tKyRyZnwngN91A2cLkK4w97M6rjxO9h2_fcm_lTKg6_foaKtoq1dVQ41yxCIixSfQCH4qBBD4CCJJGOgFMqYfcPpVJDyRTv5U5eXpMVnD58RJKngmKOW4HjCCcr1xbV2tvz4JEQJ4&sig=Cg0ArKJSzJEqrvfstG6REAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9157 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPcf5VFSKuTCt7S7qVsqT7VXZtUJbJB9rpYje6rFXkcUZykx1xH82YWXxFmm2ZPYwMZAy10ar5YRLbQ1bNBOFFf4ErhOQ_SuHupBdCSorDaZsmnHNUxGcg8-0qGVAMBPa4GKumuqghUOmtuZXokeqgHaBgfNr9QpoCrAGirflJpudatdJumNqXB_fepna1q1BTPk_l5ieq52F0Aff1xtQ0CTIXuFES0AANEBnr5b0dzkY0B3-xp6uQXylQCT5ZOtpiOpTcxxakCk-Ee4lYW7vr8Rv3iNGMRSTZLYjNJh3hA_FYBEjcgSendW0ua32yWp5MuOH3_TPoR53y9q2u4efpGzSco2grkc1J4qr6JEWI8zjqOjl9jmyd_GeleSra&sai=AMfl-YTJBuFNIh1an9jrhZoGZFqCPjBk3XxYMpL_vz4SlsXJlFmD_yrAB-o2szGSyWtPhM5wiCeDaRK0_UoKefxNXddvF6jmJKjX3WtUX2ur66Eyj66fS8XTRTWU3qFRoxLjOT0NYcDGKHDhUCdoGOgn6jU&sig=Cg0ArKJSzHHIb1E1IDu5EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 01:04:15 GMT
ecm3
s.amazon-adsystem.com/ Frame FEC6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JSMPVSZ8NJ0PAZVREWMG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
dcm
s.amazon-adsystem.com/ Frame 741F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DBP261BKZ6X5QR2AQC48
ecm3
s.amazon-adsystem.com/ Frame F9A8 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MS4VDGM9GV349TS7FEYC
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Lf9Nc6hFRZKCLYx_47i76g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117120
accept-ranges
bytes
content-length
5622
expires
Mon, 22 Jan 2024 09:36:16 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame BB36
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2a4f764-8e99-415e-b1f5-293d70c57410&ttd_puid=9eae9650-165b-4b8e-9ce6-40df53c1e893%2C%2C
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame BB36 		0
0
xuid
eb2.3lift.com/ Frame BB36 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 21 Jan 2024 01:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame BB36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkRGRjRENzMtQTg0NS00NTkyLTgyMkQtOEM3RkUzQjhCQkVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame BB36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOGWgF6_VPuIGq-3b_i7OEQ&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame BB36 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BB36
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:15 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
355
2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BB36 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2DFF4D73-A845-4592-822D-8C7FE3B8BBEA?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.40.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-40-85.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I_ofHTsr9JQ8m46TgW95Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-I_ofHTsr9JQ8m46TgW95Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nj1015.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1346
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2a4f764-8e99-415e-b1f5-293d70c57410&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a2a4f764-8e99-415e-b1f5-293d70c57410&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 21 Jan 2024 01:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=a2a4f764-8e99-415e-b1f5-293d70c57410&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 1346
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1346
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF6DzX_SS5r4ZVbEXPaEHoE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF6DzX_SS5r4ZVbEXPaEHoE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 21 Jan 2024 01:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF6DzX_SS5r4ZVbEXPaEHoE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1346
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIyNzU0NjAyNzU3OTg0NDYwMjE0NQ%3D%3D
date
Sun, 21 Jan 2024 01:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1346 		0
0
xuid
eb2.3lift.com/ Frame 1346
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2227546027579844602145?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-r0o_kSFE2oSX3TY0kIePUc8Y4JZPGXM0spQqOzQSLw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-r0o_kSFE2oSX3TY0kIePUc8Y4JZPGXM0spQqOzQSLw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 21 Jan 2024 01:04:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 21 Jan 2024 01:04:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-r0o_kSFE2oSX3TY0kIePUc8Y4JZPGXM0spQqOzQSLw--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 1346 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 1346 		0
0
xuid
eb2.3lift.com/ Frame 1346
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2158602717580314586&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2158602717580314586&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 21 Jan 2024 01:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
an-x-request-uuid
e3eb8cdd-dd7a-40bd-95e9-e6d052d5f99e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2158602717580314586&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 1346 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2227546027579844602145
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
an-x-request-uuid
b7f870aa-d280-465e-8d90-24fce0864ab9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0794
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dkdZNW5QZTNsN0ZHQklGQU9VaFlIQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAJbIw5kf2u_LRv6YlUJJfI&google_cver=1
0
0
current
pulsepoint-match.dotomi.com/match/bounce/ Frame 0794 		0
0
ecm3
s.amazon-adsystem.com/ Frame 0794 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=7pxEk39WTewt&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RXPS0HJRH86SSMCTK4A7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJNU1BMRkItMjUtSEFQUg==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqHCtmqvNSAYy4AMbdfZ3A&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNU1BMRkItMjUtSEFQUg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNU1BMRkItMjUtSEFQUg==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNU1BMRkItMjUtSEFQUg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/en4CuXuoH45jLkahuRMIAcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-X.kAtRFE2oKdOlaA_QYcVicgjqNWMLc_jZPqZw--~A
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-X.kAtRFE2oKdOlaA_QYcVicgjqNWMLc_jZPqZw--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 21 Jan 2024 01:04:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-X.kAtRFE2oKdOlaA_QYcVicgjqNWMLc_jZPqZw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FEC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8w8DDYpNkI1bIK-zVNj4I&google_cver=1
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8w8DDYpNkI1bIK-zVNj4I&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8w8DDYpNkI1bIK-zVNj4I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMSPLFB-25-HAPR&us_privacy=1---
0
0
tap.php
pixel.rubiconproject.com/ Frame FEC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=&expires=30
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=&expires=30
date
Sun, 21 Jan 2024 01:04:15 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame FEC6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bqepVRFjQDWMHG4fjW0DgQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bqepVRFjQDWMHG4fjW0DgQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bqepVRFjQDWMHG4fjW0DgQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9Q51SKWW3N9NW0NMQD2G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bqepVRFjQDWMHG4fjW0DgQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZkNjM1ZWRkNTVmNjI2YzMyOWVmMTVmOTA1NmZkZWIzNmI2NjU0Mw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZkNjM1ZWRkNTVmNjI2YzMyOWVmMTVmOTA1NmZkZWIzNmI2NjU0Mw&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZkNjM1ZWRkNTVmNjI2YzMyOWVmMTVmOTA1NmZkZWIzNmI2NjU0Mw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame FEC6 		0
0
ecm3
s.amazon-adsystem.com/ Frame FEC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NJAKZMGWQZYE441DDJXV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRMSPLFB-25-HAPR&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
rp
match.prod.bidr.io/cookie-sync/ Frame FEC6 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FEC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRMSPLFB-25-HAPR&us_privacy=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMSPLFB-25-HAPR
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMSPLFB-25-HAPR
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
DMbTxu4YX6F8NofhE5jKsVRPDiBKr4GbDKDNNqxr-23fa_7Ip-wSww==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:19 GMT
via
1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD89-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMSPLFB-25-HAPR
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pBUVgIQiXCYFvDBux86V1HWT2pMUAIfXgji4wHS4T7ygpzJaZZdr8g==
magnite
prebid.a-mo.net/setuid/ Frame FEC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LRMSPLFB-25-HAPR&us_privacy=1---
0
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
setuid
ib.adnxs.com/prebid/ Frame FEC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
an-x-request-uuid
ec160c2d-424c-452e-9cb8-67b2a4e86bdb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.100.43.67; 176.100.43.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
cksync
hb.yahoo.net/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRMSPLFB-25-HAPR&redir=true&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRMSPLFB-25-HAPR&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kS2NLWG9ORTJ1RTNDTENmQi5xYUtQOXU3TjhqanNCQX5B&ovsid=LRMSPLFB-25-HAPR&dpid=58160&us_privacy=1---
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kS2NLWG9ORTJ1RTNDTENmQi5xYUtQOXU3TjhqanNCQX5B&ovsid=LRMSPLFB-25-HAPR&dpid=58160&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.55.60.26 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-60-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 21 Jan 2024 01:04:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 21 Jan 2024 01:04:18 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kS2NLWG9ORTJ1RTNDTENmQi5xYUtQOXU3TjhqanNCQX5B&ovsid=LRMSPLFB-25-HAPR&dpid=58160&us_privacy=1---
date
Sun, 21 Jan 2024 01:04:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame FEC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRMSPLFB-25-HAPR&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FEC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRMSPLFB-25-HAPR&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRMSPLFB-25-HAPR&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame B4AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstteLq_k_isKAlCibO0UTYqcVfDNb3gN9j0wUnJxpawNuLEGKzX3Vwg9iD_str77Hell61bJPQkGzrgKdWKOA8NTaGeadjqzUbShxdcx89E0nDpad3i9aqPa8HsNJ5T5RPOrHuwieb3onroDejp6fkFjIxr&sig=Cg0ArKJSzLD2WWRttJSwEAE&id=lidar2&mcvt=1000&p=10,444,100,1172&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=516350904&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705799053504&rpt=1171&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
sync.cootlogix.com/api/ Frame 8C21 		0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/user?partnerId=nextmillmedia&userId=&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
/
hde.tynt.com/deb/ Frame 6151
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
fa4404c323dc19cf57a7e76328cb590ac7cb580dc803a9d4cc6d7048821979af

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1656
content-type
text/html
date
Sun, 21 Jan 2024 01:04:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 21 Jan 2024 01:04:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
0
prebid.a-mo.net/cchain/ Frame C6D1 		2 KB
1017 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
3d1953abca816f38b0b1d6e2f04c3a4b8f2d1d056e22da1939769063e1a4b755

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
625
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 01:04:19 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 83AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=2158602717580314586
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=2158602717580314586
86 B
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=2158602717580314586
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.39.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sun, 21 Jan 2024 01:04:20 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sun, 21 Jan 2024 01:04:16 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=2158602717580314586
server
fasthttp
https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame C37D 		0
0
usermatchredir
ssum.casalemedia.com/ Frame 370C 		0
0
/
csync.loopme.me/ Frame 7EC4 		0
0
setuid
pbs.nextmillmedia.com/ Frame 0858
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
0
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.39.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sun, 21 Jan 2024 01:04:20 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sun, 21 Jan 2024 01:04:16 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c6a1112b-5ec0-411a-8475-c3bf810e0c26
server
fasthttp
ImgSync
image8.pubmatic.com/AdServer/ Frame D634 		0
0
usync.html
eus.rubiconproject.com/ Frame A595
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 998F 		0
0
getuid
eb2.3lift.com/ Frame 6D09 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Sun, 21 Jan 2024 01:04:15 GMT
AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0z2NFmgIFii2U-QDkmMRyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-0z2NFmgIFii2U-QDkmMRyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW46nW6NZ2ZD0s51O0pGGx_7v9x0u15kmbSPYMjGe7msfSiGyGFyqkJXdbJAoUtq_93GNThtuUxRio1j_MffuH_si6_IS2qvmrO5OZBY_cwJoG624sROvi_-3Xz3FItBKO77Fwkw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pqaGm6YcgD-97b4Aiq6bkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-pqaGm6YcgD-97b4Aiq6bkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pbsync
ads.yieldmo.com/ Frame BE36 		0
0
1cadb57e-42df-414d-a0ed-fc831d1f0459
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/1cadb57e-42df-414d-a0ed-fc831d1f0459
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
AGSKWxWdrhjIj_2xQxAhgU2grEwnb052qZukC-8WCLYftBx-3vCuAu0KIZrmsKlQHoyPK3_xRFdt74maOVn3t00qAUW70r_3LRBJIl-78V_nv1-QZdI6gCIq0yU6Ha5trliiBFOyRP3IYg==
fundingchoicesmessages.google.com/f/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWdrhjIj_2xQxAhgU2grEwnb052qZukC-8WCLYftBx-3vCuAu0KIZrmsKlQHoyPK3_xRFdt74maOVn3t00qAUW70r_3LRBJIl-78V_nv1-QZdI6gCIq0yU6Ha5trliiBFOyRP3IYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Nzk5MDU1LDg0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmoxMDE1LmNvbS90aGFua3NnZXR0aW5nLTIwMjMvIixudWxsLFtbOCwia2hKdkRlRnNtYlEiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
13b2b7755fe517fb8f263095ec4e6466fb75e59176776f17ed4a7ca8c80f57be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mjiYfg_3I8Ecf5tmmNRtNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mjiYfg_3I8Ecf5tmmNRtNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E5F6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuutMLlxqc15QC2WWixbaExhATXn7uS0BBF3N0Y1rsuMXX2Fnk_Gj64C6dnQ1yBxOE-rIR1ZWPJTqEkpu8l81ERsgPHfqO-Lhz98J7MN6WwpSJ7KX_UV5JbCK9zPv1PydQt3ybBELDD0CZw4zW5OutV4rZO&sig=Cg0ArKJSzFQQWFgWEljkEAE&id=lidar2&mcvt=1000&p=267,1123,517,1423&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4067820261&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705799053770&rpt=1686&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
contextual
contextual-analytics.wunderkind.co/api/ 		74 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&website_id=5351
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ceb830056c35a33105326039df83e2be628cb7f4888112f22ded7f0cf3d54db6

Request headers

Accept
*/*
Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://nj1015.com
date
Sun, 21 Jan 2024 01:04:17 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
content-type
application/json
visit
events.bouncex.net/track.gif/ 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJHRZGVWYAThLGampNHQBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26TAAraUkmeOyD2kg0lEwIsAw1mYBaHWo5K925WlhILIA+mACIt4rk2gAROpkG5IWAHVR-QE5XggWBZb4QhBZFBkBFIgHxFBZOYgNCYTEiBBCSxrZA0BSETCMBkiAjAFnUBSST5baihLnvXl7RH-AGQZAYrZyCHGcgMgBqKHCvAZAFVEEgwGNetB+sDSH8QARMLocJJiswdRN9QRDZBjZgAJ7mnRWnoTeLwSDZYBNEAoGyWMA4SgubTUKJOgECAhIXhgAH1EF8GjUeQ7SqNUiINMhNMoczi1D1eogeIA0z6rCQPNyTPUbO5yphiHWmAXAgREAIUPhtOo1Ut+tp6guAAcknU6mYcnHqnHM-oJWY1GKef5adAQ-T9ckLmY9BcZUPGjkpVc+azwFrw+M+8Px5X9E8m8qKAIdeMrDf1FIpi-NNVnWTZti+PlaGOU5zkuCCbjuB4ngdTA0DeVdhX2aVfjFYFQXBGVoVIWF4T5UVkQQVF0UxbFcVIfExSJElcXJSlqTAWkJSQBkmU5BQ2Q5BkeQOAUFCFejAU4qVITlOiuSVFV1U1TZ01-FBlIzH8BWoYBTGAL9JCvagdwzAcNy0ri7w3FStPiG99IPI8TxfQyIGM+sXgM380HiCzd2MehPK0qU-M0tNSDsu8H0c59Xy0vTLP7FwIVbTp4GQeZsGgGxMiEZAcHSTIclSzUMpgYBkAgE1XRkGRijKCoqmK9KMEyiwUEgZMkCyHAVH4IQpCtNLUBamBeAQUAwUgJ1TF7MawAiH1TE6L0wB9HIkGgW4wAuTByqQCVeBwK0MAIaALlgbAkCdC4xvy4xOhOs6U0gK6boQOQ7pEB6EFO87LqdTBiV7YI7hQXgUG+07+jQR0cAUYJIb1BAYZNQGcjh5oHTANI2GCO10RsANEfiKAXSVTBzr2xHTAIVblTenAFXoAAtYmTWQmsGZEe6sgIW6rQEWxegQEBDraAL21F80HKfU91HPEpXE6MaJpFw6x0nadZ3nRdDxXNcrTmDBQGpKXJE6RAAEdYCwMEpateJwhrB0cjpklpcfJyNBcORlqd7BCxAPbKswHBIHQX2VfLWaLZBJAwRwQWbE6UqcCG2P6kgAEpeoGxaBcWyRFMIgfF0YB4gVNU0HocdqBqSQamYCIAHlVBKTpbnjbP1bzguBFUYIEBqS2AEU7GYABRPAIQhAJYHiIh1COGo7FMIA
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAdgFYCMADCwKwB0AxgPYBbermwgGAa0KR8MBmAC0VNlVL0yNZLkEB9QvzS8IZACIBlEDHSjUyagDYtuwRAAmMZMNImIgy+gcnHV4QQVAYMAZTADkEQnQIfAhUak5lAFl+Bm5U5Wj+KByqNI41YqoAYVyVFTLHbR1cZK8TcnQA8rYANRB0GFdqgFVCZMIAMlBIWAREXmRCXCEoEFQYEAAjBMJMYgB2ACFqKgkIAE8deH5UV0IdADMDBgGqKjJKF7vekaPqKpeQYDARqoEB3O4wXg6YCoCAjBi4H4UI6fdDfF57EwTcDQOBIAT8CRwQgwABeEEwpAALFQsVNcbNxFkIb0cPgiG91LRmOwuHwhCIxJJpIlcHJFMpVPRaTiZvjCRBGvx+Dp0CtIJgUSNpdM8Ur5Y1TsByaRgKjtfS5XA9KTySxKZxSGMBGFZmFMGwnUJgIhcLw7pgWJ6XfNgAGg96wICw86iChCN6Fqt5AGFKmxoJ+K5yR74BB1sSmv1MA7OIHYAWiyxdmxOLsAJx1mv2SmkNh10i7MZZ2BGItUXYADjtlLYpAH9gHI84jao9g9kxl8ErYxGAEdkBAGL3XNG+pvZC4FqFQ1Wa-XG5xm7tOE69-CATAoKMYFlMLhwI7uxDya4VwZUEYmC5usYzYvCmDzMkf53LgOh9usNC7LwUDRMAJIABIAB5QLwXSDGAnADlQZgsGYbASAA8vYdZjGI1xwTuVAIUh8D2BUEBmKuACKADSbAAKLpCYJgADLILwJKUkwZg8cAQA
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
push_sync
ssp.behave.com/ 		0
0
article_view
events.bouncex.net/track.gif/ 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeAEsADlgngUgCYAGAFQAtgA7AawGcBzOMSKhgQiOIHUIqvgXIgBYAjMWJducBgFtqdLgwgAzMFyigAJgDJQkWIgCuIGKnIssigMwBBIgDFHVAFbjRAVgB0UAPazHMEpaRmZWBgBaEkJrRz1waHgECHkmc0sbe0InbLBfAHcqOgBHI1A4L1k4LQhBbLoIMDhHawAOD0cVCHhFbOjCR1FRR2AWYChyKqowCOk5BQiKanomFj4GLxcsBnxrB3zdgBFREklCADZyI7PzgC8oI+GLm0ObwWtD9Qvio9aATniBiSWCMACMtKM4KhotYIkMIsQPKRROddrZCK00cJWl4JMQAFqAxKILRwOhQEAQLCQXxUVAAeX4JCCEF6ZGCKwgADd1kQAMJceQ0ZokRoCLhLEKrcJcfKNK4kABycAOJAAUnAQHQ4AQSO4vB52ETDAhhbh8r4QFo6Kh8B4AEJEQh+aZksC9AaEAWEQhGGCQeRNLhUFVcFya7W6gYeQ7GpIwagMMppOBUOOIBN0MCyXxaaHEGJw0RRADsyI6dmIwzsGNxEkJOdJqGIOnycFBDSaEDzHmsHlEOh5ne7qFEJcRJb+f0R52E1mIf2sJZ0pJ5UDgI8IJdaomEwmIbXOrX3HmnFxbWGATB5KpHA+1pVT683OlgEFTayqWeAsiwo-HHiTtOHjnB4iKvjA77TNg3IRhAtKoGAV7WCucBrlCuh0L4JjrqgbagnoTDTKgRjaiAOhYWoAD6m6gg4JZQFyipYLc6AAB5clAABqACqDAeK0hAAMqiEJxA0PS5wApQVo0XmhB0Qx+TnHycBCcUACKADSxAAKIALKHIcAAyRhQLcwguEJWlYEAA
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9157 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmMu_hJqgZQRmcmJhiCYxZ5eRI89jRVewXxEeDnXudJ0MeViT3k08_lWM_wcUxOb4Si-q21mCznQ7sSBSWlRaP_Qi874QGMJjZijbhr6r_1EfisO4Cv7-6kKF_jfGoB1KuNFpE9OEo1Lo8o0iZje9rcJZ_&sig=Cg0ArKJSzHrwbgwUodiVEAE&id=lidar2&mcvt=1014&p=757,1123,1007,1423&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2672902926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705799054529&rpt=969&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
388cab24-e593-47f2-94be-39bb5d49aa46
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/388cab24-e593-47f2-94be-39bb5d49aa46
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
4d211cb6-15a7-4c9e-8cb6-351819ee2ed0
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/4d211cb6-15a7-4c9e-8cb6-351819ee2ed0
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA86 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117120
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 21 Jan 2024 01:04:16 GMT
expires
Mon, 22 Jan 2024 09:36:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9ABA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=20986&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nj1015.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame BB36 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16356355&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a9e963ae2af3f5f511184bf48afb4651bfff43a033a227a7b97496e5a5269739

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 01:04:19 GMT
content-length
1624
content-type
text/html; charset=UTF-8
5d5d09df-aae2-4e10-b1d2-833fa9fee4e5
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/5d5d09df-aae2-4e10-b1d2-833fa9fee4e5
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
AGSKWxUPq4CrNlgtcMueFF5-yVS8_PPLxC-_aFR0ordhYbzs17OrcVIX09Tylw_38r03XOH0VCBLXdeJ82ntWTOpVuCNek-RxfjVfpQTK64eX74qccD1pmt4-oLMrA2HCilKU0AoWkik2w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPq4CrNlgtcMueFF5-yVS8_PPLxC-_aFR0ordhYbzs17OrcVIX09Tylw_38r03XOH0VCBLXdeJ82ntWTOpVuCNek-RxfjVfpQTK64eX74qccD1pmt4-oLMrA2HCilKU0AoWkik2w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Nzk5MDU2LDY3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmoxMDE1LmNvbS90aGFua3NnZXR0aW5nLTIwMjMvIixudWxsLFtbOCwia2hKdkRlRnNtYlEiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
4beeaa9fc2dcfc40e6ecece175aadbc70c5fb6c38911ca55e453d21b966054df
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_0Y4_snLTXhi3N87eHLUEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_0Y4_snLTXhi3N87eHLUEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
id_sync
events.bouncex.net/track.gif/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2bF7cvNpzHxvcVUg582S1S0kO69&source=web&agent=cjs&deviceid=2781440386840590260&visitid=1705799056430937&websiteid=5351&pageviewid=undefined&sequenceid=undefined
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 89D0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 01:04:17 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Jan 2024 01:04:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
pbs.nextmillmedia.com/ Frame 6151
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1705799056831.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=212429221422365
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212429221422365
0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212429221422365
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.194.39.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212429221422365
date
Sun, 21 Jan 2024 01:04:17 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 6151 		0
0
match
events-ssc.33across.com/ Frame 6151
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1705799056831.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=cfc665ac-6d91-4c00-87ba-3050a858ed2a
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=cfc665ac-6d91-4c00-87ba-3050a858ed2a
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 21 Jan 2024 01:04:17 GMT
Server
MT3 1237 600843f master iad iad-pixel-x11 config_version:"2538"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=cfc665ac-6d91-4c00-87ba-3050a858ed2a
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Jan 2024 01:04:16 GMT
match
events-ssc.33across.com/ Frame 6151
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4%7EA&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4%7EA&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-R2eysttE2uEMOApMbLg9Blwy6t1XHAY4%7EA&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ps
ssc-cms.33across.com/ Frame 6151
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=6df3ead976a023a7&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABzNAy0PximgN_hvA9AAAAAAA&expiration=1705885460&is_secure=true&us_privacy=
0
0
match
events-ssc.33across.com/ Frame 6151
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2227546027579844602145
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2227546027579844602145&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2227546027579844602145&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:16 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2227546027579844602145&ts=1705799057&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cc766ed1-4477-43bd-96a7-13546d3efaf0
https://nj1015.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nj1015.com/cc766ed1-4477-43bd-96a7-13546d3efaf0
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
AGSKWxXXkUyr4533DfDYjmtGsSCckoeF2gVkyXvRSSx0_1kjdqSAPJoZuuK6-Lwhovac5lysMyVN7PqOo0jMkm7gTV9_VGebk8fd201CUP8ZDntIhQl6pJsWlOk41GNPlub4PdFqTX8nCQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXXkUyr4533DfDYjmtGsSCckoeF2gVkyXvRSSx0_1kjdqSAPJoZuuK6-Lwhovac5lysMyVN7PqOo0jMkm7gTV9_VGebk8fd201CUP8ZDntIhQl6pJsWlOk41GNPlub4PdFqTX8nCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1Nzk5MDU2LDg5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9uajEwMTUuY29tL3RoYW5rc2dldHRpbmctMjAyMy8iLG51bGwsW1s4LCJraEp2RGVGc21iUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
8c057a52ed4a8445ed6a4423cfd39a72485fce56d18baeaa839b00519a5c41e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MV8y5UfwmWgzi9EmhGep7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MV8y5UfwmWgzi9EmhGep7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW9NvaUlZAUIGgiHRs6x7wACRn3O7AZKgJfytSNoDvzcS5oRPP0RQ3IMaEOrvT-5GXZB721zWy7bFBXFdppSwiF5mJdyw5W0PQvOyNsgr9LecJhrJaxtsjZGxO_cr2ZzWCdggwEcg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW9NvaUlZAUIGgiHRs6x7wACRn3O7AZKgJfytSNoDvzcS5oRPP0RQ3IMaEOrvT-5GXZB721zWy7bFBXFdppSwiF5mJdyw5W0PQvOyNsgr9LecJhrJaxtsjZGxO_cr2ZzWCdggwEcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R03mBjIPccHUyNwIbG2BVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jan 2024 01:04:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-R03mBjIPccHUyNwIbG2BVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nj1015.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C2FB 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
usync.js
eus.rubiconproject.com/ Frame 8909 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
usync.js
eus.rubiconproject.com/ Frame A219 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BB36 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 13:33:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E60 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59295052&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f868537998a50b167a5216bf60ee9e9a588bc7a32e1fb36b266eeb7b770257b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 01:04:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NZRGD1BLM6&gtm=45je41h0v893359007&_p=1705799034439&gcs=G111&gcd=11r1v1r1r6&dma=0&tcfd=1000g&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&_s=2&tfd=32043
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1B654B07SV&gtm=45je41h0v893359007&_p=1705799034439&gcs=G111&gcd=11r1v1r1r6&dma=0&tcfd=1000g&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&_s=2&tfd=32043
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je41h0v893359007&_p=1705799034439&gcs=G111&gcd=11r1v1r1r6&dma=0&tcfd=1000g&cid=190849881.1705799044&ecid=1460290601&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&dr=&sid=1705799043&sct=1&seg=0&dl=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&dt=Happy%20Thanksgetting!%20Win%20a%20%24100%20Wegmans%20gift%20card&_s=2&tfd=32043
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nj1015.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nj1015.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F446 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
usync.js
eus.rubiconproject.com/ Frame A595 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
usync.js
eus.rubiconproject.com/ Frame 9ABA 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62115
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
ecm3
s.amazon-adsystem.com/ Frame 35C4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=b5c36e79-2133-4fcd-b006-eea0216efc36
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 01:04:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9RD5GYED8AA6TQ3V44JG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 35C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2a4f764-8e99-415e-b1f5-293d70c57410&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 01:04:18 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 35C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YjVjMzZlNzktMjEzMy00ZmNkLWIwMDYtZWVhMDIxNmVmYzM2
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 35C4
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=48af09a9a0780511&is_secure=true&networkId=44410&version=1&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACGvkU-pRzKAM77Kw0AAAAAAA&expiration=1705885458&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&is_secure=true&g...
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACGvkU-pRzKAM77Kw0AAAAAAA&expiration=1705885458&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACGvkU-pRzKAM77Kw0AAAAAAA&expiration=1705885458&nuid=b5c36e79-2133-4fcd-b006-eea0216efc36&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 35C4
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212429221422365
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212429221422365
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
50.19.82.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-82-102.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:17 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212429221422365
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 89D0 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.9.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-9-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 01:04:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 18:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62114
Connection
keep-alive
Content-Length
10964
Expires
Sun, 21 Jan 2024 18:19:33 GMT
attachment-simona-sergi-81rvfdk7vrw-unsplash.jpg
townsquare.media/site/394/files/2024/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/394/files/2024/01/attachment-simona-sergi-81rvfdk7vrw-unsplash.jpg?w=300&q=75
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.86 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sac/2544) / Express
Resource Hash
ef7bf3a9d9f681f2f76fb349e4850594e7a551525a00ffa9a0a8df14a6011c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-abgroup
B
date
Sun, 21 Jan 2024 01:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish
x-content-type-options
nosniff
age
217759
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
17376
last-modified
Thu, 18 Jan 2024 12:34:59 GMT
server
ECS (sac/2544)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
829704267 829693504
cache-control
max-age=1209600,s-maxage=31536000
accept-ranges
bytes
khaos.json
token.rubiconproject.com/ Frame C2FB 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8909 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
cookie
sync.cootlogix.com/api/ Frame C2FB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRMSPLFB-25-HAPR&us_privacy=1---
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: syncaps.cootlogix.com
URL: https://syncaps.cootlogix.com/api/user/html/65354ca311421d643073bbdb?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvidazoo.com%26id%3D%24%7BvdzUserSyncMacro%7D
Protocol
H2
Server
137.184.202.88 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
khaos.json
token.rubiconproject.com/ Frame A219 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
sync
usr.undertone.com/userPixel/ Frame 8909
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
52.44.110.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-110-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:19 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
khaos.json
token.rubiconproject.com/ Frame F446 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
cs
cs.yellowblue.io/ Frame A219
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://cs.yellowblue.io/cs?aid=11590&id=LRMSPLFB-25-HAPR&us_privacy=1---
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.209.165.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-165-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:19 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
khaos.json
token.rubiconproject.com/ Frame A595 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
khaos.json
token.rubiconproject.com/ Frame 9ABA 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
setuid
pbs.nextmillmedia.com/ Frame A595
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR&nmuid=&us_privacy=1---
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR
86 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dnextmillmedia%26userId%3D%5BNMUID%5D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Server
34.194.39.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LRMSPLFB-25-HAPR
date
Sun, 21 Jan 2024 01:04:19 GMT
server
fasthttp
content-length
0
magnite-sync
ssp.wknd.ai/ Frame 9ABA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=20986&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://ssp.wknd.ai/magnite-sync?uid=LRMSPLFB-25-HAPR&us_privacy=1---
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.wknd.ai/magnite-sync?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Server
34.117.4.53 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:20 GMT
via
1.1 google
x-envoy-upstream-service-time
0
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssp.wknd.ai/magnite-sync?uid=LRMSPLFB-25-HAPR&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame AA86 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4454472&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
233641f3a4b38bdbd4617abea8f451d63cea34716aeefefb40c84825d0ac40f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 01:04:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 89D0 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LRMSPLFB-25-HAPR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
match
events-ssc.33across.com/ Frame 89D0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LRMSPLFB-25-HAPR
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LRMSPLFB-25-HAPR
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRMSPLFB-25-HAPR&ts=1705799060&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRMSPLFB-25-HAPR&ts=1705799060&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:19 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRMSPLFB-25-HAPR&ts=1705799060&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401101304/ Frame 7179 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Requested by
Host: nj1015.com
URL: https://nj1015.com/thanksgetting-2023/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Mon.%20Nov.%2013%2C%202023&utm_term=All%20Valid%20Users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nj1015.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 01:04:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:05:23 GMT
server
cloudflare
x-amz-request-id
D707ZQ5NBYWT4WB9
age
885540
etag
W/"5aabb710020a401097c59bf9249caa6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
848ba47dedf7841f-YVR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sfkC03de0K+2TQr8eLk3zbxCcXQvPk3f5bf9GUf0b2jRjmtAWfH8FNZqz8NEKDmKvQXIbFsv/+4=
Pug
simage2.pubmatic.com/AdServer/ Frame DB80
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
0
0
bridge.gif
cm.adgrx.com/ Frame A2C6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame BEC0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFRVN0xXTnNBQUJQcEdUYjhldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 30B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
ecm3
s.amazon-adsystem.com/ Frame 9189 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 01:04:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WWJ26S76YYSY6XG09K7T
insync
thrtle.com/ Frame BB36 		0
0
sd
us-u.openx.net/w/1.0/ Frame BB36 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame BB36 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_cnv_n-inmobi_n-cadent_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-Vidazoo_n-nativo_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.106.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:21 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame BB36 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame BB36
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame BB36 		0
0
insync
thrtle.com/ Frame 2E60 		0
0
sd
us-u.openx.net/w/1.0/ Frame 2E60 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 2E60 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.106.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:21 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 2E60 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame 2E60
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0295
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
0
0
bridge.gif
cm.adgrx.com/ Frame 737F
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
0
0
pm
match.prod.bidr.io/cookie-sync/ Frame B0CC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 2E60 		0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 56A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
141
match.deepintent.com/usersync/ Frame B42D 		0
0
sync
x.bidswitch.net/ Frame 55FA 		0
0
p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame CCB7 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame CB8B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qvt2npgs1Rrmg45&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2E60
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59ec41b9466905ed&is_secure=true&networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-gwN6i5_mAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&...
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2E60 		0
0
insync
thrtle.com/ Frame AA86 		0
0
sd
us-u.openx.net/w/1.0/ Frame AA86 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame AA86 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.106.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 01:04:21 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame AA86 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame AA86
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1CC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
0
0
bridge.gif
cm.adgrx.com/ Frame EEC8
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
0
0
pm
match.prod.bidr.io/cookie-sync/ Frame DA2F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame AA86 		0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 061A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AA86
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=16017d6524f505ed&is_secure=true&networkId=17100&version=1&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-hgMdqKYkAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&...
0
0
141
match.deepintent.com/usersync/ Frame 9096 		0
0
sync
x.bidswitch.net/ Frame 7366 		0
0
p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame BBC1 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame EDBA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mh9iFSOt1Rrmg55&gdpr=0&gdpr_consent=
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame AA86 		0
0
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A3A4 		0
0
sync
sync.srv.stackadapt.com/ Frame 2059 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame BAE3 		0
0
cm
p.rfihub.com/ Frame 3DCC 		0
0
i.match
a.tribalfusion.com/ Frame 6843 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 5472 		0
0
/
csync.loopme.me/ Frame 1573 		0
0
sync
t.adx.opera.com/pub/ Frame 4E2C 		0
0
tum
ums.acuityplatform.com/ Frame 1D75 		0
0
img
sync.mathtag.com/sync/ Frame 5F3D 		0
0
pubmatic
gocm.c.appier.net/ Frame 6A15 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame E146 		0
0
cookiesync
core.iprom.net/ Frame 3F9A 		0
0
sn.ashx
pmp.mxptint.net/ Frame AA86 		0
0
cs
ad.turn.com/r/ Frame AA86 		0
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame AA86 		0
0
cm-notify
creativecdn.com/ Frame AA86 		0
0
match
c1.adform.net/serving/cookie/ Frame AA86 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E60 		0
0
cframe.js
assets.a-mo.net/js/ Frame C6D1 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cmp.osano.com
URL
https://cmp.osano.com/
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync?us_privacy=1---
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync?us_privacy=1---
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221253347152eb8b3%22%3A%22e6fe6470a476c52cbabe%7C400x225%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fsharethrough%23tsm-ad-in-article-pixel-1%2Cc%3Dv%2Cp%3D3%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&s=85ef6275-4e44-4cf9-8b05-8c27f4a2d06e&pv=7949025a-21ff-4572-9f68-133d71232bd5&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%22ae13d764-0ee2-4c89-94ff-2c0ab9bf93a0%22%2C%22pcidDate%22%3A1705799046394%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22nj1015.com%22%2C%22keywords%22%3A%22contests%2Cultimatenewjersey%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nj1015.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&kw=contests%2Cultimatenewjersey&us_privacy=1---&coppa=0
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tmax=1500&us_privacy=1---
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799046409&to=480&aun=tsm-ad-in-article-pixel-1&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fsharethrough%23tsm-ad-in-article-pixel-1&maxw=336&maxh=280&si=9150&pi=3&bf=1x1%2C300x250%2C336x280&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=15&alt_size_ids=16%2C221&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=in-article-pixel&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fsharethrough%23tsm-ad-in-article-pixel-1&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=263cc03e65ad95d&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fsharethrough%23tsm-ad-in-article-pixel-1&slots=1&rand=0.8011626516594077
Domain
hb.undertone.com
URL
https://hb.undertone.com/hb?pid=2552&domain=nj1015.com&ccpa=1---
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tmax=1500&us_privacy=1---
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22349cd98c143cc2a%22%3A%22453c76e3ae70a2c82d2a%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728c-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&s=fa6ef757-1a88-4e97-a0ff-3230432e5a45&pv=7949025a-21ff-4572-9f68-133d71232bd5&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%22ae13d764-0ee2-4c89-94ff-2c0ab9bf93a0%22%2C%22pcidDate%22%3A1705799046394%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22nj1015.com%22%2C%22keywords%22%3A%22contests%2Cultimatenewjersey%22%2C%22publisher%22%3A%7B%22domain%22%3A%22nj1015.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&kw=contests%2Cultimatenewjersey&us_privacy=1---&coppa=0
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Domain
hb.undertone.com
URL
https://hb.undertone.com/hb?pid=2552&domain=nj1015.com&ccpa=1---
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836860&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&kw=in-between-article-728&tg_i.domain=nj1015.com&tg_i.page=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&tg_i.pbadslot=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728c-1&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=524d361095806b6&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728c-1&slots=1&rand=0.3071372903915286
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799046465&to=480&aun=tsm-ad-728c-1&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728c-1&maxw=728&maxh=90&si=9154&pi=3&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799048324&to=480&aun=tsm-ad-728a&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799048327&to=480&aun=tsm-ad-728b&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799048331&to=480&aun=tsm-ad-728a&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799048331&to=480&aun=tsm-ad-728b&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799051383&to=480&aun=tsm-ad-300a&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&maxw=300&maxh=600&si=9149&pi=3&bf=300x250%2C300x600&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799051384&to=480&aun=tsm-ad-300a&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300a&maxw=300&maxh=600&si=9149&pi=3&bf=300x250%2C300x600&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799051412&to=480&aun=tsm-ad-300b&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&maxw=300&maxh=250&si=9150&pi=3&bf=300x250&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1705799051415&to=480&aun=tsm-ad-300b&gpid=%2F8328825%2Flocal%2FTrenton%2FWKXW%2Fpost%23tsm-ad-300b&maxw=300&maxh=250&si=9150&pi=3&bf=300x250&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F&ns=10240
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?us_privacy=1---&
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725&us_privacy=1---
Domain
cdn.undertone.com
URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
ap.lijit.com
URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Domain
i.liadm.com
URL
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2798585505725352149
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=Zaxti78jkzqvZqfLnwLzmQAA
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
id5-sync.com
URL
https://id5-sync.com/api/esp/increment?counter=no-config
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dsovrn%26userId%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/vdz.gif?puid=377&redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11624&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dloopme%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%7Bviewer_token%7D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/151
Domain
tr.blismedia.com
URL
https://tr.blismedia.com/v1/api/sync/enginemx
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=149&p=324&cp=emx&cu=1&url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd53%26uid%3D%40%40CRITEO_USERID%40%40
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=1276
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=emx&cspid=19&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd46%26uid%3D%24%7BADELPHIC_CUID%7D
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=114
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?ch=177&cm=51151705799052744673b2&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd34%26uid%3D{visitor_id}
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D&_test=ZaxtlQAQBlfjLgBH
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/emx
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/emx
Domain
cm.ctnsnet.com
URL
https://cm.ctnsnet.com/int/cm?exc=22&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd25%26uid%3D%5Buser_id%5D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=emxdigital
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-9zQtGV7AscK_-.gif?idmatch=0
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=emx
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=35927&in=1
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=51
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=emxdgt.com&id=2158602717580314586brt51151705799052744673b2
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/6/map
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=dtu59l6mqhixbctegh3fc3sod
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/15597?id=dtu59l6mqhixbctegh3fc3sod
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/403716.gif?partner_uid=dtu59l6mqhixbctegh3fc3sod
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D82141230-97FC-47FF-BFE5-BAB043944F10
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=dtu59l6mqhixbctegh3fc3sod
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/15597?id=dtu59l6mqhixbctegh3fc3sod
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/403716.gif?partner_uid=dtu59l6mqhixbctegh3fc3sod
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnj1015.com%2Fthanksgetting-2023%2F%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DNewsletter%2520Mon.%2520Nov.%252013%252C%25202023%26utm_term%3DAll%2520Valid%2520Users&rid=esp
Domain
us01.z.antigena.com
URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%202DFF4D73-A845-4592-822D-8C7FE3B8BBEA&rnd=RND
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOGWgF6_VPuIGq-3b_i7OEQ&google_cver=1
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2227546027579844602145&dbredirect=true&gdpr=0&consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2227546027579844602145&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAJbIw5kf2u_LRv6YlUJJfI&google_cver=1
Domain
pulsepoint-match.dotomi.com
URL
https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMSPLFB-25-HAPR&us_privacy=1---
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Domain
ssp.behave.com
URL
https://ssp.behave.com/push_sync
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps?xi=64&xu=AAABzNAy0PximgN_hvA9AAAAAAA&expiration=1705885460&is_secure=true&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFRVN0xXTnNBQUJQcEdUYjhldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQBPOBiABd
Domain
thrtle.com
URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/sync?pid=187&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
thrtle.com
URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/sync?pid=187&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQA7yBigBd
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qvt2npgs1Rrmg45&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-gwN6i5_mAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&is_secure=true&gdpr_consent=&gdpr=0
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
thrtle.com
URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/sync?pid=187&uid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lIGA48RE2uXQ3Fddiv6IypzA45n0xQ4-~A&gdpr=0
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2158602717580314586&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaxtlQAQB0bjMgBH
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMZ3EZoMp-hgMdqKYkAAAAAAA&expiration=1705885460&nuid=2DFF4D73-A845-4592-822D-8C7FE3B8BBEA&is_secure=true&gdpr_consent=&gdpr=0
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mh9iFSOt1Rrmg55&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=6
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95919936&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
assets.a-mo.net
URL
https://assets.a-mo.net/js/cframe.js

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| TSM object| taskQ function| gtag object| dataLayer function| Osano object| webpackChunk_osano_cmp_consent_manager function| __uspapi function| pushly object| PushlySDK object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD object| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr function| fbLoaded object| ZERG function| dealWithAlephCount object| __INITIAL_STATE__ object| webpackChunkexpressblog object| bidLog function| initCarbon object| globalActionCreators function| fbAsyncInit function| onYtEvent number| AD_REFRESH_FREQUENCY object| cQ object| FB number| PIN_19743 object| __twttrll object| __twttr object| google_tag_manager object| google_tag_data string| aleph object| hindsight object| teads_analytics object| litHtmlVersions object| __buffer boolean| hindsight_loaded object| gaGlobal function| onYouTubeIframeAPIReady object| gapi object| ___jsl object| ggeac object| google_js_reporting_queue object| headertag object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| PIN_1705799044687 string| value object| key object| PinUtils function| dspCriteoRTUSCallback function| dspCMCallback object| _aps boolean| apstagLOADED object| apscustom object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow undefined| google_measure_js_timing object| google_reactive_ads_global_state object| bouncex object| instgrm object| owpbjsChunk object| owpbjs object| PWT boolean| __bt_already_invoked object| webpackChunksmart_tag object| PublisherCommonId object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTk3YmQ4NGE5NzRjMTFlYmxvYWRlcl9qcw== string| ZTk3YmQ4NGE5NzRjMTFlYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id object| regeneratorRuntime object| bxgraph object| ADAGIO object| criteo_pubtag object| criteo_identitytag_148 object| Criteo object| Criteo_identitytag_148 object| _33across function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 undefined| $ function| jQuery object| ox_esp boolean| 7bb06913-875a-4d48-9254-41930f5b5deb number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error function| close_bouncex_ad

129 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ-OyvzNIxCgoIkQIQ-OyvzNIxCgoItAIQ-OyvzNIxCgoI5gEQ-OyvzNIxCgoIhwIQ-OyvzNIxCgoItwIQ-OyvzNIxCgkIOhD47K_M0jEKCgiMAhD47K_M0jEKCQhfEPjsr8zSMQoJCB8Q-OyvzNIx
i.liadm.com/s Name: _li_ss
Value: CggKBgjSARCDFw
.townsquarenewsletters.com/ Name: sailthru_hid
Value: 545f741d17403d873205934ba81720995bec3c4005e94e67f367c1e8787338d4ce6eaa5f144c735b4dd366c1
.townsquarenewsletters.com/ Name: sailthru_bid
Value: 33344843.43397
nj1015.com/ Name: abgroup
Value: B
nj1015.com/ Name: connect.sid
Value: s%3AytWZdtDI_yg_-lI8IdEy3Bt9gqwYByth.%2BneFyayiSjKRqIE%2FfL7ADlnNbGHvKhoyEMLo4IlED%2Fs
.google.com/ Name: NID
Value: 511=FVhX8aXiNCvrcIt1GFESCYEjow8jYbnpeRv-6SPgoufFjAymhnYJLWm8dEj2MTH7OoRP7ng4ErXZgRmyoCQpG4U646RGl6Rm4X2Q1VqwN6zFgCILV9u5039D90VKwXn7Cbk6ZkUgFWx1aj0akhpaVHCGmAEuaqfQvnG4ukiPHlI
nj1015.com/ Name: cogitoergosum
Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDIxIEphbiAyMDI0IDAxOjAzOjU2IEdNVCJ9
cdn.production.townsquareblogs.com/ Name: aleph
Value: 682fe08a-b078-541c-9a39-597832627d8c
nj1015.com/ Name: aleph
Value: 682fe08a-b078-541c-9a39-597832627d8c
nj1015.com/ Name: aleph-count
Value: 1
.nj1015.com/ Name: osano_consentmanager_uuid
Value: f7301e0c-4dd3-45e9-9d80-572984c97560
.nj1015.com/ Name: osano_consentmanager
Value: pmF0Zp6sNMpTJ1sR8BvDie3I0lxofhgzHrrOBVHm0-ECI7mVrVnVc3FQPLd6oocAQWvmeS6LSeUd9ZgqcoeHh4Hn8WT_EMKDu7T0wozuxkq0O-6CrBnXzpc3L5vCeY-0Al7UjIsVR_-3O0iuHG84LQyTqFrNZD2QqOoqKsDTcNsiAAThNVTu4FfWp_8W3XuU5xuQjwC-9mPfwL7nR0OKikeZc-TV8PjogSYvTrJg0PsF9x3mROTTE3_LvVVHCPr4B5OFaLM4sI0qVCKq9csfdS_3BApvrTgGxqIdzw==
nj1015.com/ Name: blingblocksession
Value: 1
.nj1015.com/ Name: _ga
Value: GA1.1.190849881.1705799044
.nj1015.com/ Name: _ga_R9X9M7SL1M
Value: GS1.1.1705799043.1.0.1705799043.60.0.0
nj1015.com/ Name: _tfpvi
Value: M2UxMzRmN2ItM2VlZS00M2FiLThkOWUtN2I1Mzg5MmI3YjMzIzEtNw%3D%3D
nj1015.com/ Name: newsletter-overlay-notspam
Value: completed-newsletter
.youtube.com/ Name: YSC
Value: m2iJAGEaSFc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: fITpFBBkCco
.adsrvr.org/ Name: TDID
Value: a2a4f764-8e99-415e-b1f5-293d70c57410
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: 0c0f89e6-8751-42b0-a079-7c5869b20d52
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.kargo.com/ Name: ktcid
Value: ea0d1369-edc0-0c31-1622-d4655b8a0cf6
.revcontent.com/ Name: adb_blk
Value: false
.revcontent.com/ Name: __ID
Value: 0034f9a0cd3a40a6819a24b2621bd95b
.bidswitch.net/ Name: c
Value: 1705799047
.bidswitch.net/ Name: tuuid_lu
Value: 1705799047
.mfadsrvr.com/ Name: c
Value: 1705799047
.mfadsrvr.com/ Name: tuuid
Value: d02fbfd2-05ae-4cde-9e49-a16a11c3fd17
.zemanta.com/ Name: zuid
Value: l5tbTLZF3gDZjVqOPWTf
.bidswitch.net/ Name: tuuid
Value: f49ccc6a-84d2-466a-be91-9432e41a94f1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.nj1015.com/ Name: _ga_35VHJHR2SD
Value: GS1.1.1705799048.1.0.1705799048.0.0.0
.rubiconproject.com/ Name: khaos
Value: LRMSPLFB-25-HAPR
.undertone.com/ Name: UTID_ENC
Value: dtu59l6mqhixbctegh3fc3sod
.undertone.com/ Name: UTID
Value: e995d7df0350411f9a7273a8961d4bed
.amazon-adsystem.com/ Name: ad-id
Value: A7Y5mSY58UPqkQrPy9Tvl1I
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: __uis
Value: 1d2cbe58-e6b1-4a86-baf4-2e18f7d86301
.go.sonobi.com/ Name: _usd_nj1015.com
Value: 7949025a-21ff-4572-9f68-133d71232bd5
.3lift.com/ Name: tluid
Value: 2227546027579844602145
.adnxs.com/ Name: uuid2
Value: 2158602717580314586
.go.sonobi.com/ Name: __uih
Value: 1
.adnxs.com/ Name: icu
Value: ChgIoN5sEAoYAiACKAIwi9uxrQY4AkACSAIQi9uxrQYYAQ..
.casalemedia.com/ Name: CMID
Value: Zaxti78jkzqvZqfLnwLzmQAA
.casalemedia.com/ Name: CMPS
Value: 4193
.casalemedia.com/ Name: CMPRO
Value: 4193
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: TTAAqoQvrJ
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUzNThfMCZVMXhHejlx
.intentiq.com/ Name: IQPData
Value: 2959354691#1705799052515#0#1705799052515
.intentiq.com/ Name: intentIQCDate
Value: 1705799052516
.doubleclick.net/ Name: IDE
Value: AHWqTUkw8Qrfzk9irWPd14SgAGbywQqOfVu6zf4RVKn7OhOQKB4gadUGiO_UGgUGPjE
.media.net/ Name: visitor-id
Value: 3488006515469156000V10
.yahoo.com/ Name: A3
Value: d=AQABBIxtrGUCEH1RJliCksrasjslcn6ZcMgFEgEBAQG_rWW2ZSXUxyMA_eMAAA&S=AQAAAib2fkiNFSMnsR8guq7nEX4
.emxdgt.com/ Name: uid
Value: 51151705799052744673b2
nj1015.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.cootlogix.com/ Name: vdz_sync
Value: b7c8d710-4306-2f39-dfac-972e8eaf4593
.emxdgt.com/ Name: ps
Value: d59,d57,d55,d53,d52,d48,d46,d38,d35,d34,d32,d31,d30,d25,d21,d20,d19,d16,d15,d8,d5,d1
.emxdgt.com/ Name: apn_id
Value: 2158602717580314586
.emxdgt.com/ Name: dt
Value: 021
.nj1015.com/ Name: __gads
Value: ID=fd1d52514631f13a:T=1705799051:RT=1705799051:S=ALNI_MZ1nqn2XbXeqZO_luWNDaI9FrEjbA
.nj1015.com/ Name: __gpi
Value: UID=00000db8d33f6c01:T=1705799051:RT=1705799051:S=ALNI_MYEJcJaFQd7_9W5Y7VLODMg1ydBUA
.yellowblue.io/ Name: wrvUserID
Value: nzfBleEzCp_s
.liadm.com/ Name: lidid
Value: 8c8855ab-f5bf-4109-8e2c-f5f002167e02
.openx.net/ Name: i
Value: 2cd3a1bd-4ed8-4d04-b52f-cb426472fd56|1705799053
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705799053
.mfadsrvr.com/ Name: ssh
Value: !emx,1705799053!revcontent,1705799051!bidswitch,1705799048
.id5-sync.com/ Name: id5
Value: a99ccfab-8ba4-775d-b516-883b31d8e9cd#1705799053704#2
.id5-sync.com/ Name: 3pi
Value:
.creative-serving.com/ Name: tuuid
Value: 009ba73f-4c41-4edb-aaa1-0a080c99f456
.creative-serving.com/ Name: c
Value: 1705799053
.contextweb.com/ Name: V
Value: 7pxEk39WTewt
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0185e3ac6792b205
.creative-serving.com/ Name: tuuid_lu
Value: 1705799054
.nj1015.com/ Name: _ga_GGT2X929YG
Value: GS1.1.1705799043.1.1.1705799054.49.0.1460290601
.advertising.com/ Name: A3
Value: d=AQABBI5trGUCENo0jRHFromZcw9PmQbF5oEFEgEBAQG_rWW2ZSXUxyMA_eMAAA&S=AQAAAqapNoGEQgysjYR33b4DZ5c
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2DFF4D73-A845-4592-822D-8C7FE3B8BBEA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1706400000%3A265%7C1707004800%3A263_201%7C1705881600%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1707004800%3A54_250_71_220_21_13
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2bF7cw6CeSqQK0EMDDLucz4jSKp","deviceID":"2bF7cvNpzHxvcVUg582S1S0kO69","iv":"","v":""}
.doubleclick.net/ Name: DSID
Value: NO_DATA
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p8k|2N.0|3oy.0|4is.0|7TY.0
.undertone.com/ Name: UID_EXT_46
Value: a2a4f764-8e99-415e-b1f5-293d70c57410
.undertone.com/ Name: UID_EXT_56
Value: y-XPCLbVJE2uEXY2Jokhxf9gtrz2u649j_vKbxO.s-~A
.undertone.com/ Name: UID_EXT_47
Value: LRMSPLFB-25-HAPR
.turn.com/ Name: uid
Value: 2798585505725352149
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_6938f918-813f-4aa8-afc6-ee75e74ff043
.media.net/ Name: data-ris
Value: {{APID}}~~25
.go.sonobi.com/ Name: HAPLB8G
Value: s8650|Zaxtk
.33across.com/ Name: 33x_ps
Value: u%3D212429221422365%3As1%3D1705799056330%3Ats%3D1705799056330
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!505
.krxd.net/ Name: _kuid_
Value: QDEqNB39
.tapad.com/ Name: TapAd_TS
Value: 1705799055721
.tapad.com/ Name: TapAd_DID
Value: d5c1858b-b124-48d5-9415-d9037347e96b
.bounceexchange.com/ Name: bounceClientVisit5351c
Value: %7B%22vid%22%3A1705799056430937%2C%22did%22%3A%222781440386840590260%22%7D
.nj1015.com/ Name: bounceClientVisit5351v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgHYBWAjAAzkCsAdAMYD2AtkQnAIbEDWKA5gFMkAS2L8AtLkq4MRTPgCuCFgH0UTRQCcGgzABEAypxFgOWxXgBsytS0EATEYrYZ9glibDXbqhpxYIE35iAwA5QQB3FDBhBEEtPBppAFkmYjok6TCmADdM3GTqOULcAGEsmRkSmxVVeK1XfSwwb1LKADVOMBEHSoBVFASUEAAaEC0YEDGQERRVfiZ1QRQUEXSYADNuofG5hYhl1fXiLZ3BAF8gA
.tynt.com/ Name: uid
Value: 4Qap4mWsbZDCgISUM1TVlw==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1705799056831%7D%5D
.media6degrees.com/ Name: acs
Value: 012020k1s7l6z4xzt10
.media6degrees.com/ Name: clid
Value: 2s7l6z401171xqc8b77hp82v000000010k010301101
.nj1015.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9VTz7NvOcstYIfpyxQ5-BrDJP7lFnLVgMF_IULqi_Kir_lgbNhsL4u3klTFrzyUVQQ1D1v6dkp9RfXDTaFa1IYUBGTlju8M8UqQLoC4VgA9WXi7E0VdKBIk9cf8qLowQuST11aDLxgUdSAQNczWbhSx3NqlQ%3D%3D%22%5D%5D
.adnxs.com/ Name: XANDR_PANID
Value: WmA6vKvRmEpR18S1etdVE2QAB624zFdPRvVF_n7E6z-o5B2bOHnxwGTrf-5_s3ja6Xhdle8OnHJWLJFQIVVEIvDekLfxnzywzZjhLj2Y_Mc.
.adnxs.com/ Name: anj
Value: dTM7k!M4/0DunaTF']wIg2GTrl_+P$!]tc#8bhzs#DNA_<'.OaUcIsySm'LNV2wG.a%Vln^rfC$#]e%ba@boD.aDabByFnKcfM5c68IW_<d?%dkBF@h<:6[3c82N:!@B%)+H?)o
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMjI3NTQ2MDI3NTc5ODQ0NjAyMTQ1IiwiZXhwaXJlcyI6IjIwMjQtMDQtMjBUMDE6MDQ6MTZaIn0sInJ1Ymljb24iOnsidWlkIjoiTFJNU1BMRkItMjUtSEFQUiIsImV4cGlyZXMiOiIyMDI0LTA0LTIwVDAxOjA0OjE3WiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTIxVDAxOjA0OjE2WiJ9
.mathtag.com/ Name: uuid
Value: cfc665ac-6d91-4c00-87ba-3050a858ed2a
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2gap:1969~2gap:18z9~2gap:18vk~2gap:19e0~2gap"
.sharethrough.com/ Name: stx_user_id
Value: cc149bc6-05b9-4fba-8e1c-b5f8d2f29024
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIkIqwpd2JzTwQBRIXCghwdWJtYXRpYxILCOT4v7rdic08EAUSFgoHcnViaWNvbhILCJrP3bvdic08EAUSFAoFdGFwYWQSCwimg8293YnNPBAFEhsKDHNoYXJldGhyb3VnaBILCMrtitLdic08EAUYASABKAIyCwje443_84nNPBAFOAFaDHNoYXJldGhyb3VnaGAC
.hb.yahoo.net/ Name: visitor-id
Value: 3488006585469120000V10
.hb.yahoo.net/ Name: data-mag
Value: LRMSPLFB-25-HAPR~~63
.addthis.com/ Name: ouid
Value: 65ac6d920001ac91d885401eb2494c83fc218b734cb5014b40ad
.addthis.com/ Name: uid
Value: 65ac6d92125d754b
.addthis.com/ Name: na_id
Value: 2024012101041836800989059794
.dotomi.com/ Name: DotomiTest
Value: 48af09a9a0780511
.nj1015.com/ Name: _pnvl_J3RlVc2f
Value: false
.nj1015.com/ Name: pushly.user_puuid_J3RlVc2f
Value: s06rfihgj9qK2de9T4rs4pqVyJclLsF5
.nj1015.com/ Name: _pnss_J3RlVc2f
Value: none
.postrelease.com/ Name: visitor
Value: 12927d71-4ced-4778-9464-b42f91227243
.postrelease.com/ Name: status
Value: 1
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcJfxSSibUcqWhNnEbgOEZy94hBjU8YBsU6+lPczFfi8GaKfv5JqsyBYwFCfoC+4IsVBNEij2JsVLYr/HJ37voRZ0t4i1Iq21d0=
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"33across":1,"appnexus":1,"openx":1,"rubicon":1}

31 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://cmp.osano.com/AzZv96TckxjKF6VSR/b22a3c1e-9330-420c-a146-9d99b80cfddc/osano.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11624&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dloopme%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%7Bviewer_token%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d1bqktvj79b0wh.cloudfront.net/5467fc02-45c8-4dd3-af06-9957b0d46c88/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
amazon-tam-match.dotomi.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.bounceexchange.com
api.btloader.com
api.rlcdn.com
apis.google.com
assets.a-mo.net
assets.bounceexchange.com
assets.pinterest.com
assets.revcontent.com
at.teads.tv
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c14cce2f77e911da809231b01f4e6cd4.safeframe.googlesyndication.com
cadmus.script.ac
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.p-n.io
cdn.prod.uidapi.com
cdn.production.townsquareblogs.com
cdn.undertone.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
consent.api.osano.com
contextual-analytics.wunderkind.co
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csync.loopme.me
cw.addthis.com
d1bqktvj79b0wh.cloudfront.net
data.cdnbasket.net
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
emx-match.dotomi.com
eus.rubiconproject.com
events-ssc.33across.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
funes.solutionshindsight.net
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
hb.minutemedia-prebid.com
hb.undertone.com
hb.yahoo.net
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
id5-sync.com
ids.cdnwidget.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
internal-ads.production.townsquareblogs.com
invstatic101.creativecdn.com
jadserve.postrelease.com
js-sec.indexww.com
krk2.kargo.com
link.trenton.townsquarenewsletters.com
live.primis.tech
loadm.exelator.com
log.pinterest.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
nj1015.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
page.cdnbasket.net
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-use.mfadsrvr.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssl.gstatic.com
ssp.behave.com
ssp.wknd.ai
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.solutionshindsight.net
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.googleapis.com
stx-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync1.intentiq.com
syncaps.cootlogix.com
syndication.twitter.com
t.adx.opera.com
tag.wknd.ai
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
tpc.googlesyndication.com
tr.blismedia.com
trends.revcontent.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usr.undertone.com
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
x.bidswitch.net
yeet.revcontent.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
assets.a-mo.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c1.adform.net
cdn.undertone.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
core.iprom.net
creativecdn.com
csync.loopme.me
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
gocm.c.appier.net
hb.undertone.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
match.deepintent.com
match.prod.bidr.io
oajs.openx.net
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pm.w55c.net
pmp.mxptint.net
prebid.media.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
simage2.pubmatic.com
ssc-cms.33across.com
ssp.behave.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
t.adx.opera.com
tags.bluekai.com
thrtle.com
tlx.3lift.com
tr.blismedia.com
trends.revcontent.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
us01.z.antigena.com
www.gstatic.com
x.bidswitch.net
104.18.23.145
104.18.35.167
104.18.36.155
104.22.53.86
104.22.74.216
104.244.42.136
104.26.3.70
104.36.115.111
104.36.115.113
104.64.221.222
108.138.85.19
13.225.195.129
13.225.195.88
13.225.195.90
13.225.195.94
13.226.139.75
13.226.141.120
13.249.42.27
130.211.23.194
137.184.202.88
142.251.111.94
142.251.16.136
142.251.16.139
142.251.16.156
142.251.16.207
142.251.163.101
142.251.163.97
146.75.28.157
146.75.28.84
147.28.129.37
15.197.193.217
151.101.129.229
151.101.192.84
155.138.160.21
162.19.138.82
172.253.115.155
172.253.122.132
172.253.122.147
172.253.122.149
172.253.122.155
172.253.122.84
172.253.62.94
172.253.63.101
172.253.63.154
172.253.63.155
172.253.63.94
172.253.63.95
172.64.144.166
172.64.149.180
172.64.151.238
18.235.40.85
18.67.17.105
192.229.163.133
192.229.163.160
192.229.163.86
198.148.27.131
20.127.253.7
216.152.143.250
216.239.36.181
216.34.207.44
23.1.200.83
23.13.65.87
23.222.193.151
23.40.207.233
23.46.192.28
23.48.8.28
23.48.9.103
23.48.9.151
23.55.60.26
23.56.220.247
3.161.212.32
3.209.165.115
3.222.82.214
3.224.226.172
3.225.218.10
3.229.121.224
31.13.66.174
31.13.66.19
31.13.66.35
31.13.66.63
34.102.146.192
34.102.157.236
34.102.255.132
34.111.113.62
34.111.8.32
34.117.239.71
34.117.4.53
34.120.155.137
34.120.253.250
34.120.63.153
34.149.148.173
34.160.20.10
34.193.251.250
34.194.39.133
34.235.210.13
34.95.69.49
34.96.70.87
34.98.72.95
35.186.253.211
35.207.24.140
35.211.178.172
35.244.159.8
35.71.139.29
44.217.240.117
50.16.197.56
50.19.82.102
52.44.110.188
52.45.176.159
52.46.143.56
52.72.177.11
52.85.151.90
52.87.69.37
54.156.240.123
54.165.212.64
54.192.51.13
54.192.51.45
54.192.51.57
54.192.51.72
54.198.106.196
54.243.62.226
67.202.105.21
67.202.105.32
68.67.160.137
68.67.160.186
69.166.1.66
69.166.1.8
69.173.151.100
70.42.32.127
74.119.119.131
74.121.140.211
8.28.7.83
8.28.7.84
8.43.72.32
8.43.72.97
8.43.72.98
99.84.208.88
01c3a1eff29fdb06c7d871d6910f6d287124d315f51276ca7e3020e9e274415a
041b208e087d4812d0f496ce51e1e5291143a4d5c0e88e11415760cd979e1e4b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
088b8e918c48615555d05ba0d8b2273a4af0b979f23e4fef71c6bb539b0719dd
092bbd7adcaa78b953f53ff62a6da9485cb23674c23ea81c9e78b121849e1543
0ab0ae1a219545415f5e31daccc3730231951bd262fc4727a36f42a70352fa25
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
0fb0405035e03b2fdd4e78a324055ac035255ba429a235c28b73416fd0e3f757
1047bf2303165f70fb18f2e4ab0bb2baed7918de0243565d99a601feccbb7a25
1118d42f04f16e296250f63cb208424588e576c756c1452508e4c2fb8956631f
11209b14d884bfcdde972cb0013a2608eeb3c4580f166febc4e7d67e82f1a87a
112f6dff031ffd03233fc810ceb97d018becd8cfeea490490693d53f73e2bada
1267e59e6ef999146b80bfdf63103ea018832c46ad4dbd9ab362d0fdcbe5c1a9
130c1f6344ef81ce8ad11bbdfb17e6e2d53042b9e6b90af3adc5f582fe50597d
132c8991d901ec97cc0e44996f0895e9d1d3b040c31390347472acd6e58f4805
13b2b7755fe517fb8f263095ec4e6466fb75e59176776f17ed4a7ca8c80f57be
13ecdb9ede7481a3f2d11c11b1b5ffbd0a5af8298d076d894b7fed998fe765e3
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14f163220d1e6cc83c476f1a433099e861c6b96e7c5b80d37604ec372ca7636e
15b0f722d371765f5105c59f0b0734634a6d7c98671944355d55843fb33a32d2
16551ff6c6dd43d578ac17db726a6ccc0cd273f1becc332430e94d678e49f949
17096d113c4339d6c0b5e631ffa17f09010e3a4eec50304ac438de018c17bd18
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1756982eb654a274c9d64df3bc51a08b3bd66a8cf191f168e957efc3634bfbd4
17d6e1248e5e81ec8e777e135f721350005d3a43e579fd28ea94f0c4f3b76ab9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e1d767716d5bab2fd107598de710d504fb9356dc92ba10320e5968c3c7e238
19cbb74a471bd001d99029ebc4dcdc50087d13dff8cbd9d7b278aac17303e669
19d22056f0f273216d4435938e1fa2a68d6ac5360312d2786db281a9477e4efe
1a2648d2251fa3a298cb7d96b88a61b89b455db623072382532e71f96eeba634
1be6ef3faa268b35446e3348d53c352298972b9188169a896dae69f233c36ff1
1cdb434b2dcec7d3bb5593e227b5d89a5a8c58d5bf34621935ddebfad9e244a9
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1d775040d5cde963bae2bd1cc89bf9748b1be9c8e9e02bdad4368c8bb929d2a6
1ec4fc5438a13a88ea09a1618dcdfa922c66ae15dcac3d5755fdeb09313a1f77
1fd7c30f7a5b8666819929a1cf1bdcdab1e260f4fbebe8d0eb733384aed0c541
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2176ef4808c0e4ad3b78d7c9c96cf4e7a89c398b0c12fcb20dd0ad641ee0cf2f
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
233641f3a4b38bdbd4617abea8f451d63cea34716aeefefb40c84825d0ac40f3
239c6f76baaae5d44dea80b232c15f466498444a2d2c52b2d216b386407cf5d3
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
262dcfac3604d10ff5241abbee6b6e33fcc7877c73b01a5f6a13c9f9a619ecbf
26e6326b53bdf9dd4b2365b8ea29ae8ad2e5b912f567f9a9b01d1be79ba157ef
2885de1ea14928bce380e346d97c1e11ab62ab68de0a8612fb79a21e53ae9b4d
28aef22c9fff6969f23e3ce54b4ef67a95891b2a84e53c1b02043325dc78a4a8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2abd3643ec212061e1e2487227015f22ac9df27a47ed41448958dad46acd5f7f
2c1f56bd9914a1b5baa367ede5c376c2af4d059ec78e322ae695bf864d5951d1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e42b62cdc02d20959b083a45461865123467a3f977ab671c6eba96796cf43cb
2e5a008c9ecf2ba88cb62c0467b51f3ae26833a276dc5700b2727a12e16b5689
2f6b85ec73ded21620bceabe549b4915635e81248734cba74d40afba78b7c671
2f969e4a9dca14e00f06efb32ff03e90cf29be2062651999cbec085a765951f7
2ff7afaf492e9bf5974fc86de94e3958c9a6b0255c2a0b5e4bb3950e827a54ea
300ba12de70470c68806b51cdd64c098916b20bf57e1fd3886352ca762301c7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e3ff445123b7a0383fe99704a5b23edcb602952b4bfb2d6adfaa0e29b83b9d
32c3f0d651e0628cd956db00e636b2d0c4dd87f46368d7477c6e3814d2db4e10
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
342a2d7c17220a9f5e2758502a5004dc3ecaf67d6a118774ebc8055728183282
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3608f5e06c52930fac7e601c61b487c88e844d75f48c33fe6558db42247d1010
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c5bdf9ddcfd8b0db942440b90a7e7bf72547b9d4f53f29e0b15eac0f197fbc0
3ce9b27d921b29543b3aac0c8bc698040bf6993fbb505048f23ecee80d29621b
3d1953abca816f38b0b1d6e2f04c3a4b8f2d1d056e22da1939769063e1a4b755
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0d580bb9640b8713a911759c26c4a4beb9d69d53d4aa2700dd9fcf901f1ba3
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
424248a20db7dfa231489ae4eefd05563d2cf4b39d96fe8049244439be5f633a
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442725f2ec03a6334987bf0a9fb123bd41225e73761d5b8165abcdf6e1c2dd37
44ec3ae5cf9a947dc48a0b016a8702f41d3e392ff78a1e0b9b46d44173b8bb39
467f5a05f4f8cb5dcb01d06d9e563a1598de54ede7d28788ad15b65477aa781d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4978a62672be1f4bf64153b84006add4cbbf034ad2fddea25b61ad97345b721b
49e4abd1032a0417a8f48845687cd41c7951bf67361ee6ab9f35532363f729a6
4b5576b0960e5166d7fbe25664c3fd43631b0ff09d2153bc41908f0dc77d3fd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9c2f01a76c804d7a74859c42f52e9333303fc3b5b80abf63a214dfd3a80bd4
4beeaa9fc2dcfc40e6ecece175aadbc70c5fb6c38911ca55e453d21b966054df
4bfc7a98fabb704beefca5f1f5e6c6253d8adbeba8aef7a5f76c2a7cf633a07d
4c620ea7c0734d5bf76c5ea6ae05c6324a24f81f36bd1ee2d71e45bfac289fac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
51e2529e6e1b696560e8ce848486e41cc52e9952c0b4c3a7e3aab27b13364e92
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5540d3df62e506a8f48a946ca5163e2692763cb24e638cd538b080a9b1109a84
5b78221b464f2f4d7dbdd964cf28336f141e391f22de761e65047a7b6c7d75ba
5d8b255182de2684e2e17f2d36273f83d72287116879d7ef038c4c24dee84cee
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5e7f72175da1c4149b90b734a736bb8e7ce87a60fc07dcc9e8b2c12d411c1831
5f73aa06d8df02a1b0fa5441cbcae3f93edb479c92a8b1c2ddf5d92dfa72d578
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60f70f56032b6116a6f22d6030eff1115bdf62cc99dea6bd1fef9bd9ca839de7
610865413ce4c37a292b22ffee4f1be1b898478e3273564d6fcb662b0fff0a0f
6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4
6174ddbc7070a222ed3c8ee788f6a9ef1bb7be5c4d66660c17f476f4bf881dad
61fbffcb29f05ad83ad861be376134b4e710e21a86faaed8948e4f1941c4aba9
6289fbb97d9e326c4af9f7194fd1d8dfc406275010bfc5c7a6e0194549e2ef5c
62b6bb20f5167449fc8274832a8104143627776a33c26efaa119b16150ac651a
639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9
656eedabc5f352ea799897a41ffba91cdcaadd828b70813d48754eb3e0a30710
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
6982bc272051cc5f99de59d15c870cc19f884fec6a2789ae5a559c64897f22bc
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b38a5265bf062b3aeb0e42ab7e1e98fe5bfef1207e383788429f09f397bc5b8
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6e34f8ae558af205e8ac32253e941ed4c8e4c743d7a67073af5f309d2b4239e5
6fe5475e36422db30e6f9c845234a1fd065c9c32a38079642b66a5708779b846
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
76fa42cc45141bd368c2689c065f88ba8ec6755857cc62ab1ff0f645fe8f3f25
7832ee285312fb3dd8de0b332090a2df8be728d610f18a8ea1378ef887a77871
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797f8dd85fad9cd385ae08796fd183104959540f9238e88148a8eabdf575f5ed
7985a8ce1cd65f003d29442e9b50dbcf3962646b3b70e958f35d3b6d9f149b5f
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b0bb9cd525a386744d13b2034574f2e2d33ecf2926f8b98134511bfee225968
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d4417fecb3c3bc6e9475a0490ee05c466994d1bb97c0557b628dceb40dc69c6
7dd73aa2b217f0c4321699906f5892822a588c67dbd6411eff09ee758c710217
7dddb57160dce8ee91d8a4b4c3db8041d66f21109e0c5b3a1bdd9e0b7a5e5b67
7e7196a107963ed1b891c186b7d498aeda5cc4538e2c8a7e459da2de6166e3d1
7f6242116061fd7a6d6b1e1cddf5d78fc46ebf84c52ea4390411da5c3dd41ca6
82185f1a61433c2b2f8d5cc3602120ae8fe369d40abb9ff15cfdc2c02bd66b12
828297d343f6e3cc3384b10a6337a610eb1ae5e43cfb14bcc31335bb9d80342a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8303d2d8ad46da79400f9ff757e3a4ce7e74dff74bbf3c3df746181601824d4e
830dfa6240c93c6032af71aef861cb4c027e2696eb418a82b2a28780c76076bd
842fe092c730ed9b2e246b8b257bd55da1e8d4fd32c57a7197f1386784964285
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
844df235672a5effb5caaa2acb0bdd01ac47bfd4c6ae763ad2b82cfe6cfa0ebe
885c77fcf69ba04964985f7c01843fa692198b271f8b9466000006f3e8a247f8
88a682273b158e34339ae70bb931aa02a0581e34443c68be8aaedd26da54dc6d
894a789591c4989be605de0c004fd46d15cbfc87b169c06b4f7817589182877b
8b5237b3bf8b0db501efea7b151525f295cfef23e1aab044b35bdf57c762ffb9
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c04edb7566feeb2a539aef8a0b151dd87bf1ec1be1705252fb0fdb2d8b3a1fe
8c057a52ed4a8445ed6a4423cfd39a72485fce56d18baeaa839b00519a5c41e9
8c20e84434525b4a0e3c27e768b75022938ca27a812ae5bd41fb6fba04ce9313
8ca21eb8e54bb565c83c9947473943770b64768a39d5058c5bdff84ba2a6f8fe
8e2b18a2ecba2cf7e9c1d3ce625c2bc1e543b564c54db5ed209f1767496393b5
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f985fcbcf3c73a3b25d6277f960cca3d6c269feac6511d43bc87003f605bd69
915079520950e4dcb52df27cf94659147e234f9fa59960f5f83f03af0065bf4c
9185040762922c98a89681e9452da33866da323b6b927a42d98ad425abd6e919
91e5ee85732028ebc77c254380dff380777b4b15ed4f283ed831657c49868d33
931639d3acfb2a34a1d0ee51a9bc97c851e40e9f580cb22b00fb6888b066abd3
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9390d21998777f226e885b7866ac6f6ef03e65c571580a4a9144e9267359140e
9409c8a0dabb9655efdbd466720b12c77f2c130319a36a749d6e8feb459e0061
964528750814b7f250ebd2fc129b6ba7001fd1205c079fe78d31720e1ac42e47
9715cca2180b927c98368c563123504361e86f002d7f5c081315c09d6d12deff
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
98839cb177b37792c94aa69a4e69256db6a873d788c031792a74bc8f060fd211
9b70178fef5a402424fbc219d85a0c3100af3a82ac12a0b771ab4c722bcc5f31
9baf429d0489f1220480eb2b4567f360827304feec569746483c3d66f4c49497
9c51e2e21338bbefb18c15773e014f41a25283d218606ad2ccce1691ddac203b
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9cf6b431763fa0fceb389b784b32b01372d7caeda6a0159e2d032e7c2cd23555
9dc7fe9d1bd504ce36e311e7007ad3ae44ea8a71a8ccdc4d96dab614efb4e4e6
9fda47e07514096d78ef84e0648458aa627c97600d72ad0d9e5f703ac031e753
a08f1b669fcb439e60b551b9ab1d2b5e80692d05aca16cc6db35dd30fec4f2dd
a106465c11c6c1c93c600cf2b9e5e101aaab1f46451c89b0a7325731bb9dc4cc
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57b3c94098d8cc1be5fa80e9cf678fb4297562f0b13bf7393dbca38dc65372a
a5b4cf080630199327fa1a678014e6f06b78fa423d9b1a8b973ebda0d7d6f979
a64572803eac9d86078943f6cea7bf0f54f8a82d5482a3dfa33e1c8ebd94700f
a874943ff664af6f14029d4ed8bb73b377c859dda7b29ad52beea846733ee5c2
a97f7901eda6514458776eee65da634e815d6eae45eea44b17ce7c6025e285fb
a9e963ae2af3f5f511184bf48afb4651bfff43a033a227a7b97496e5a5269739
aa39c5d9ff00c78634620d90de4e522d1f27a6fb61ded4cc41ced7137a071c13
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21
ab8db044d7e690f04112aad0ec9d2e62dfb9ec530ef26bc88ce57119df1f1893
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6c5537fce72b91ff583dbf6bba1900efedc40e6bc1a38f3a427f8c79719882
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0d5ceabc8c823367249ff6a32ab5a59e3f3f169854aa5d7df4b923dcdd31879
b109b99892f49498dabf4253aaea738fb8390ef0921fd343f079327a117c9448
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a453513a60efac072fa1afebcec57b7f9891b50c36cfd514c338667e21bdcf
b2eab21c4f300ce29df5b010cb8deb4d97fb29ea057fd1ed5c446801d2457ed1
b4cf27f0514b398a78fb23a7780b062eabafb859ba3c2eb87f98ad8f14d481b0
b6c8c8e74ee9cac5e20a47012b583b82eaa6764daf0b841412d8e59301431abe
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b8164b6e44ff6fbf007dc6867dde1db97c1187c1da6dc3a97c46c65b113c5eeb
b8f673c66255684d2833552c3f07543a23c8f31ab78e405842dd483c6ef3a3ed
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7398c2353dfe979b11907494656d7324938cfb8123a1ee2b61860f2b1396be
bdb29a4f559837e088e3c49e4c3b99c8343f953d593a0b9c9315a9aaea7d3cac
bf1b29085b99c85c5948f20a9f2e9360ac853799191d0290dfbcdcb320223aa8
bfa5a63d1e48b09a9835fc81cd3ab92981ece7f7ff19338d9afbd51ad9c7f746
c1d9714fc9d35dc8b130121b4db311a5f3acfed6f27d84779ff05701e737723a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26ee46951fbdb09a9633f53c857e2a720bb23f3d9599efc2ee49460bb4603fe
c2ce35add78a9b68de1a358ce7fa05e3412e9f512ebc2204dec65242508393fa
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
c31def1ebd01f472cee3f19d0ebd6ce0c6f66d8c5b51078cf70a849cda3833b5
c36bf9bc830116dfdeb783c8654c8f9e6614e376ba88b9f59a29db4056d65faf
c36e9bb2e913500763aa0f62ac2c2990247d78660b55dccff382a3b7e6dd5b8e
c37f09c89e2cc7db32545885c28dfff9b2591ed1bb0c5b1a7bbd890a8120c672
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c51f896f99910be676a94e1b4ddc9411af3880c9eb2df8d82d22c1ba2bfffb3f
c574041f943d6b8e5ba9ad3fd40d9f33926ee061e2e83a48c728e088bc28b499
c5e217ee8a059e5fd0860a9f4a75e30caf62646613163e47323664dbe423fd0d
c682686316993ba9fa50ec040cb91eb56db193ea10695e97274a26810a2c3168
c6bc882abc8750f3a3414a1b691226ae8a03b3bd20cbbb20668dc95faf431c59
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831
c827aa566d8faa54ed7bea617ecad6a7c19e15af9d7a456e3e4ed27e53eff231
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caec17fff186e21c5cfd4c21b30eee0b8fb3c2f32cc71c15d9d04988042d6e80
caee92394ef44100f57cf90ff471fedd55c68a5b56ff620bd91a0febccb33c57
cb4c12362b5ef03557f68bfa03f27a50b01423063d69509ea9934f2ce22ac4a1
cd1f15f87f856ee2b098881762c0a65ba0b350ca51329125732fe85525a85757
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce7d17a32ba87dde73cab1b875cb16fa2313659f2ebf120b206109a10ff53115
ceb830056c35a33105326039df83e2be628cb7f4888112f22ded7f0cf3d54db6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00bcc19635acdf4db9078ac8d0c81bd55337a28d756a16d9ee98721128084aa
d0b255f059c60b2aca607c6c3e0dc6bcb2387ee65136b4800a29afa4b24e4d94
d129feb419ec5e7fdfcf98a6a8ec8337e31cc35ae2b8b0d33e040cde48f23935
d26a6c542ab08c02db2df8a29aa8c881d6d1e78db6e035a31e0504ac32ce3d22
d40752df6f4d530e7772ee322c7245bd56641cd478990961b7c1c64c5eac744e
d533b0b49814181e57d850d223c86463953546584ef90f349655da43b57e780c
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d713cbae8110407274fed9bbc1bbd47cc0fc78c9645295e0d0d7351a02aa10a7
d7c6b580528f56d5c1db3e108caa06161b383c5cd00dd2e8ca11a5e4b227b848
d7f1fdcd058f813b38d5dcf864fb9f6d4f5b146cbba662d8bbe4369cf263fefe
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4
d80716b0ba40f5c6473a3b259d571f724a726f2f3405104b7a5267fb7dcf5f5f
d86c059df7a6d61738a6eec59227ea23f35001203e4d942cd3e4159f67ef5b63
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9933e4aed02ffbc1a463a96f98fcdea7121d9e023d22de4c44aebfaac142694
dacc347e28dbeed15c7c86e258a6daa721241ec272d246854a73110db156b055
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
dc4f99ea59b85a8a679c72d2e36f1566f410c36a8c4813ebc193cea58783e16d
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
deeab3e089718b6836db56aa1c3592e3a3aa04efcd335186642846a233b990fa
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e68ac90135ae1cbddfbae659fef33f34ac2bb2b7d0b714fee67222762608e649
e6a678518ac5c2d2ae9245f6d89fa9afeb5c2e790f25d4b12f6c36d2acea97ab
e79a6ef2ebaa23fd42e743fcddedc0e894975889e59ab9dde2d90faf802a3c13
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7bf3a9d9f681f2f76fb349e4850594e7a551525a00ffa9a0a8df14a6011c2d
f153a14717db34b5174b73824ba45c5678c7e6e6d939ccf3b3f3d18ce0988598
f2666881b4ede4e0d6e634a6f1d50b98b78b01d359803da5e01908d9600d9bcc
f2b758923154d24230301c92b66abb9edd79154f9891c5ca5a1eb5ef3c21c00d
f4b04cff79b71d59b9bee863cbec83eec5d899355d9c1b29deb8f5df8df09b3f
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f57627d3e911a7932c07ff140eaf0fb9e0a0f0e8df676c29f2005805c5825202
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
f59bdabe1771a324e969402a1389f5538f3ee6ecb0bf005fe74efa8c7c8d12f3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60cb42ac7ba736d7d8b93ac54aba7049521564a5dc4d624ff0eb666f3f5c594
f63564672e9e9e8a4dfc808a923f6d87d30bc6a4bb432e35b6bdbe1cbb262f96
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f868537998a50b167a5216bf60ee9e9a588bc7a32e1fb36b266eeb7b770257b2
f968a7df841e8cb736584a22b1ba046a43fca39479240c7abdd92a1f709f26b7
fa4404c323dc19cf57a7e76328cb590ac7cb580dc803a9d4cc6d7048821979af
fa7c5425d5085547af12cddd78fac290f74c93df8167289bf793e26977d88c05
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
ffed57336a5aa649a6b72783ce80f5e438c1688e4958878d15e96b45abd2d948
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2