urlscan.io logo urlscan.io
SecurityTrails logo

www.turnto23.com Open in urlscan Pro
143.204.215.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turnto23.com/
Effective URL: https://www.turnto23.com/
Submission Tags: tranco_l324
Submission: On November 03 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 7 countries across 80 domains to perform 287 HTTP transactions. The main IP is 143.204.215.18, located in United States and belongs to AMAZON-02, US. The main domain is www.turnto23.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.
This is the only time www.turnto23.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 65.9.71.50 16509 (AMAZON-02)
6 143.204.215.18 16509 (AMAZON-02)
20 13.32.22.42 16509 (AMAZON-02)
3 2600:9000:211... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 13.32.22.112 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 2.18.235.40 16625 (AKAMAI-AS)
4 13.32.21.201 16509 (AMAZON-02)
2 2.18.235.93 16625 (AKAMAI-AS)
1 2 2.19.35.65 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 65.9.7.60 16509 (AMAZON-02)
2 13.35.253.85 16509 (AMAZON-02)
1 18.171.9.184 16509 (AMAZON-02)
1 2 142.250.186.134 15169 (GOOGLE)
1 3 13.35.253.75 16509 (AMAZON-02)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 66.155.71.25 13768 (COGECO-PEER1)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.227.203.93 15169 (GOOGLE)
1 52.205.167.202 14618 (AMAZON-AES)
8 172.217.18.98 15169 (GOOGLE)
1 34.96.74.203 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.65.202.227 16509 (AMAZON-02)
1 8 34.98.64.218 15169 (GOOGLE)
5 54.77.19.59 16509 (AMAZON-02)
2 9 134.209.131.220 14061 (DIGITALOC...)
3 7 185.33.221.15 29990 (ASN-APPNEX)
1 2602:803:c004... 26667 (RUBICONPR...)
2 34.149.20.76 15169 (GOOGLE)
2 52.28.203.152 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 52.57.26.239 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
12 27 142.250.186.98 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 104.111.242.245 16625 (AKAMAI-AS)
19 2a00:1450:400... 15169 (GOOGLE)
4 216.58.212.130 15169 (GOOGLE)
2 2 35.156.135.60 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
4 8 69.173.144.139 26667 (RUBICONPR...)
3 3 72.251.249.13 29791 (VOXEL-DOT...)
3 8 76.223.111.18 16509 (AMAZON-02)
1 2 66.155.71.150 13768 (COGECO-PEER1)
1 34.96.105.8 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 199.187.193.177 47043 (SMARTADSE...)
3 3 18.184.95.242 16509 (AMAZON-02)
4 4 3.126.56.137 16509 (AMAZON-02)
2 82.113.101.132 6805 (TDDE-ASN1)
2 208.100.17.176 ()
5 5 185.29.134.244 ()
2 151.101.65.108 ()
4 23.79.143.124 ()
1 205.185.216.42 ()
2 3 185.33.220.100 ()
3 6 15.197.193.217 ()
1 2620:119:50e1... ()
2 3 2a05:d018:d29... ()
3 4 18.196.195.54 ()
1 2620:1ec:c11:... ()
1 2 52.46.154.242 ()
1 1 64.74.236.63 ()
2 2 2001:678:cb4:... ()
3 4 37.157.4.23 ()
3 3 151.101.130.49 ()
1 35.244.174.68 ()
1 2a00:1288:80:... ()
2 2.18.233.180 ()
1 178.162.133.149 ()
1 104.18.100.194 ()
1 185.64.190.78 ()
1 8.43.72.98 ()
2 2 213.155.156.164 ()
19 185.64.189.110 ()
1 178.250.0.163 ()
1 1 85.114.159.93 ()
3 3 52.212.206.16 ()
1 185.86.138.143 ()
1 1 162.55.6.212 ()
3 3 213.19.147.44 ()
1 2606:4700:20:... ()
1 1 87.98.128.108 ()
1 72.251.232.228 ()
1 1 195.5.165.20 ()
1 169.197.150.8 ()
1 1 2a04:4e42:400... ()
1 151.101.65.44 ()
2 198.47.127.20 ()
1 2 51.210.112.236 ()
2 2 34.254.143.3 ()
1 169.50.137.190 ()
1 1 52.17.151.21 ()
1 2a02:fa8:8806... ()
1 1 159.65.196.12 ()
1 1 34.98.107.212 ()
287 88
2    65.9.71.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-50.fra56.r.cloudfront.net
turnto23.com
6    143.204.215.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-18.fra53.r.cloudfront.net
www.turnto23.com
20    13.32.22.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-42.fra56.r.cloudfront.net
ewscripps.brightspotcdn.com
3    2600:9000:211e:ec00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    13.32.22.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-112.fra56.r.cloudfront.net
assets.scrippsdigital.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
sejs.moatads.com
px.moatads.com
4    13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.7.60 (Altamonte Springs, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-60.fra56.r.cloudfront.net
cdn.parsely.com
2    13.35.253.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-85.fra6.r.cloudfront.net
api.ewscloud.com
1    18.171.9.184 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-9-184.eu-west-2.compute.amazonaws.com
mb.moatads.com
2    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
4394967.fls.doubleclick.net
3    13.35.253.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net
sb.scorecardresearch.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
8    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
1    2600:9000:211e:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    3.65.202.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-202-227.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ewscripps-d.openx.net
us-u.openx.net
eu-u.openx.net
5    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
9    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
sync.serverbid.com
7    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2600:9000:211e:1400:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
20    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
12    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.57.26.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
27    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
19    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.156.135.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
8    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
3    18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    208.100.17.176 (None, )

ASN- ()
ssc-cms.33across.com
5    185.29.134.244 (None, )

ASN- ()
sync.mathtag.com
2    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
4    23.79.143.124 (None, )

ASN- ()
eus.rubiconproject.com
1    205.185.216.42 (None, )

ASN- ()
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3    185.33.220.100 (None, )

ASN- ()
secure.adnxs.com
6    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
1    2620:119:50e1:101::6cae:b25 (None, )

ASN- ()
px.ads.linkedin.com
3    2a05:d018:d29:3601:b508:a921:ac6e:d806 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
4    18.196.195.54 (None, )

ASN- ()
x.bidswitch.net
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
2    52.46.154.242 (None, )

ASN- ()
s.amazon-adsystem.com
1    64.74.236.63 (None, )

ASN- ()
b1sync.zemanta.com
2    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
4    37.157.4.23 (None, )

ASN- ()
c1.adform.net
3    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
1    2a00:1288:80:800::7000 (None, )

ASN- ()
ads.yahoo.com
2    2.18.233.180 (None, )

ASN- ()
ads.pubmatic.com
1    178.162.133.149 (None, )

ASN- ()
sync.go.sonobi.com
1    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
2    213.155.156.164 (None, )

ASN- ()
d5p.de17a.com
19    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (None, )

ASN- ()
dis.criteo.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
3    52.212.206.16 (None, )

ASN- ()
match.prod.bidr.io
1    185.86.138.143 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    162.55.6.212 (None, )

ASN- ()
csync.loopme.me
3    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:20::ac43:4a81 (None, )

ASN- ()
ad4m.at
1    87.98.128.108 (None, )

ASN- ()
green.erne.co
1    72.251.232.228 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.65.44 (None, )

ASN- ()
match.taboola.com
2    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
2    51.210.112.236 (None, )

ASN- ()
pixel.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
1    169.50.137.190 (None, )

ASN- ()
um.simpli.fi
1    52.17.151.21 (None, )

ASN- ()
ads.avct.cloud
1    2a02:fa8:8806:13::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
42 doubleclick.net
4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
225 KB
35 googlesyndication.com
pagead2.googlesyndication.com
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
tpc.googlesyndication.com
211 KB
24 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
30 KB
20 brightspotcdn.com
ewscripps.brightspotcdn.com
5 MB
19 2mdn.net
s0.2mdn.net
687 KB
18 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
133 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
42 KB
11 moatads.com
sejs.moatads.com
mb.moatads.com
px.moatads.com
79 KB
10 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
8 KB
10 openx.net
ewscripps-d.openx.net
us-u.openx.net
rtb.openx.net
eu-u.openx.net
2 KB
9 serverbid.com
e.serverbid.com
sync.serverbid.com
1 KB
9 3lift.com
tlx.3lift.com
eb2.3lift.com
5 KB
8 turnto23.com
turnto23.com
www.turnto23.com
394 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
40 KB
6 cookielaw.org
cdn.cookielaw.org
117 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4 KB
5 gumgum.com
g2.gumgum.com
rtb.gumgum.com
3 KB
5 typekit.net
use.typekit.net
p.typekit.net
52 KB
4 adform.net
c1.adform.net
2 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
456 B
4 google.com
adservice.google.com
www.google.com
2 KB
4 google-analytics.com
www.google-analytics.com
21 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 everesttech.net
sync-tm.everesttech.net
799 B
3 advertising.com
pixel.advertising.com
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 google.de
www.google.de
adservice.google.de
2 KB
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
719 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 ewscloud.com
api.ewscloud.com
static.ewscloud.com
7 KB
3 fontawesome.com
use.fontawesome.com
132 KB
3 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
68 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
733 B
2 taboola.com
trc.taboola.com
match.taboola.com
650 B
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 turn.com
ad.turn.com
930 B
2 o2online.de
portal.o2online.de
1 KB
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
610 B
2 w55c.net
pm.w55c.net
2 KB
2 teads.tv
sync.teads.tv
344 B
2 analyticssystems.net
analyticssystems.net
940 B
2 googletagservices.com
www.googletagservices.com
74 KB
2 pymx5.com
pymx5.com
api.pymx5.com
10 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 facebook.net
connect.facebook.net
78 KB
2 media.net
hbx.media.net
hblg.media.net
99 KB
2 scrippsdigital.com
assets.scrippsdigital.com
4 KB
1 playground.xyz
ads.playground.xyz
487 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 avct.cloud
ads.avct.cloud
436 B
1 simpli.fi
um.simpli.fi
612 B
1 deepintent.com
match.deepintent.com
44 B
1 iprom.net
core.iprom.net
521 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
328 B
1 ad4m.at
ad4m.at
915 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
217 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
335 B
1 adsymptotic.com
p.adsymptotic.com
1 sonobi.com
sync.go.sonobi.com
478 B
1 rlcdn.com
id.rlcdn.com
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
591 B
1 linkedin.com
px.ads.linkedin.com
599 B
1 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 KB
1 travelaudience.com
ads.travelaudience.com
521 B
1 blismedia.com
tr.blismedia.com
141 B
1 quantcount.com
rules.quantcount.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
47 KB
0 demdex.net Failed
dpm.demdex.net Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
287 80
Domain Requested by
27 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
20 ewscripps.brightspotcdn.com www.turnto23.com
19 s0.2mdn.net www.turnto23.com
s0.2mdn.net
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
12 simage2.pubmatic.com ads.pubmatic.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
s0.2mdn.net
9 px.moatads.com
8 eb2.3lift.com 3 redirects ads.rubiconproject.com
eb2.3lift.com
8 e.serverbid.com 1 redirects ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
7 image2.pubmatic.com ads.pubmatic.com
7 ib.adnxs.com 3 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 match.adsrvr.org 3 redirects eb2.3lift.com
eu-u.openx.net
6 cdn.cookielaw.org www.turnto23.com
cdn.cookielaw.org
6 www.turnto23.com www.turnto23.com
ewscripps.brightspotcdn.com
5 sync.mathtag.com 5 redirects
5 pixel.rubiconproject.com 1 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 x.bidswitch.net 3 redirects eb2.3lift.com
4 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4 ups.analytics.yahoo.com 4 redirects
4 googleads4.g.doubleclick.net www.turnto23.com
4 us-u.openx.net 1 redirects googleads.g.doubleclick.net
eu-u.openx.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
4 securepubads.g.doubleclick.net www.turnto23.com
securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.turnto23.com
4 c.amazon-adsystem.com www.turnto23.com
c.amazon-adsystem.com
4 use.typekit.net www.turnto23.com
use.typekit.net
3 match.prod.bidr.io 3 redirects
3 token.rubiconproject.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 secure.adnxs.com 2 redirects acdn.adnxs.com
3 eu-u.openx.net ads.rubiconproject.com
eu-u.openx.net
3 rtb.gumgum.com ads.rubiconproject.com
ads.pubmatic.com
3 pixel.advertising.com 3 redirects
3 ap.lijit.com 3 redirects
3 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pixel.quantserve.com 2 redirects www.turnto23.com
3 sb.scorecardresearch.com 1 redirects www.turnto23.com
3 use.fontawesome.com www.turnto23.com
use.fontawesome.com
3 d3plfjw9uod7ab.cloudfront.net www.turnto23.com
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
2 ad.turn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ssc-cms.33across.com ads.rubiconproject.com
2 portal.o2online.de
2 pixel-sync.sitescout.com 1 redirects 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
2 rtb.openx.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 analyticssystems.net 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
2 www.googletagservices.com 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 c2shb.ssp.yahoo.com ads.rubiconproject.com
2 ssc.33across.com ads.rubiconproject.com
2 g2.gumgum.com ads.rubiconproject.com
2 adservice.google.de adservice.google.com
securepubads.g.doubleclick.net
2 www.google.com www.turnto23.com
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
2 adservice.google.com 4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
2 4394967.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 connect.facebook.net www.turnto23.com
connect.facebook.net
2 assets.scrippsdigital.com www.turnto23.com
2 turnto23.com 2 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ads.avct.cloud 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 core.iprom.net 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 ssum-sec.casalemedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ads.yahoo.com
1 id.rlcdn.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
1 sync.serverbid.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
1 static.ewscloud.com www.turnto23.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 ewscripps-d.openx.net ads.rubiconproject.com
1 tlx.3lift.com ads.rubiconproject.com
1 hblg.media.net www.turnto23.com
1 www.google.de www.turnto23.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 api.pymx5.com pymx5.com
1 p1.parsely.com www.turnto23.com
1 pymx5.com www.googletagmanager.com
1 pixel.sitescout.com www.turnto23.com
1 secure.quantserve.com www.turnto23.com
1 mb.moatads.com sejs.moatads.com
1 cdn.parsely.com www.turnto23.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com www.turnto23.com
1 hbx.media.net www.turnto23.com
1 sejs.moatads.com www.turnto23.com
1 www.googletagmanager.com www.turnto23.com
0 dpm.demdex.net Failed
0 google2waycm.netmng.com Failed 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
287 126
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-12 -
2021-11-10		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2021-09-12 -
2022-09-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
e.serverbid.com
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.analyticssystems.net
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
teads.tv
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 44 frames:

Primary Page: https://www.turnto23.com/
Frame ID: 6B61317D2882AF405AD9EACBF98D105B
Requests: 106 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Frame ID: 43230228C2CC97EAC1E9B99D59EAF8C5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Frame ID: 3E100F280CBF9B74FDA4C34EF9C84454
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Frame ID: 547A48A5FA8CB30CE893B84FD5A86992
Requests: 1 HTTP requests in this frame

Frame: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14E7EC7C1D119144D16713727EFCC9C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F064E41DDD002067847DF946270194C4
Requests: 2 HTTP requests in this frame

Frame: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7030633BF1FEB8CB0D1DC9DE3C22AA43
Requests: 18 HTTP requests in this frame

Frame: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29DB36DDA5FB1D66D1B2335E69371E0F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Frame ID: 22671004ED02EA0E86CD3843CCC9E569
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Frame ID: 4F005717B0771FB5C64550EEDA2F9220
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 163CEA194F27DD7E5F17226CC34E2B18
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E51338F5F10C1B5E827694B3CA871B70
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DF8473F22701D12C5E000ED0CA6B593
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Frame ID: 5875FA17CC329D66DEEA64F96201EFC5
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Frame ID: DD361C1B9FD26A4213B60F3C1F5CE980
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F5070C679A9E5406D12831D7655F5A0C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Frame ID: 58911364B8FEAE9A2237B302B2261EAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Frame ID: 65156F2C1B66ED65C36C37013B511855
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dJ-bV6Byur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 96D9EF0A4B2D98000172095271FD02C3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=07b06182-1c4c-4200-b1c2-156058864336&gdpr=1&gdpr_consent=
Frame ID: B09BAFC966ED43488C32B07F3BCB1744
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0590B24D76F48A03EC409BE641959ECE
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8724F839C90853512E3C983B83343E56
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dMRW1kByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 16CC85BB61CF6D52F699736A26C9E63C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1A5A4BC6F9A2255D0DBC60B506331F35
Requests: 10 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 20CB6F275C2689B87F39B26ABAFA1F64
Requests: 8 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 3F240E480183E37ACBDAD3B4B91DC2E7
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 3295AD27B85B49FFD5310675324A990C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 93E4D998D5A68E9AC6FCA20016CD6556
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 55B6A3D094F7950ED1EA34F0A8BF0D0E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CBC4800E-1946-422B-883D-AD33D1F59D7A
Frame ID: 3492300A6345A77C5C72B907C80654C1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7625814139216508103
Frame ID: E9797CA7F965FB73A8454CBC93190EA1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F8269715E5BE08884297179E8AB5ABAC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026209485693319307
Frame ID: 3C6DB0460888690C1684991A15B55C4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYIcTAABtxuHHwBG&gdpr=0&gdpr_consent=
Frame ID: B63615C02758AE015EE5402890931D4D
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAITyk7DBDkAADbKDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 9A63968F4B8A7698726F6E4947B72B64
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: FB7F8D32C361849E2BCA98D7FA2AFDB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fac1846-3005-4f2c-af13-bdc143948554-003
Frame ID: B31AECC232A866C4DC0FE2D88EEB531A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9AF43AA2AD2F184C871F1064F06E6E99
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aIKxZ1uCX35ZbCYRh1KMXwPB
Frame ID: E15A5D211EF53F18C8FA8110329383AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AE29078729FDAB038C9D3C4839EBDE13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:276895634588953
Frame ID: 62119CE99B27DB7FA895357A9FD8751F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 84F8AF0DF1B1921B21185128E79B8C34
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f20afa0d-a076-4436-a134-e68a6a919ec1-tuct87ba1cd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B6268D35652F408640AF5F915D2F4D3C
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=CBC4800E-1946-422B-883D-AD33D1F59D7A
Frame ID: EE6307C9764E594D6B74F3D1FEE4439C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bakersfield, Calif. News and Weather | 23ABC News | KERO-TVBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://turnto23.com/ HTTP 301
    https://turnto23.com/ HTTP 301
    https://www.turnto23.com/ Page URL

Page Statistics

287
Requests

79 %
HTTPS

28 %
IPv6

80
Domains

126
Subdomains

88
IPs

7
Countries

7567 kB
Transfer

11702 kB
Size

48
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turnto23.com/ HTTP 301
    https://turnto23.com/ HTTP 301
    https://www.turnto23.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F HTTP 302
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Request Chain 64
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww.turnto23.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww.turnto23.com%2F&c9=
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1
Request Chain 125
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYIcSF5aDl43-TgwUk9z.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1&google_hm=2
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIoeskvNLoBRQZzAMf4ED74&google_cver=1
Request Chain 127
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkxNjgyNTkxMjUxNjA1NjE2MQ%3D%3D
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
Request Chain 129
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjIyZTk2ZTctODcyNC02OWNiLTQ0NjktYjlkMGM3ZDBmNWFk
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBegZGPrivZJigFkbswwsro&google_cver=1
Request Chain 152
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL16BAsaY7bji688uwJM_w3Q_sX9iyA2w43P8uI1-tyWipgQN6wlQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL16BAsaY7bji688uwJM_w3Q_sX9iyA2w43P8uI1-tyWipgQN6wlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MzdwSlVWQmcxTUk4STA1&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL16BAsaY7bji688uwJM_w3Q_sX9iyA2w43P8uI1-tyWipgQN6wlQ
Request Chain 154
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7T7Ph7T2dVfDBHwYH32qw&google_cver=1&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ&google_hm=ARfPEefVjkG3_a_e3isBdw==
Request Chain 155
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAPOY69KknuOndB7wJxqeco&google_cver=1&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQlPJGUlzNWP7f7S9SPEQaT9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZKMk8wN1UtSi1JVzBF&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQlPJGUlzNWP7f7S9SPEQaT9g
Request Chain 156
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEELyDvhtfEWCt2WI1i1h5Oo&google_cver=1&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEELyDvhtfEWCt2WI1i1h5Oo&google_cver=1&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU&google_hm=64e4eb142ee249f40cfed8c2
Request Chain 157
  • https://match.360yield.com/match/ebda?google_gid=CAESEHOQqcpnFQpcLr2_-KLa2Io&google_cver=1&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHOQqcpnFQpcLr2_-KLa2Io&google_cver=1&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU
Request Chain 158
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFw1t8TfSNRNsBkjEJfNCk&google_cver=1&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw&google_gid=CAESEEFw1t8TfSNRNsBkjEJfNCk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw
Request Chain 163
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELiLE2t5J_4S04NBhCDm4io&google_cver=1&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU0yscpSobJXw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GTnT1SpgSSqOY-7J3EIkAw2&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU0yscpSobJXw
Request Chain 165
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG7vZflnJho2QWwprT-T3OQ&google_cver=1&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvKlz1tuOZKoIsyyYo3BQYVU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvKlz1tuOZKoIsyyYo3BQYVU&google_hm=ODI3MDc2MTc4Nzg2NzMwMjQz
Request Chain 166
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU&apid=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU&apid=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkYzFlNGY5OC0zYzY1LTExZWMtYmFiMS0wNjgzNTcwYzljM2E%3D&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU
Request Chain 201
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=07b06182-1c4c-4200-b1c2-156058864336&gdpr=1&gdpr_consent=
Request Chain 206
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 208
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1916825912516056161
Request Chain 209
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=1e0a41f5-bef9-4eef-9e4e-6d98723f22c4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=1e0a41f5-bef9-4eef-9e4e-6d98723f22c4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=c3d494fb-a999-48b9-b9f0-ea0a0e81d9e7&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOKT1pS99-ZyRdDNw68o_a8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOKT1pS99-ZyRdDNw68o_a8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1916825912516056161&opid=apx&ops=&utidl=tech:goo:CAESEOKT1pS99-ZyRdDNw68o_a8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22194734217&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=fc21078429e6cd235fb42b20154ef60d&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELEm1J_V8WH-j4IMPtv_oQ8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 212
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D
Request Chain 214
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13514666089770845250?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-H1HwW9hE2oTo.Bp951Oi6WWMEii5P6u_8NDt9PilTw--~A&dongle=0883
Request Chain 217
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13514666089770845250 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13514666089770845250&dcc=t
Request Chain 218
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 219
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8628630469474301415&dongle=d407
Request Chain 220
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=07b06182-1c4c-4200-b1c2-156058864336
Request Chain 221
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kXcGvZYlCrmKJAa5n3ETuMUkDumKIwm4xSSgE36x
Request Chain 222
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6071657934346466747
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYIcTAABtxuHHwBG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYIcTAABtxuHHwBG&_test=YYIcTAABtxuHHwBG
Request Chain 231
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVJ2O07U-J-IW0E&sigv=1&esig=2~af6daddcdcbcd6365d59fc35c2f65ea0ab8cdc1b
Request Chain 232
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJjZDNhZjZkY2Y0MWFmNGViMDM4OWEyOTI3MmQ2ODgxNGNhOTZlMA
Request Chain 233
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=07b06182-1c4c-4200-b1c2-156058864336&expires=28
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cGzpwMhZ5DpO1Q5njMczow?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4108659570740189488
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKT0VKAtr-oE08KSHfPYCBM&google_cver=1
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 239
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=e79fcae2-f7cc-0486-3a05-237c8c69f940
Request Chain 240
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1916825912516056161
Request Chain 241
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
Request Chain 242
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYIcSF5aDl43-TgwUk9z.AAA%261123
Request Chain 243
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=64e4eb142ee249f40cfed8c2
Request Chain 245
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.5834961392902747%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
Request Chain 252
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7625814139216508103
Request Chain 254
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026209485693319307
Request Chain 255
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYIcTAABtxuHHwBG&gdpr=0&gdpr_consent=
Request Chain 256
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJVHlrN0RCRGtBQURiS0R0b0NJdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAITyk7DBDkAADbKDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 257
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 258
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3881012348 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/206ea11f-4306-4bd1-96e8-8181872fb3c6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7fac1846-3005-4f2c-af13-bdc143948554-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7fac1846-3005-4f2c-af13-bdc143948554-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fac1846-3005-4f2c-af13-bdc143948554-003
Request Chain 260
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aIKxZ1uCX35ZbCYRh1KMXwPB
Request Chain 262
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:276895634588953
Request Chain 264
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f20afa0d-a076-4436-a134-e68a6a919ec1-tuct87ba1cd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y8SADhlGQiuIPa0z0fWdeg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=07b06182-1c4c-4200-b1c2-156058864336
Request Chain 268
  • https://pixel.onaudience.com/?partner=214&mapped=CBC4800E-1946-422B-883D-AD33D1F59D7A HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f09cca092f4192877c1b16480aae677f
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0JDNDgwMEUtMTk0Ni00MjJCLTg4M0QtQUQzM0QxRjU5RDdB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC93wTElvVOleVGJwKS1Vtk&google_cver=1
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:07b06182-1c4c-4200-b1c2-156058864336&gdpr=0&gdpr_consent=
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=206ea11f-4306-4bd1-96e8-8181872fb3c6
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6071657934346466747
Request Chain 275
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1916825912516056161&gdpr=0&gdpr_consent=
Request Chain 276
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YgUWaWVXGm15VhZtbAMDbDZWHj15URlsNlYfyN8P
Request Chain 277
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CBC4800E-1946-422B-883D-AD33D1F59D7A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8.zTu1ZE2uXJ7jCen4NnPuNG86YWz8A-~A&gdpr=0&gdpr_consent=
Request Chain 279
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c3d494fb-a999-48b9-b9f0-ea0a0e81d9e7&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c53de697-36d5-4e4e-b68e-9c6a5e0d3b4c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 281
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8628630469474301415&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 282
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 283
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:627397f4-2110-45b5-9669-96bb4f0f4232&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 284
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1916825912516056161

287 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turnto23.com/
Redirect Chain
  • http://turnto23.com/
  • https://turnto23.com/
  • https://www.turnto23.com/
349 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
7dab23eac6de3298e9dd1550ece6f78c1383cf09931ba0e989eda771f2acc3eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=120
Content-Encoding
gzip
Date
Wed, 03 Nov 2021 05:21:09 GMT
Server
Apache Tomcat
X-Powered-By
Brightspot
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
wUbo8yDIHlIG6cuYq3ScKC_PCuu-AUHjNjhiS-NPatYX-iXJkjQ9_w==

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
max-age=240
Date
Wed, 03 Nov 2021 05:21:08 GMT
Location
https://www.turnto23.com/
Server
Apache Tomcat
X-Cache
Miss from cloudfront
Via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
yRszhygCqOW-nBHHiyrWE_pKcdGsdQGBauvVjOb3seGYlcgM5teOVw==
All.min.721da039e12531468b3ac05943138423.gz.css
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.721da039e12531468b3ac05943138423.gz.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 28 Oct 2021 16:54:09 GMT
Server
AmazonS3
Age
476821
ETag
"1f30e1262dea997fcecf32f1f39137c5"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
21476
X-Amz-Cf-Id
Z78gNOljLvbumSZayH3p551YzgYzE3R8XT52hN3sgYiC-tbrkS0Vsg==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ec00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa66d6d9e9597366e874ecbfd5b1fb97acbe1d870527470b2590b926bc659d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
2.jRRFUNfQooUOS3evn289UeHWw.Mjbh
content-encoding
br
last-modified
Tue, 02 Nov 2021 13:53:35 GMT
server
AmazonS3
age
149
etag
W/"819478cfebd9abeafeaf5ae279f2309f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Wed, 03 Nov 2021 05:18:42 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
wJI5o4J_ys7jrNjA3gpD0e6AfvwYXTqfHB1mT5MQ4CCuHQC_QDDkMw==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OPcq+YIYFFKAyM1Ar0weOg==
age
1314949
vary
Accept-Encoding
content-length
6350
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:41 GMT
server
cloudflare
etag
0x8D98ED3103C1468
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5303d73-101e-000d-116c-c437ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a832855dd66432d-FRA
expires
Thu, 11 Nov 2021 05:21:10 GMT
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 03 Nov 2021 05:21:10 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1725
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10314781
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Y7V527Q7JQ0W2F1F
x-amz-id-2
IxPKe6Pzh2oTtX2LEXaOSN/GeWrw0qnpljQg2N7HLgAe2yuGP97WUdS/CEoGh4i2Io/Zz4L9T0k=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Hf4Yhkxl3eFQzbZ0zx3LvC0CZSEU8SUJuYzsGGowZ6FdFf36TYHAQSN2v8OyZXjAC4ck3Yda6y4g8P%2FVriPeYESVH%2BgapmsN%2BSX840AlcKgHIl5iaf2cGOnUmPu36FKUJUvkdty49f2D0bdJoUuHmTp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6a832855efbb4ea3-FRA
square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/kero/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/color_schemes/kero/square--144.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-112.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
/
ewscripps.brightspotcdn.com/dims4/default/b99d27d/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/b99d27d/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd4%2F4b%2F625473454a9b8dc823ab1130c98f%2Fkero-geographic-locator-600x200.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
67e96c5db0f9c22c7952a2b3e76a5a67201893d6060be162d4216769e0ec8c5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 11:51:16 GMT
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
23218194
ETag
fee3235df85e504c94ff0cda517ed559
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
31067
X-Amz-Cf-Id
m2FFsJeRnqVvLs59hb5BwIQxLVGhfqnTF3LnVURnB0QI5s1Sy7oYFg==
Expires
Mon, 07 Feb 2022 11:51:16 GMT
Blank.gif
www.turnto23.com/styleguide/assets/ 		57 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.turnto23.com/styleguide/assets/Blank.gif
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 12:00:31 GMT
Via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
23217639
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA53-C1
Content-Length
57
X-Amz-Cf-Id
yc8mGo_Fpjztene3jSM6UFB8h-R6lOSkc07cW67eUvcBd-kbX4nw8A==
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-112.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
4410
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Wed, 03 Nov 2021 04:08:54 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
wq7MBdQ_XDo70lCCIOwCriS-kkajqAMSUN0GRMTUrfb9vS-zqkpzbg==
All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 28 Oct 2021 16:54:10 GMT
Server
AmazonS3
Age
476821
ETag
"e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
101117
X-Amz-Cf-Id
GxJY7afERwZLxqX8H1Bi5P4J7hE--fdeDI04iId2L7rwnKWilyvAZQ==
gtm.js
www.googletagmanager.com/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1b138f69de857d2da017c4a770478a5e54552962d3256631fd9811f8ca3c22f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47916
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Nov 2021 05:21:10 GMT
4e2c2eed-09df-4b77-a788-1f351b30c8ed.json
cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4e2c2eed-09df-4b77-a788-1f351b30c8ed.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68ba9ea52969fb30dca0370962056160abc5cbc8dba244b9dbf575af356e2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
B7eYHVVSnNOlo6R3xEbMZw==
age
5785
vary
Accept-Encoding
content-length
1134
x-ms-lease-status
unlocked
last-modified
Thu, 18 Mar 2021 14:42:07 GMT
server
cloudflare
etag
0x8D8EA1C01577C6C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
22dbf046-901e-0175-7315-b61908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a8328566c1f073e-FRA
expires
Wed, 03 Nov 2021 09:21:10 GMT
yi.js
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:10 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
VMZ43N564KYFNGBW
ETag
"7853c8ebe7f9da77fcaa62deaa61a427"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=13241
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
SVUwRf0611+pyM6V6mRbAHemzh8RKQ6CBQ++Zt2jJbbMS1BlYuxfCRX4ZGoskBLjHAZc1ZSdRWQ=
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
303
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1Q7X950WS2VZ99YW4Y3V
date
Wed, 03 Nov 2021 05:16:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zql8ZhluloNejLoXf-RgJDmR3jwCHuXJH4AXhM6tejZgouK4onmvMA==
bidexchange.js
hbx.media.net/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.turnto23.com
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d2395e805a4cf653925e16351349d5c7e6cb76763f56dd7091aad2c67b80827
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 03 Nov 2021 05:21:10 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Wed, 03 Nov 2021 05:51:10 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		543 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c23a9028e37473903cb24a477fdf010875553ca5a9398e90a8794ec4fb970f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:56:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13060
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109615
Expires
Wed, 03 Nov 2021 08:58:50 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.15.0/ 		372 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
irsyHA4ScyRoaWoUUTe5ww==
age
1321986
vary
Accept-Encoding
content-length
84314
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:54 GMT
server
cloudflare
etag
0x8D8ED9F12F4599F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fc994842-d01e-007d-276c-c4442e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a832856aefc432d-FRA
expires
Thu, 11 Nov 2021 05:21:10 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
167a9578ab67511f8467d8e46ead1ddad66e37c37161f0b1352eda13eb4f3d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1S7MvW2TmYtnliu3Y6dZtg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
cZ23QLKdZOvNrPtxixK2wm0u3vn5Pk+Cq/XctEuNoKChGwb58iGu82zDURacH9qxlf9Mzk4bciVBuQ446OOPgw==
x-fb-trip-id
686109401
x-fb-content-md5
d763977b7a74e21b85990677e1c7d2b5
x-frame-options
DENY
date
Wed, 03 Nov 2021 05:21:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b2a8069d0ac08a3b60c696ddd8ed413a"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 03 Nov 2021 05:21:13 GMT
/
ewscripps.brightspotcdn.com/dims4/default/0a0ca1a/2147483647/strip/true/crop/1264x711+4+0/resize/1280x720!/quality/90/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/0a0ca1a/2147483647/strip/true/crop/1264x711+4+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe8%2F1f%2Fd2bc5365472b98f5988b5720a71c%2Fscreen-shot-2021-11-02-at-7.19.14%20PM.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
26cdc0226b2d4d1e0fecd82c5a150694000a138fbec6635902afbd8a8928dfd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 02:31:23 GMT
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
10186
ETag
87768641b7674f9db0659090d74118e9
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
1484136
X-Amz-Cf-Id
tcx0QwqZAqzXfhX-a9Uh2IYvvoHOaZYYdSePS5j_KTN95-qp9nzBnA==
Expires
Thu, 03 Nov 2022 02:31:24 GMT
/
ewscripps.brightspotcdn.com/dims4/default/c8447db/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/c8447db/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F02%2F42%2F65d5a0874bef9fd68b07e87880e1%2Fap21288525194547.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7ae7e314400b361df284ddf65e1173804ca99c0d4379286c422cd37a314bc4f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 12:26:33 GMT
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
1184077
ETag
d82f082f7ced414673890763cf09b525
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
159584
X-Amz-Cf-Id
rgFoQAcpuCVJvwnoAqMYQOue58VjJgccw0LB3SkDmi8_OrTMxUImvA==
Expires
Thu, 20 Oct 2022 12:26:33 GMT
/
ewscripps.brightspotcdn.com/dims4/default/a0a49ea/2147483647/strip/true/crop/5638x3171+0+294/resize/1280x720!/quality/90/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/a0a49ea/2147483647/strip/true/crop/5638x3171+0+294/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F5d%2F65%2F4384096245b9a0ee47c56273a468%2Fap21281591750571.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
a8afc8f030f800513d79e636e279485daa0c5f3cd8634f5574dc8ff7d959a513

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 01:15:02 GMT
Via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
14767
ETag
0865984347d8d59c385fd0d28124fdd8
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
112912
X-Amz-Cf-Id
5qFC9ZTAijsnySFYiAxEJX1hFSbJEmhQluPpKfEteuTU3lC_1TFDSA==
Expires
Thu, 03 Nov 2022 01:15:03 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ae19814/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ae19814/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Ffdf%2F3870ad0511fa47a79b3577075088ec91%2Ffdfbbea0ea914f20877f6b25518bb252%2Fposter_d72de57187754ebaa175941911db03ba.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c20d7999a7c13f4d4cdda3b94d4d69eb6640c232b7a16df08dc597cd82b1d1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 13:48:31 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
55959
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
89125
X-Amz-Cf-Id
cSnhKNac9Y0cnNFVHW69u_bpA66z2jr3JVMwKaEWVnwU5W6Ep4U8hg==
Expires
Wed, 02 Nov 2022 13:48:31 GMT
/
ewscripps.brightspotcdn.com/dims4/default/33846b6/2147483647/strip/true/crop/4390x2469+0+74/resize/1280x720!/quality/90/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/33846b6/2147483647/strip/true/crop/4390x2469+0+74/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0c%2F82%2F2f4986bf4de9b90da0d40cc11698%2Fap17264765713911.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
9ad862c84744488161582ce05717640724c6e1698d5c8821dd164b9563b2d36b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 19:48:52 GMT
Via
1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
34337
ETag
d193c846346d5e4e96708bab44c38560
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
104527
X-Amz-Cf-Id
ZmduVTryj_yQo1XIge-6ePLhED8K83VtmkiNnYfdG1TlmWVoYFnX-Q==
Expires
Wed, 02 Nov 2022 19:48:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/0ec8001/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/0ec8001/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ffc%2F61%2F5549150942059a2ad08407e1ced8%2Fcopy-of-standard-feature-image-10.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b5df800fcd6fd7760874b65beb803e16f200ec76063361fae55e1a7d24719e40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 22:55:57 GMT
Via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
23112
ETag
4238521dafd165b5aa952bf77294f5ce
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
1233011
X-Amz-Cf-Id
odGmXWjuBme_CGt5ADG39z5nXey2_AtA539DR8laJH5tsSV3eV-3RA==
Expires
Wed, 02 Nov 2022 22:55:58 GMT
/
ewscripps.brightspotcdn.com/dims4/default/67468cb/2147483647/strip/true/crop/3500x1969+0+225/resize/1280x720!/quality/90/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/67468cb/2147483647/strip/true/crop/3500x1969+0+225/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fce%2F62%2F0dbdd729491eabe859eb765466ae%2Famerican.jpeg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
6e619fe3223a26faac6cff9311c9aa356ea9544d1453b489772cb0a59b7ea472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 03:06:29 GMT
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
526481
ETag
a9138d005238eb4a94432e4afc9fa53e
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
274938
X-Amz-Cf-Id
H2YwTOt_a0i2daWg_F4y1aMZYQeS1thlVoVLlYsBi-IRsAMsOYS5Gg==
Expires
Fri, 28 Oct 2022 03:06:29 GMT
/
ewscripps.brightspotcdn.com/dims4/default/79da0ed/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/79da0ed/2147483647/strip/true/crop/1000x563+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F83%2F76%2Fd6fb48b94fdeb416add9d346cba4%2Fap21271825395630.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
ce14350e4f58ce7716971e2d9d28d0a541082065fae25dbd2f4375417de101c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 18:22:06 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
39544
ETag
de2e292d64cdf9e8bc58af7e9d7c968b
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
156164
X-Amz-Cf-Id
FzPdyfrojMqwcqeAGPK-P3hN--fE7QZXLjZvXunsgCoVCBWYum7-SA==
Expires
Wed, 02 Nov 2022 18:22:06 GMT
/
ewscripps.brightspotcdn.com/dims4/default/156be8f/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		777 KB
777 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/156be8f/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fb9%2F0a%2F6513819940228b1ffde4502dbe3d%2Fstandard-feature-image-1.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
85f68ec80fff0a43aff57495efeec7f4bbd48bdb4556740276a6478bf11766ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 00:06:54 GMT
Via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
105256
ETag
fa15a173a954471da154ef3417708d60
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
795591
X-Amz-Cf-Id
uA8lV8asiPDeUoujLghPR4rLEfYxcUhMd9T9LLwpVNJNQjUepkQE2Q==
Expires
Wed, 02 Nov 2022 00:06:54 GMT
/
ewscripps.brightspotcdn.com/dims4/default/c9ee5ea/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/c9ee5ea/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F20%2F27%2F0afdb6da416db7e150907b239605%2F23abc-in-depth-fs.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5c82632f830ff80ae452e6b972a6e6c52d65f68f556fa0e983983960070aa099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 18:32:06 GMT
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
2285344
ETag
2cd029596d41a327d69d4ebd83953e98
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
34283
X-Amz-Cf-Id
3oyxmIVnDmuTBZTgHCpvRdqEXIVLZB5K3ONoseZjnP21i-08dwBqig==
Expires
Fri, 07 Oct 2022 18:32:06 GMT
/
ewscripps.brightspotcdn.com/dims4/default/7651112/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/7651112/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F5f%2Fe0%2F15a8c78e4e0483b001e535be1737%2Fstandard-feature-image.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
442e4d9f47f0599917e4c6c1cac461d5ec838fb3fd0d870cb33c46e8090f3e51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:57:03 GMT
Via
1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
1592647
ETag
598e8809d81d7133604bfd5d5d240fac
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
49852
X-Amz-Cf-Id
mp5fp0HDp1yDjYNw1xh_I16YpM8ubWTGo01P6SmJO3uusgXVJ9VfZA==
Expires
Sat, 15 Oct 2022 18:57:03 GMT
/
ewscripps.brightspotcdn.com/dims4/default/b0aef7d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/b0aef7d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F93%2Fa1%2F348aee5047daa8dbe2bb39ba279b%2Fstandard-feature-image.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5898e82c5c3724a48e4c0b36fedbcdd4a1115fc335ad5e018b8c4d91d1943ac1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 23:21:50 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
2267960
ETag
ed3415da81320575544bacf4852b6074
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
49531
X-Amz-Cf-Id
5CDX6LEZskGcKRfe5I2kbuarbgabfWh5PcEJSp8d7HRuuvOJP5OQJQ==
Expires
Fri, 07 Oct 2022 23:21:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/48c6dff/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/48c6dff/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F8c%2F35%2F9aeb15c94e1284d084dd7890727f%2Fstandard-feature-image-1.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
fc483e89d348078cd392a9959799a43a3499737962c1449a18e9496a6808918a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 03:37:07 GMT
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
4067043
ETag
97725f38e6f6122548b4b5ec31b31665
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
45935
X-Amz-Cf-Id
dMJjZ7jluygO3RGykudrRbY9GkuKkvqeRwpNrKJ4d1Ur04DzOibeMw==
Expires
Sat, 17 Sep 2022 03:37:07 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
991488
cf-ray
6a832856b8c94ea3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59572
x-amz-id-2
eUAeR/3L17xHhpjcUFv8/4bohbgnJP0iEv9sEj8+Jy+GRun8iPLhg3OvKTIcRouLtvszq9dsPFM=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ymogdazj9Cy9UkGxWoC3ZmkPux1YaKZmKjTZUAMpr%2FXTy9karycHgHU1bJ3pi7c8SxyWWeCBPwK13RY59UBFK4EyX2zOuWkjk%2FAXbShAi9CMsucmNaBQzXl%2FdalOdI5Od9ep1%2F4SMhf26VBm9udQwwqP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
JJ7G41HV5R8BDCHP
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16564
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16884
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10138517
cf-ray
6a832856c8d24ea3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63376
x-amz-id-2
a3jI8jPMVrHn/KRmydoTfDpLJXDblrVVyEwzeo4u72KGe2LxE+aXhM9lnAtehqD1wxtMN/khWro=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjWTzm2FZxS2uyQ8O3bDH0gaBUMki7mDSv7u5rQmM0FWKc8aLoDsigTikEGQt68Ie9cK2l0%2F%2ByU3CmirAHSiZkWComlUvsBTqh0hullpYnYj6cXAqSBGSHUVbNSjVOcgdc7MOPvck6KbSP1R0ePldNb8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z7R0GBW372WTR8HS
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
p.js
cdn.parsely.com/keys/turnto23.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/turnto23.com/p.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.60 Altamonte Springs, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c888cad41f1abd8cfd3461e0dcd9b1b4a777101bb23f6c3dff2fb7d63e822084

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Wed, 03 Nov 2021 05:06:17 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 19:18:57 GMT
server
nginx
age
893
etag
W/"602ebda1-10711"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
FKFmj6HqKkT1QMKAajM180TRQR6BNL14FHsK5lgPfMD57clchRBEoA==
expires
Thu, 04 Nov 2021 05:06:17 GMT
/
ewscripps.brightspotcdn.com/dims4/default/5695c0b/2147483647/strip/true/crop/2600x1463+0+0/resize/320x180!/quality/90/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/5695c0b/2147483647/strip/true/crop/2600x1463+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fee%2F21%2F122e1a8b4eeb95ea14deea2b1839%2Flead-paint.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
39871bd210a4429e177f43daf35a3784e1f95fac63789db9553ba8625fc0aa5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 04:01:50 GMT
Via
1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
4760
ETag
05e6cc3e8638009e66728eeead0a5a85
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
17420
X-Amz-Cf-Id
jvpkbLMmrHTTo_0OuZ7mKoCSzFxUybDD2BDENVUUc6mm2v-f7U7N4A==
Expires
Thu, 03 Nov 2022 04:01:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/75efcc6/2147483647/strip/true/crop/6000x3375+0+764/resize/320x180!/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/75efcc6/2147483647/strip/true/crop/6000x3375+0+764/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F37%2F47%2Fd691b7a345cf8a639dd493b83275%2Fap21306415764660.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
0a60daa97152adfc4f1a0401c14b2fa601336ee6c3c98204702fd94a64fb6257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 00:21:47 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
17962
ETag
1bc75877ce04e6e8b6997a3db64967ec
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
16410
X-Amz-Cf-Id
xRe17DDepcLf44e9nPDm1qldiJgjBIJpvtuiHIf_bimcrXaTNBgthw==
Expires
Thu, 03 Nov 2022 00:21:48 GMT
/
ewscripps.brightspotcdn.com/dims4/default/bf3a5af/2147483647/strip/true/crop/4540x2554+0+236/resize/320x180!/quality/90/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/bf3a5af/2147483647/strip/true/crop/4540x2554+0+236/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fda%2Ffa%2Fc0e1358d4d98a66fc36f232feefc%2Fap21301735079283.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
85df47e0b841fa5740b3ae738f6449b5c5f5e052c970a02c79a0f034a2e2cb5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 23:39:47 GMT
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
20483
ETag
2f504b4b9130f0294a07a3108f3b7e83
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
13297
X-Amz-Cf-Id
DHt378yxL5hwv4I8GamAd3tE8ZBbq_vLTv08D7CSucMjQl6Ge7zycg==
Expires
Wed, 02 Nov 2022 23:39:47 GMT
/
ewscripps.brightspotcdn.com/dims4/default/0c0a83c/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/0c0a83c/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F97%2F6e%2F0557378d4da8826a5fa2738853cf%2F480x360-promo.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-42.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
32fb64f17d09944fe60defa529eec097702c4b8e78022e7c13aef96c7e424584

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 17:23:12 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
129478
ETag
f3a676fac47472f36597a067cf582f1c
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-C2
X-Robots-Tag
nofollow
Content-Length
278097
X-Amz-Cf-Id
-qI2wM9dLLT4N9dx-GXcU6TIWUVzMcVkXKTZBmOertT2tjpU22ZNVw==
Expires
Tue, 01 Nov 2022 17:23:12 GMT
sdk.js
connect.facebook.net/en_US/ 		266 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a04e4c36b11ecb25634c7a70fe1fd4fe
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
270bd922f6b137e19d5cc6cd9342b03991c40d2472f81b0470d9386522515ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3JG5iaLeXkgQ9vTUS2ZZvg==
cross-origin-resource-policy
cross-origin
expires
Thu, 03 Nov 2022 05:01:13 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76717
x-fb-rlafr
0
x-fb-debug
FWKZS0hyA+myRomp+vixSQlCasrbcKqusEYVuRBO3v3ctBmQgzFST3sV4y3vebW0YZns0n+JpqkPNO/LWOKo9g==
x-fb-trip-id
686109401
x-fb-content-md5
f13d482fe07971a7c7a32186e16d2e19
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 03 Nov 2021 05:21:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"da8e0e8030c2bb8d51832846002ed04c"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.turnto23.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:09 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
AoVlD-mtwnnsBk8HYz1297dWdtbpk7ECmUIFa7vX5liU4Os4HEvL8g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 02:00:52 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
12019
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
content-type
application/javascript
x-amz-cf-id
Ig3-ccOBpiI0E1uGD7TUqzSpSiJlicLwwrUWUXr_bGFCf8308Vzw4g==
/
api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-85.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.turnto23.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 03 Nov 2021 05:21:10 GMT
x-amzn-requestid
d73ad74c-cf55-4ea9-b72a-b27480b27ee0
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
INlbDHI8IAMF8iA=
access-control-allow-methods
GET,OPTIONS
x-amzn-trace-id
Root=1-61821c46-0e36c17b095700803836fa85
x-cache
Miss from cloudfront
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
KG3V-llgRXhNqVaouGkqpUCiuVc1L_w3YpoUaotV9mGDptfu2J2vgg==
v2
mb.moatads.com/yi/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&callback=MoatNadoAllJsonpRequest_51512523
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.171.9.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-9-184.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
a824da043346112326edecefca2e483ffd77ba505f29b339b25d7f87fdbaf395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"85c21464463a9e0df074959c9f0b1678a0743316"
content-length
1452
content-type
text/html; charset=UTF-8
weather
www.turnto23.com/ 		93 KB
93 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
0eb0edcc6301cb11ae54667351549ea1543dfaffa5623b5245ae07d5499de81d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:09 GMT
Via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Server
Apache Tomcat
X-Amz-Cf-Pop
FRA53-C1
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
Connection
keep-alive
X-Robots-Tag
nofollow
X-Amz-Cf-Id
p8VVnE5hEKoAB82OA3jXoAgm4jwqQRbicz6FmCh4CfCeCLFjV6Y2fA==
breaking-news-alerts
www.turnto23.com/ 		75 KB
76 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
342a5ce10a6f77a4ff2c36d64c312d2d21785a18b0db9516562bf982801c9973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:17:01 GMT
Via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
249
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
XVTwN3S9ru-nDjadElMkXEBjbEgNmKpr5tAFc5mlgrmRwYOTZd0AzA==
alerts
www.turnto23.com/weather/ 		74 KB
75 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
0d3114b72e12428c4b4dce5b462c2e313e1af462ba551fac9e103aa58bc3947b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:17:01 GMT
Via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
249
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
iz_f9tS5gxMkrqqkVr9nnfhFSh1JMtOS5_6R_XHtbuVpZ0ojS3dVaA==
school-closings-delays
www.turnto23.com/weather/ 		74 KB
74 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
8ad4bbdd2396400aaaca1b3465295b903fc528152a1fb9c4107245ebdcdc9a38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:17:01 GMT
Via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
249
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
09C8BRI5zENpWKvGPamTzaO1JpydygCYPwt1RerW40WxX6sycc0QLw==
/
api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-85.fra6.r.cloudfront.net
Software
/
Resource Hash
14cf57b9eead9c383b8c8f63147a6fb2bfd4e9778a3110298ca1425c399b19a0

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
7ab9fcae-8eaf-4288-b233-380040dec856
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61821c46-1f9be6232d6240e21b67500a
x-amz-apigw-id
INlbGGK0IAMFwlg=
content-length
4056
x-amz-cf-id
LsIrRF-pCG1VP-ySjUE78_j9N9ozs-n4ayHaPR3bgqI9v3MrljZ4Ew==
en.json
cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4d0b06d0-30ab-434a-8856-1c08f337ac57/ 		58 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4d0b06d0-30ab-434a-8856-1c08f337ac57/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8f2083a44752d1c6d0cb8a311ee6083bf6e7ebf9219dff075803e64cb777d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bWtu9tPnLX2/XE/Tr6U17g==
age
5783
vary
Accept-Encoding
content-length
11459
x-ms-lease-status
unlocked
last-modified
Thu, 18 Mar 2021 14:42:12 GMT
server
cloudflare
etag
0x8D8EA1C045F7B2D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
679dbb68-c01e-00e1-0615-b63f93000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a8328585e85073e-FRA
expires
Wed, 03 Nov 2021 09:21:10 GMT
activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7...
4394967.fls.doubleclick.net/ Frame 4323
Redirect Chain
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20...
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%...
574 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
65e20a04353726a0aa3e8212a47ec054698c9347b737672d566be2837c507c20
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 05:21:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
443
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 05:21:10 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 02:25:34 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
10542
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
gj9BxsjaDVjJml2ZhwEvT4Lc66heVQaM5NjO31Sh04ffz3MLG56v3w==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
etag
"A9gdT3Vacr8A76JEThCwlA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 10 Nov 2021 05:21:10 GMT
88f2a0fd9298a35d
pixel.sitescout.com/iap/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/88f2a0fd9298a35d
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4804
date
Wed, 03 Nov 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 03 Nov 2021 06:01:06 GMT
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:28:09 GMT
age
3181
x-guploader-uploadid
ADPycdvKEI4ucgqib7giyiMZuphRXqt8gxyG6aY0P_kihiwcRmXdC3ttPFrL7JPRLhDmY-NqzvBD1DU7ziVzd50oc_o
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8946
last-modified
Tue, 12 Oct 2021 11:44:47 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1632835430711886
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 03 Nov 2021 05:28:09 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1635916870566&plid=43084&idsite=turnto23.com&url=https%3A%2F%2Fwww.turnto23.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.turnto23.com%2F&sref=&sts=1635916870562&slts=0&title=Bakersfield%2C+Calif.+News+and+Weather+%7C+23ABC+News+%7C+KERO-TV&date=Wed+Nov+03+2021+05%3A21%3A10+GMT%2B0000+(GMT)&action=pageview&pvid=26573243&u=pid%3Db8875a29beead1d6f7e8f642c62840c2
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:10 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 03-Nov-2021 05:21:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
94fcc6d35f6fa03a0459a3aca050d214b723e0c26fb5872feaf482ba82f3682b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1032 / 727 of 1000 / last-modified: 1635890752"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27255
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 03 Nov 2021 05:21:10 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.15.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FTl5ijosCMU3Ic++8F/2bw==
age
1321895
vary
Accept-Encoding
content-length
2864
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:46 GMT
server
cloudflare
etag
0x8D8ED9F0DD0D265
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ca62c9dd-f01e-0180-1a6c-c43d19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a8328594fe1073e-FRA
expires
Thu, 11 Nov 2021 05:21:10 GMT
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6716207d8af64d06be048ab0b7fd9c4e723b8bb6fdb5ceabada90866127fae0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rI3dhmEJvijYanVDn7GBOg==
age
1321895
vary
Accept-Encoding
content-length
11445
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:48 GMT
server
cloudflare
etag
0x8D8ED9F0F6BE564
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8766666d-601e-010d-626c-c471bf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a8328594fe4073e-FRA
expires
Thu, 11 Nov 2021 05:21:10 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 03 Nov 2021 06:08:28 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww.turnto23.com%2F&c9=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2Blg2jWjuY-cGyl37R145hUnU02JrlLNAvkTFcxQ8sQ6kOETv2MBsQ==

Redirect headers

date
Wed, 03 Nov 2021 05:21:10 GMT
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1635916870620&ns_c=UTF-8&cv=3.5&c8=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&c7=https%3A%2F%2Fwww.turnto23.com%2F&c9=
content-length
239
x-amz-cf-id
Jy7mW1m-MkD4St2tlB5oWFUQcyPb746xezYGMMK2ZezbtC4KxH4gSg==
load_optional_tags
api.pymx5.com/v1/sites/ 		0
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
0
rules-p-cfh7-Kj7hw4Cs.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:27:12 GMT
content-encoding
gzip
age
3239
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Aug 2017 16:19:22 GMT
server
AmazonS3
etag
W/"021b7e04f30cea21812673c831b1b679"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ZmWqADiUu7SDHjPa2Bjck39WFgWs8NYkfwGRfWTy9rgZpEEHCidzuw==
collect
www.google-analytics.com/j/ 		1 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=901932360&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&ul=en-us&de=UTF-8&dt=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAAC~&jid=1670763335&gjid=2029355087&cid=981218540.1635916871&tid=UA-40066851-1&_gid=735598621.1635916871&_r=1&gtm=GarL6JB&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd31=false&cd33=false&cd35=false&z=1068611419
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40538852-1&cid=981218540.1635916871&jid=1616115305&gjid=948679490&_gid=735598621.1635916871&_u=aGDAiEAjBAAAAG~&z=686720736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Nov 2021 05:21:10 GMT
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=901932360&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&ul=en-us&de=UTF-8&dt=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAC~&jid=1616115305&gjid=948679490&cid=981218540.1635916871&tid=UA-40538852-1&_gid=735598621.1635916871&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd31=false&cd33=false&cd30=&cd34=false&z=577220378
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 03:49:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5501
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%...
adservice.google.com/ddm/fls/i/ Frame 3E10 		573 B
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Requested by
Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40b9f2b21792d9e6af2064c20af5eb167f5db59d26037a31a59a76cf2d5727e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4394967.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 05:21:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
443
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021110101.js
securepubads.g.doubleclick.net/gpt/ 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120683
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 08:35:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 03 Nov 2021 05:21:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		151 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.turnto23.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
097d55ce2f09439c5e880c63873057662a72a7e55fa5b1dcba1f6fe763773158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Wed, 03 Nov 2021 05:21:10 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-40538852-1&cid=981218540.1635916871&jid=1616115305&_u=aGDAiEAjBAAAAG~&z=1774163187
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-40538852-1&cid=981218540.1635916871&jid=1616115305&_u=aGDAiEAjBAAAAG~&z=1774163187
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1727280551;labels=Cracked.Article%20Title.Bakersfield%20%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.turnto23.com%2F;uh...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1727280551;labels=Cracked.Article%20Title.Bakersfield%20%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.turnto23.com%2F;uht=2;fpan=1;fpa=P0-1079958754-1635916870738;pbc=;ns=0;ce=1;qjs=1;qv=849e8a8d-20211101195550;cm=;gdpr=0;ref=;d=turnto23.com;je=0;sr=1600x1200x24;dst=0;et=1635916870738;tzo=0;ogl=title.Bakersfield%252C%20Calif%252E%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV%2Curl.https%3A%2F%2Fwww%252Eturnto23%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F9277bcf%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F9277bcf%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F9277bcf%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Csite_name.KERO%2Ctype.website%2Cdescription.
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=NURNBERG&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=turnto23.com&servname=ssp-serving-6585669d88-gncvz&svr=110212_302_102711_269_ssp&sc=BY&version=4&vh=1200&vw=1600&vsid=&vid=00001635916870822028263774723027&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=0&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.turnto23.com%2F&kwrf=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 03 Nov 2021 05:21:10 GMT
dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%...
adservice.google.de/ddm/fls/i/ Frame 547A 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPyM0J-5-_MCFfbiEQgdKBwAmA;src=4394967;type=kero;cat=pc_tt0;ord=6910499483694;gtm=Gar;auiddc=527268486.1635916871;u1=Homepage;u2=Bakersfield%2C%20Calif.%20News%20and%20Weather%20%7C%2023ABC%20News%20%7C%20KERO-TV;~oref=https%3A%2F%2Fwww.turnto23.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 05:21:10 GMT
expires
Wed, 03 Nov 2021 05:21:10 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.turnto23.com%2F&pid=qHVvi9HQVBCxD&cb=0&ws=1600x1200&v=7.69.01&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
68A0Y6HZPT26QKWE7Z8B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
2kNnC7q-iJRi6tZd4Yg3g-iPIAEfrwTboJR-Rq5lQKSi414S6S1U2w==
auction
tlx.3lift.com/header/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.turnto23.com%2F&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.202.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-202-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e2646b88a65626848347e7dd3df40fdb369e1dd42566c4ff0a5aeda579c8d356
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1482
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.turnto23.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f4ab8139-245a-4a39-b8fb-e6442b33d39e%2Cfcc0ee4c-757e-48a3-8393-3c8ffe8e2c07&nocache=1635916870880&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kero%252Finview-bottom%2C%252F6088%252Fssp.kero%252Fhome%252Flanding&auid=544041597%2C544041594
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
d53efcbbd7d9e5738d7793fe5d6beaf63d59316ce9d2fa1a9dcba63213d96fbc

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.turnto23.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		977 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=yvulvcbf&pi=3&maxw=728&maxh=90&si=113251&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turnto23.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.turnto23.com%2F&ns=9830&gpid=%2F6088%2Fssp.kero%2Finview-bottom
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ed80f7de4f71bf8923bf514c53c7064aac4f513527d4f61d80706ce9992d870

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.turnto23.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=yvulvcbf&pi=3&maxw=300&maxh=600&si=113250&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turnto23.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.turnto23.com%2F&ns=9830&gpid=%2F6088%2Fssp.kero%2Fhome%2Flanding
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88af98f90d30914b8e4d0c7592105987f3ea400f6b8c699a27583f626a15afce

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.turnto23.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v2
e.serverbid.com/api/ 		711 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Wed, 03 Nov 2021 05:21:10 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		39 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
69e636db7f559652e56ba4f5b095e9204efaf513243e2b858dc13881b1bf32f4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 03 Nov 2021 05:21:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
86b5284e-babf-443f-bd53-6a7ee4b1f6ac
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.turnto23.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		482 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954240%3B1954238&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.aupname=%2F6088%2Fssp.kero%26mad_inview%3B%2F6088%2Fssp.kero%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.kero%2Finview-bottom%3B6088%2Fssp.kero%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.kero%2Finview-bottom%3B6088%2Fssp.kero%2Fhome%2Flanding&tk_flint=dmpbjs_v5.11.0&x_source.tid=f4ab8139-245a-4a39-b8fb-e6442b33d39e%3Bfcc0ee4c-757e-48a3-8393-3c8ffe8e2c07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.725306248499662
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f453b4f5a256e8752c58e85146ec810f8ed8317dc4dc687ae001ca6a2b68f872

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.turnto23.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
482
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dMRW1kByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
068ae1f4db763f31c44a90a28ccb3a8daea83f76d3db8a33bd3cc32fd8fd480c

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dJ-bV6Byur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3fc2b99baed4a40d29783692d44aa2e7a4e3e7cb050d007212613899334d3253

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d76287ae890051&pos=8a96941601797961e0d76292764800c0&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a029ccdb179d289334f5c1e8ddf0932912c6d26633762acd73a9e73a538fbe41

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 05:21:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d76287ae890051&pos=8a969c0301797961d75b629237ad00a9&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d7c7356567acafc6988201935642a78f1f2a2139aeed2ab383cf483430fbd316

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 05:21:11 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
content-length
62
clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1400:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
EqVxYzNBkMLoIheTLGnVsHoesYc_VCFl
via
1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 15:57:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"fc75b0aa31f555c7c7e2145d8789524c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Wed, 03 Nov 2021 05:21:11 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2382
x-amz-cf-id
6Y04xI_9A_yNU-K7pSAbEWnyWvtl9vnTtJsDm8Pq1Cc9UVObFxLTZg==
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.turnto23.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.turnto23.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3447818420648923&correlator=1210634354242932&output=ldjh&impl=fifs&eid=31063135%2C31063206%2C31063390&vrg=2021110101&ptt=17&sc=1&sfv=1-0-38&ecs=20211103&iu_parts=6088%2Cssp.kero%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C11%26au%3Dhome%252Flanding%26refresh%3D0%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D278a8d6db43c69e%26hb_bidder_appnexus%3Dappnexus%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.02%26hb_adid_triplelift%3D2572f0a93eb544a%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D2572f0a93eb544a%26hb_bidder%3Dtriplelift%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D28fb45f2a75626f%26hb_bidder_appnexus%3Dappnexus%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D0.05%26hb_adid_triplelift%3D262263d83a5279a%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D262263d83a5279a%26hb_bidder%3Dtriplelift&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1635916871&dt=1635916871293&dlt=1635916870014&idt=823&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C2240&adks=3989627229%2C330196380%2C1525872688&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&ga_vid=981218540.1635916871&ga_sid=1635916871&ga_hid=901932360&ga_fc=true&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&btvi=-1%7C-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
2d587d5f76374b6b44152b83c6a3a4be81db0e9b153eb22b43db41d677156b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13663
x-xss-protection
0
google-lineitem-id
-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66a56901b423b02d2993e3e5090b2f2757f31adf8670ec0c07bff4ee3d54e27c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9291
x-xss-protection
0
container.html
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14E7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 03 Nov 2021 05:21:11 GMT
expires
Thu, 03 Nov 2022 05:21:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 03 Nov 2021 05:21:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F064 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 02 Nov 2021 21:29:33 GMT
expires
Wed, 02 Nov 2022 21:29:33 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7030 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 03 Nov 2021 05:21:11 GMT
expires
Thu, 03 Nov 2022 05:21:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 03 Nov 2021 05:21:11 GMT
expires
Thu, 03 Nov 2022 05:21:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.turnto23.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 03 Nov 2021 05:21:11 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635916870387&de=197020496690&rx=996770494360&m=0&ar=553ffc12ef5-clean&iw=aa17278&q=1&cb=0&cu=1635916870387&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&pe=1%3A901%3A901%3A1694%3A881&fs=195402&na=1518728297&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:11 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.turnto23.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 05:21:11 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635916870387&de=985519088657&rx=996770494360&m=0&ar=553ffc12ef5-clean&iw=aa17278&q=2&cb=0&cu=1635916870387&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A2053316181%3A115768602741&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=landing%2Cfalse&pe=1%3A901%3A901%3A1694%3A881&fs=195402&na=98631097&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:11 GMT
9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
pagead2.googlesyndication.com/bg/ Frame F064 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
115756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13471
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:11:56 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 7030 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ec00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87d11191492a71fdb33ef02b7fdaafdcf9331127beeef13e7abf56af5990f070

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
2Vlz68xk67nL3lq2lqIOde5h1RKwHwcc
content-encoding
br
last-modified
Tue, 02 Nov 2021 13:53:36 GMT
server
AmazonS3
age
144
etag
W/"086c7fd68bb23980a9b9194e8b226c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Wed, 03 Nov 2021 05:18:59 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
d6N8rWTdJLMk5KqOefARiy_HkjFodE8U47OnhiMAIckQHqHyzNVwWw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7030 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIf2Re603pHAVakGHvryJME967smwMr-9sUxzfta24LdNX3vyVU0uwgngSEq75Kv_IXoJR6kYbUDy4dyhVmeZtnzoWGmI-vgNEJuFiNNkxEtBAWi0
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 7030 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 04:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7030 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37579
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635787520984751"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Nov 2021 05:21:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 7030 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1019
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6337
x-xss-protection
0
server
cafe
etag
7721474052657771746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:04:13 GMT
l
www.google.com/ads/measurement/ Frame 7030 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReOdFN-8krXabHJYYvoLBt0WFYqxOBnVCRuJXxcTGZCYHGgMwb3qeWdmNLaFLOyG9RDMxZNODBRVEZe7o3MK1hoKGlhg
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 29DB 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ec00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87d11191492a71fdb33ef02b7fdaafdcf9331127beeef13e7abf56af5990f070

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
2Vlz68xk67nL3lq2lqIOde5h1RKwHwcc
content-encoding
br
last-modified
Tue, 02 Nov 2021 13:53:36 GMT
server
AmazonS3
age
144
etag
W/"086c7fd68bb23980a9b9194e8b226c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Wed, 03 Nov 2021 05:18:59 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
tDlVmAvEAGOJcIZvFnyuK9rBHnXhdRrVUBqmg9W8sGlNrb7LWNbYNA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 29DB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DplNwqmIxrtPkInSibxwv9JwOSkjnSjVEyzEiHHm6Jhl_A5DhRjfhc6On2JjsymlllQUQloB-i7Ze10xqB-Fr8bb2IcOltB3ZnvVGuRVkTYKl5MB0
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 29DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 04:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 29DB 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37579
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635787520984751"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Nov 2021 05:21:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 29DB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1019
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6337
x-xss-protection
0
server
cafe
etag
7721474052657771746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:04:13 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 7030 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=192608
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVo96fFgv3aEC4nOKHnwwKah3R1eRudgOtXUsm93419noOwfu0U9ueWyjyPSgdzEdDsm6Xx%2FIDwP2culGesHNUImZCvHUNe9baSwz5JOJfBxqv1f4l4NgdwulL%2FddYd2g%2FrhgIYfHTgl298UgMQLhXSrVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a8328623a0c323c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
FrPxukvlZ55V-uYDkuhy
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 29DB 		0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=690421
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efn9NVAMJhECXEdpK1ZcTHWZI50crYNiarHdjV8IG1M8cKbwSytSN5CPMb1hKHtk%2Fb75e5sEkkrjzMCBr6IRzdDCUq0Cj0yf98SGAZQmZ95hpg2IWFZG0Acncdwookc34Q5w05oLMxxZe8xnbHDkJbACmA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a8328623a0d323c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
FrPxukuAwIEHDIYDljCy
d01d89e7-9dca-498b-b4ff-14b2e10d9280
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/ Frame 7030 		770 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/d01d89e7-9dca-498b-b4ff-14b2e10d9280
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
770
Content-Type
application/javascript
f8fabd7c-fc35-45d0-9d02-283d2126b766
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/ Frame 29DB 		770 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/f8fabd7c-fc35-45d0-9d02-283d2126b766
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
770
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2267 		624 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 03 Nov 2021 05:21:12 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 7030 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BietpAQJI5KtPEYZGmIK0c6t42RZFsoWeeEs4gG-xthbwK5CPG8kGxECUifWAj8Q_n3HhUQd7NDPTU-3SOeZGi1pQqa5Fb8Qc9ds_HXS_5ilH8UgceuKov4f_lQE8CoXS-4A7Hc8z_iD_JS6pdlhB_FxIiSw&dbm_d=AKAmf-A4VkP_eFufvnqBqaZpe9YQx-bva3v12CH59_k99a6dVd5t8wKRp9rFawQmNJVZ_3dt-lDZGjtSP1NrhdUF0bC1redVCV8RM8yNuhZQN3xysXn1I1wlYdFuP0WtBv46yMwwcq0pP4Do47seHZA_4QydzrVQcq0ADyr9AEaBQDMG--goivG37CVcP9TkiaKvVZ85t2sQ8fUDrFyHZfLq9uOg2FqgrSLV2Wajzy4dTZKIrsLyhMVKjJtjA08H0E9eAodJt622Z0k6R65teTdE5Sd4aXygP_LN11bNxPFAC1s_c9CMGxDJtX_4C94kh0S10GxufSbgNYTiaFRh2fuJY4vApiGhNFE169B1HRSrDkJ8MspBKYW4lLW4qBykU15AEy1EVlNhuTisbadYIWV_l21l9jTc7ZWAuhZaAnVd4amze_Dud_eunAUs6M-zep4rWF7TPhhdDFNMsUNUFt_8vKQuYwKcPJ9vkXLfWK8o6K3n1jiuWRf6l5D5pgCvepq7587wOd3QpLDVukb9W5sb1Zo6hnVHh32AcRnySupi5xfsy-9pb_welqflaEYo8EdltHKIx5KFZOnP5axBJfoDpiYtC8rfFOcO6MDDYyN5AnftfvPQWpHtnPaBvEiC8odhcMwbf5_CxyCWwYD4jBmj-vyahuL8w-s2Jww9e17I5z4G1JEZmnPZ3OCz_Wactmz-MzBLs2YKgbXfzwfiodXWRN0n2DCbLHsQWYuEg64OwGi3vSBreumU_MmW9SNwFlF3cIS68tFthK87822EDEU_ChKf3xlsRZea34WmmHjorCNRnybPObOsbiPlJ_eh-vixZO2JNyuYK5aqGPXlPZblFbYSIBHJVUbZyakBakp2qjhGVuk26FsUrHzxwn5FPaH8HoT-zaRRQ2hKa-Yxxg-rBfap3i4KEZjUZyA1w7f4Jw5GH8aBP_QCeM4N4I-h0zSOB4nOVRp3PeHRwYRyPEZWPiVBoMGt0lTb21F85RhqOsEovfALiefHnXt_n4vLsSR4kl6RdewDnUd8Js0QglHUn4kmA8xhcETvmwhzbYBfvInjW2td_RkdujYJgLL8cCzYr1x2Z8AVic-VexX3au-Bs5CaLLXQWZCHkLbV7y3UYrOprdDL0nschGzdwn8rsNGyQymLAYEpFSI8EQJsfibOSh5KTLMsxwPGMWusXIWDD12m8FU9wgMbtE3SVq23wrIlQ7LcLdjgvSbzIPvWUBmrRPwIvar7gfuhE3Xau0haZQW93q-FqTHx3e2fJOR4GCyjrTaXjK5UqmXRC9fU9KFTLlFtvtNp-Agdsu1YtkRvgSslvKf-PimlGe-Rq7pdVAQykiU46KR-AC6BsY5VVVNU8BhexcaLsIXV-BDsH_8RLjWXc0eI7BSiEbgut7OfIYiNMtqDF9J29xOoA8MhLZWMPUNPe7KxiJq6v8UU-dKPj193N3_Tun2YhD03rCJ6bLwJ1BT0dc3Wn8AjfbfU7P3fhqqM0HmdLshOz5bTCtFVTNc8gHkXJalMmkB2kpthS1kC_s_-wRN1oKza8u1x_xpp99M1oXAraTt0a5aoar4FOzS7lGNjxVIIOhaPGcMlmkPLPCXoj0iEvowyQFDoKKr3jL3EzXPdhcPci9d0AuWOMK8OHGOHmA1oTCtZr_j1pyvW6uROeEIwqAVzPqFH8xl5P7BV2iAYiafCDCI14u-nTLEC2t_pgvYWAq7bxXvG39iWx-5pEg_K6jtg-ay6gEKEa9iiWx_szdzaY6GQ1S81mkMXfC3_q60Y8bYlqZ9EiOvV49cA5rAoS4Ro6s4sqwrw5eBtEcoA45XK-Lnk3KRd6sl2WnnTCmcZeH87w0pfHcBZjcG0l9rTeouYU1TXuaS9mTzJXXMtTVz9wV-1Xh4AMzOuushsaNFAVeYSmkkBOr_3Qy88v-mPpbYaDS4gedN7iyXT0yT1o0QpiQN7uNUQfiK8FzAWcxo2wuCRIkFcnpDfenuA4v0zGItzuo-7CZtramWaMHJ3uLsvBjlFeHN5jAMb29nVtvqJhPv8CTW7do9Obfhdg4G0qz-ERFeXKlH4aEMS_RoZoPCNPnNevDmW0H48F9fq7_kiiQVE183o8Il_zE1hPi9AoDie-qN6WYYcIPfWZ430u2vWwh7P07q0NbYat1pmj2nd4FQJj9o4o05Wh7FDSHe3KaWrTD0ulyIq_SxHEk6Vi6eagkDev1S5AA89vFGKw7wNkEgybdvFoWs7QZpIl03ouljYcDgIh6jASngJ76z00BtMriMCWOxU98pJ8L3-jRylNMj0Z6tPpkpuhsyhwSvDaVsv7BfDiMPvwm42_4XXfDWdJuO82HxeAjd6l-rA8qu7tJHHyk4QZaHmbVYZjm7Nx_wO-6XV1WAYKCXS6yvajNrMFKLhD7wkOZAU2UJe7t0J0FOHMzj0vXEFrwgFaO8GeLRONWgqkonK-6dl-HGfTSfAhIUTbjnXldvvvs2I6v6g5GQQCfB_pqctZs-p3YrAfz08DXFDGSDIjaos7YVqW_Jr1oKdQ-5KP7YlAQSabf5e-K0QnIlbcY6DVUXhXKeWHOaLi6f7yy5vuGIXKVvG4w7g1fN41Xkj6RoLAmzZg6vRtKmoGWbSHW2aDNk4d8im_gFnCs1rK1KjM4oR7TC0o8PHqy1_jmL3IjpDTxGp9yZrPdRsQmRXC95GrDyR6LB1tYBtF_CF5yOB_7oihZoKCsakR3jAtFORhQtomY2OO-D1o3V9wdl6BFfuMcSDfH0skSmJ2-G2OOhzG9DsZpUGjru43x44LM4kElnZvr4UBQZn4Hpr9hn1Xq15ksdzmiZt-OkI7qgdOo_EqOnuyOrgfpJoPtl0hItLhfemFu38r3QKRmlrr-JCJ-QUY_WH0IHjhwTD-53JSwaRV0aD-B7PxP1OBU1D4-A6rU2lV7D856gvEPznGs_lfjhOa_kW_NdyfdILRMhMSJJ03ZUNaNEEKRrL6JWX2L2-6L8MLvQJxL8h0uYL921Ur3aUmHOzjt2rYVWJ4Qvqp3uDIQ_G7140Vg&cid=CAASEuRoJJNiNS-yWUceEpnO-om4hw&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
4d862f62a1c16b9e0cb732777b603dbe7201bc230e339404a3bae0a7a845e536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30534
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4F00 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 03 Nov 2021 05:21:12 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 29DB 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cak6ebTqiJRB3-V5g8aRK3ibVJ_64KAg3XmLQt9FmX6j7cl9m63NMLdB--aSTOeXLETVYmKESxD8eTVKQEB1PGSbXWy9MAm9V-DrlKLFnvIMquSvV9TowfFk8pT280t0UQSUDdJkGTtQ_ogz0Pv9V4X0EgXg&dbm_d=AKAmf-AYHjqL34sLuAHEGM14HVzZDtt2vxZpbuYM07hazhuM9xBvz58z3TYG7YAhiWtZQZfWb0GIpeFE15LgId5b6NSO4EQoFe7vit0-hSfxw0P-Q7dimFdB0NTO9Dd29KvDLcvX9N4gwGMBEgNUZcB6Rpg3XhlVFCvSqx3Pe-9wxnim-CsjUZcZYR403H-1ewaq9Cuc_CS5158_LWkt6APRxlUgaG3ZaLyTcdV5c6FKrPkXNCEpaWuBFtzb0Jj7XMw44U5RTBicfKhW8Wcz-jZlTd1Fwlb0S2PesYiqoOHY290FNLQs3mVwqR0gan0t6lWW2lJPxNTewJ8trokPkrnw4_mPHno5-SscJT5YvAkmsXSVX7xdBHW7ahzgOgxtMMF8uqezrh9S40zaX2zD_zZvZyGmN-rt__EZWreMJ1uotKiNoqjUXioxp7yXdG_OsuDkguJ5ppAPM9lop1rARCNWmycUjFpxvsZf_nFnNF9LpJBcmKDMf20C4o8For2Fa7jAuP14KnAyz0l0_cpicIoAWsNyNGI3cns2YIDo36VXYXdxGHYF1x-5HYJd4U1sRozDZZiR4pnog-umRCIJBuujTK7tKDVwW-6fzzequtQBjHl6D_QrXHFkniE2gHxfiE5CU0mMgUPVYZ41C_C_v3i5nl8ugAKT5kPbdpHp44CnUveJgqU3bgAGNhJ6Rxrg37TFdhKPdW4kfaLotUxT8QfZF-C93gspddytqX07M9dzSA-rzuDYJ5Yc5fmtsqMmo0sL2rMOYlul3Ou5QUnylsJNVxlKBi0tKvot80WS85kNefX9jkiv1AlgHOZLemvShMknnqPd10Nliphps1ighruHM0m0WHwne7irNxO0J6WaJh0bfwXJ1KB6EX0qxh-L-ns0Z3KdfRFL4uTzWk0xaciPDmixJYM54pmIHj8DjY-9V_ZfDkzGomvjLY4YyQAXevTGJUdNkrY1KSbRiuTVED-WR-NBEsvb_jWW1_I4xoAkudC0wV-BfcLHgpKr_5lG5uI9DSkFMMvAcGqmON46oQtNbsC3dIlVrhujM-rdaIiF5BWcLb0TQzGM4WH5ic1NBHuOH6y21NkyPYBuyH2CiVJimEGEPlwKfm1iL4D-V0e0tq25sK92xIat6S3rpWeYwR7DwQkh9Dxf9ZV2PZnyZIFvkB8pWkgPPruoOGjWCiJfyEeWTRR8z4_zuRJbsfcJ8n60fKekzgSaUjXDyDuZfQwc3VoT4saeD1N5Nkp10vaKPCkEHPQPwALTrJmfDxKUy4UaE3NdcQfftXXQ0OgIkP5xy6iAhpN-q-cL2Nj9AGR_beCQ5rf6FXcD2XdcLRAD_WTGPqzo7VOWscRbHhjvw-5opH57h6G-EUUTLlmVde-Y_njK5rrk3cUeBEGtYUFvrVNNG8vPAualuxaIZRLKThHf5YGSwqr8ymMr-94qdgu4p2HmZ-1Fuakp6eQouM8hTGmfQJlCEtGCKh5MRZ60299BOSntja28PgL1IEkOT-ueok9mccUZ8GZCR2VamgAb5aI5nFRGB7DaoBwQJmF9HzQw-za81oDtzy3opWzuPQzOYTuQuvzemjcCOdg_36Ia4LtJn5aewjgD4mv-yp1fCbk5GYeZP31KUtDgPGmWFmmatRMf9LfLBucYTiJQaf0-9_l7oyW_OnAOCfa6D8dRb6RcQs_scvwmsh7-wVJl6bQp3ZFumGxEUfWAfKOjsLEONinx4N9ChwLOZey_X2tP8EfLlidbEBtioCVRkBgHVfv3Zv6OkRxiFIE_88X7zCR8s0x7jMwPNTF6Uuj_VWwqKR2MCa2GnAeyrO-q3XCxh1IWrlW-_ih6-WrxS83pOwktbcrWV-UeYRnCGtt4L09PJPl8StRmqWfKSEl8d2nT7oc_Lowg11jw6FItmWjj3hiBMkHxmr-Ge9rfq-CrN0mEfNOpyyHtf151tQz7iIrl9uU9PIq2ZHF0vD4xasSeo216_7J86yccN6EFfyt-rTV3PcGS1IoGZ0DCKC-TO3hwyGSM4_e31FWs4r1duUQj81CDhmUGWOFtD9d9kgdG5c9KA1X0o65UkGGiQXYur-HDsuDhDJhyhKfI_YZekyNSqNlu8v7SWlreR6d0istsMbohci2Jlo_g0ZrE69JbSUKuO2zT8fAU07C6liRFK9eIxDMSWGy6LM1Dd_NfC2NxTHzjz9WoRN6e7qiyix-1ma9aq5-au-ItUxiDe1vUHrfsZJqW1YxqPdwEx8MrVWrpzFlq0xONgCsjxiTYQsCWkNIygR1Auy5_RQ18cTIp0-Em9i7izHZFKHpIMUgy4S38VQdyW033-esMU5WMTI_e9-wLZRQrjZKw3hHRUkzu5NGVhMDnrI1u4PNAhtm4bGptgvBobkCv8XAgFqrzbQyp41XouVC76Ci7C8_y4e4ezhEqNf3XrBANqGMiKSzLRNvlIn6qIEw75Qye14StyoyIR2IpSRLTMexgls4N3pSRdQQHCVQ5Xo43pJ8SLC7UxRranJmSDiy7BgOVJbQw-0DxRU2mQ_kH-lcN5BvWjnQRjDGdxysabmFlp84I_rFcqH7hcwZI63puMcYgcHGuKEUrRsxt5k5zqmgZar387LY79v6WIyvjgx0-lXm2YgVRvczJkFNzmCJVJmAjCcVRnkX_qrqnpMV4PFiiihN8vtaN-z6_2dRklT4FXB_kWMWOrAa36oeYhLSiIV2UYkk-kJCE13DSx8PCwiqyCU_2zeLPjgVC-Qn4h2ud8zhQ2rePfPkk0r31BQy9o1iVC5j-2alox-yhAIAtXB7UKyzi5Yl9zZQo0MUDspJoLsviBOCzj9tChpmm3zMtOQfQ5zGM_kKSFOxQgs5mpYKsq3U0VkCVNSCMeC9JqJAM7HJcaoBzQjiSUDd7oFZQjFFHvWlly0aIudqWxAeoSh1MQRUND1lh7GU6vk_qJC4URMGegFnTput9JMGyrrwJ92ngdFW-zBlgPB8Eur1hqPzCujtaHhoSsHfntzMGHJR8qRRFIBozQJk6Z3MK56n5iaJCCPM1bw&cid=CAASEuRoSvtckYTx_ZDhWCWa6L7Y4w&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
0742535236a5186724f83e18514d8976f2715f1064462183bb13d1dad4951e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30581
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2267
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Nov 2021 05:21:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2267
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYIcSF5aDl43-TgwUk9z.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Nov 2021 05:21:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIM4ZrykIstKYCTmudkmdk&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2267
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIoeskvNLoBRQZzAMf4ED74&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIoeskvNLoBRQZzAMf4ED74&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:12 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
39b345cf-0f18-4964-9d41-a5ddf9db6e43
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIoeskvNLoBRQZzAMf4ED74&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2267
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkxNjgyNTkxMjUxNjA1NjE2MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkxNjgyNTkxMjUxNjA1NjE2MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNV36_srmGNIqcvDWQ3uk5CVJ_B7V6_T6KsEi0ZaJRjNM9LKTTPzB4Ndn292ptADOl8Fa39mt02UfQKXAUVyN7UZBJc-OkvzBFb2fbmqHiLqQJaR-kADDfCAY1emerc5PhhFChHC4DzFJiJ5DEwq4gePsbf88PtA7C7JTYtHDCnegsIXxm4
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:12 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
815cbbb0-3895-403c-9bac-9c2a6ceaf962
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkxNjgyNTkxMjUxNjA1NjE2MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F00
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjIyZTk2ZTctODcyNC02OWNiLTQ0NjktYjlkMGM3ZDBmNWFk
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjIyZTk2ZTctODcyNC02OWNiLTQ0NjktYjlkMGM3ZDBmNWFk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjIyZTk2ZTctODcyNC02OWNiLTQ0NjktYjlkMGM3ZDBmNWFk
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 4F00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBegZGPrivZJigFkbswwsro&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBegZGPrivZJigFkbswwsro&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 03 Nov 2021 05:21:12 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBegZGPrivZJigFkbswwsro&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4F00 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNUOfthtzxg9zpe8iYeZsqC4lQFs6ple-dI5oxXUmbYHkddoP6rrQLYb798sfwDnvkcrwFxpnLR8zO1I7dyj1Qmw9gX2JEOCr7kimIXpE0lKql8CjmaWi6_0fVOE7RsQq2cToFMLOObhfl0N-hlWw5FL1qhaAvqtISVIzLf7KvE96rLuZCg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 03 Nov 2021 05:21:12 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 29DB 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Origin
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:32:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/ Frame 29DB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cak6ebTqiJRB3-V5g8aRK3ibVJ_64KAg3XmLQt9FmX6j7cl9m63NMLdB--aSTOeXLETVYmKESxD8eTVKQEB1PGSbXWy9MAm9V-DrlKLFnvIMquSvV9TowfFk8pT280t0UQSUDdJkGTtQ_ogz0Pv9V4X0EgXg&dbm_d=AKAmf-AYHjqL34sLuAHEGM14HVzZDtt2vxZpbuYM07hazhuM9xBvz58z3TYG7YAhiWtZQZfWb0GIpeFE15LgId5b6NSO4EQoFe7vit0-hSfxw0P-Q7dimFdB0NTO9Dd29KvDLcvX9N4gwGMBEgNUZcB6Rpg3XhlVFCvSqx3Pe-9wxnim-CsjUZcZYR403H-1ewaq9Cuc_CS5158_LWkt6APRxlUgaG3ZaLyTcdV5c6FKrPkXNCEpaWuBFtzb0Jj7XMw44U5RTBicfKhW8Wcz-jZlTd1Fwlb0S2PesYiqoOHY290FNLQs3mVwqR0gan0t6lWW2lJPxNTewJ8trokPkrnw4_mPHno5-SscJT5YvAkmsXSVX7xdBHW7ahzgOgxtMMF8uqezrh9S40zaX2zD_zZvZyGmN-rt__EZWreMJ1uotKiNoqjUXioxp7yXdG_OsuDkguJ5ppAPM9lop1rARCNWmycUjFpxvsZf_nFnNF9LpJBcmKDMf20C4o8For2Fa7jAuP14KnAyz0l0_cpicIoAWsNyNGI3cns2YIDo36VXYXdxGHYF1x-5HYJd4U1sRozDZZiR4pnog-umRCIJBuujTK7tKDVwW-6fzzequtQBjHl6D_QrXHFkniE2gHxfiE5CU0mMgUPVYZ41C_C_v3i5nl8ugAKT5kPbdpHp44CnUveJgqU3bgAGNhJ6Rxrg37TFdhKPdW4kfaLotUxT8QfZF-C93gspddytqX07M9dzSA-rzuDYJ5Yc5fmtsqMmo0sL2rMOYlul3Ou5QUnylsJNVxlKBi0tKvot80WS85kNefX9jkiv1AlgHOZLemvShMknnqPd10Nliphps1ighruHM0m0WHwne7irNxO0J6WaJh0bfwXJ1KB6EX0qxh-L-ns0Z3KdfRFL4uTzWk0xaciPDmixJYM54pmIHj8DjY-9V_ZfDkzGomvjLY4YyQAXevTGJUdNkrY1KSbRiuTVED-WR-NBEsvb_jWW1_I4xoAkudC0wV-BfcLHgpKr_5lG5uI9DSkFMMvAcGqmON46oQtNbsC3dIlVrhujM-rdaIiF5BWcLb0TQzGM4WH5ic1NBHuOH6y21NkyPYBuyH2CiVJimEGEPlwKfm1iL4D-V0e0tq25sK92xIat6S3rpWeYwR7DwQkh9Dxf9ZV2PZnyZIFvkB8pWkgPPruoOGjWCiJfyEeWTRR8z4_zuRJbsfcJ8n60fKekzgSaUjXDyDuZfQwc3VoT4saeD1N5Nkp10vaKPCkEHPQPwALTrJmfDxKUy4UaE3NdcQfftXXQ0OgIkP5xy6iAhpN-q-cL2Nj9AGR_beCQ5rf6FXcD2XdcLRAD_WTGPqzo7VOWscRbHhjvw-5opH57h6G-EUUTLlmVde-Y_njK5rrk3cUeBEGtYUFvrVNNG8vPAualuxaIZRLKThHf5YGSwqr8ymMr-94qdgu4p2HmZ-1Fuakp6eQouM8hTGmfQJlCEtGCKh5MRZ60299BOSntja28PgL1IEkOT-ueok9mccUZ8GZCR2VamgAb5aI5nFRGB7DaoBwQJmF9HzQw-za81oDtzy3opWzuPQzOYTuQuvzemjcCOdg_36Ia4LtJn5aewjgD4mv-yp1fCbk5GYeZP31KUtDgPGmWFmmatRMf9LfLBucYTiJQaf0-9_l7oyW_OnAOCfa6D8dRb6RcQs_scvwmsh7-wVJl6bQp3ZFumGxEUfWAfKOjsLEONinx4N9ChwLOZey_X2tP8EfLlidbEBtioCVRkBgHVfv3Zv6OkRxiFIE_88X7zCR8s0x7jMwPNTF6Uuj_VWwqKR2MCa2GnAeyrO-q3XCxh1IWrlW-_ih6-WrxS83pOwktbcrWV-UeYRnCGtt4L09PJPl8StRmqWfKSEl8d2nT7oc_Lowg11jw6FItmWjj3hiBMkHxmr-Ge9rfq-CrN0mEfNOpyyHtf151tQz7iIrl9uU9PIq2ZHF0vD4xasSeo216_7J86yccN6EFfyt-rTV3PcGS1IoGZ0DCKC-TO3hwyGSM4_e31FWs4r1duUQj81CDhmUGWOFtD9d9kgdG5c9KA1X0o65UkGGiQXYur-HDsuDhDJhyhKfI_YZekyNSqNlu8v7SWlreR6d0istsMbohci2Jlo_g0ZrE69JbSUKuO2zT8fAU07C6liRFK9eIxDMSWGy6LM1Dd_NfC2NxTHzjz9WoRN6e7qiyix-1ma9aq5-au-ItUxiDe1vUHrfsZJqW1YxqPdwEx8MrVWrpzFlq0xONgCsjxiTYQsCWkNIygR1Auy5_RQ18cTIp0-Em9i7izHZFKHpIMUgy4S38VQdyW033-esMU5WMTI_e9-wLZRQrjZKw3hHRUkzu5NGVhMDnrI1u4PNAhtm4bGptgvBobkCv8XAgFqrzbQyp41XouVC76Ci7C8_y4e4ezhEqNf3XrBANqGMiKSzLRNvlIn6qIEw75Qye14StyoyIR2IpSRLTMexgls4N3pSRdQQHCVQ5Xo43pJ8SLC7UxRranJmSDiy7BgOVJbQw-0DxRU2mQ_kH-lcN5BvWjnQRjDGdxysabmFlp84I_rFcqH7hcwZI63puMcYgcHGuKEUrRsxt5k5zqmgZar387LY79v6WIyvjgx0-lXm2YgVRvczJkFNzmCJVJmAjCcVRnkX_qrqnpMV4PFiiihN8vtaN-z6_2dRklT4FXB_kWMWOrAa36oeYhLSiIV2UYkk-kJCE13DSx8PCwiqyCU_2zeLPjgVC-Qn4h2ud8zhQ2rePfPkk0r31BQy9o1iVC5j-2alox-yhAIAtXB7UKyzi5Yl9zZQo0MUDspJoLsviBOCzj9tChpmm3zMtOQfQ5zGM_kKSFOxQgs5mpYKsq3U0VkCVNSCMeC9JqJAM7HJcaoBzQjiSUDd7oFZQjFFHvWlly0aIudqWxAeoSh1MQRUND1lh7GU6vk_qJC4URMGegFnTput9JMGyrrwJ92ngdFW-zBlgPB8Eur1hqPzCujtaHhoSsHfntzMGHJR8qRRFIBozQJk6Z3MK56n5iaJCCPM1bw&cid=CAASEuRoSvtckYTx_ZDhWCWa6L7Y4w&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:19:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/ Frame 29DB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cak6ebTqiJRB3-V5g8aRK3ibVJ_64KAg3XmLQt9FmX6j7cl9m63NMLdB--aSTOeXLETVYmKESxD8eTVKQEB1PGSbXWy9MAm9V-DrlKLFnvIMquSvV9TowfFk8pT280t0UQSUDdJkGTtQ_ogz0Pv9V4X0EgXg&dbm_d=AKAmf-AYHjqL34sLuAHEGM14HVzZDtt2vxZpbuYM07hazhuM9xBvz58z3TYG7YAhiWtZQZfWb0GIpeFE15LgId5b6NSO4EQoFe7vit0-hSfxw0P-Q7dimFdB0NTO9Dd29KvDLcvX9N4gwGMBEgNUZcB6Rpg3XhlVFCvSqx3Pe-9wxnim-CsjUZcZYR403H-1ewaq9Cuc_CS5158_LWkt6APRxlUgaG3ZaLyTcdV5c6FKrPkXNCEpaWuBFtzb0Jj7XMw44U5RTBicfKhW8Wcz-jZlTd1Fwlb0S2PesYiqoOHY290FNLQs3mVwqR0gan0t6lWW2lJPxNTewJ8trokPkrnw4_mPHno5-SscJT5YvAkmsXSVX7xdBHW7ahzgOgxtMMF8uqezrh9S40zaX2zD_zZvZyGmN-rt__EZWreMJ1uotKiNoqjUXioxp7yXdG_OsuDkguJ5ppAPM9lop1rARCNWmycUjFpxvsZf_nFnNF9LpJBcmKDMf20C4o8For2Fa7jAuP14KnAyz0l0_cpicIoAWsNyNGI3cns2YIDo36VXYXdxGHYF1x-5HYJd4U1sRozDZZiR4pnog-umRCIJBuujTK7tKDVwW-6fzzequtQBjHl6D_QrXHFkniE2gHxfiE5CU0mMgUPVYZ41C_C_v3i5nl8ugAKT5kPbdpHp44CnUveJgqU3bgAGNhJ6Rxrg37TFdhKPdW4kfaLotUxT8QfZF-C93gspddytqX07M9dzSA-rzuDYJ5Yc5fmtsqMmo0sL2rMOYlul3Ou5QUnylsJNVxlKBi0tKvot80WS85kNefX9jkiv1AlgHOZLemvShMknnqPd10Nliphps1ighruHM0m0WHwne7irNxO0J6WaJh0bfwXJ1KB6EX0qxh-L-ns0Z3KdfRFL4uTzWk0xaciPDmixJYM54pmIHj8DjY-9V_ZfDkzGomvjLY4YyQAXevTGJUdNkrY1KSbRiuTVED-WR-NBEsvb_jWW1_I4xoAkudC0wV-BfcLHgpKr_5lG5uI9DSkFMMvAcGqmON46oQtNbsC3dIlVrhujM-rdaIiF5BWcLb0TQzGM4WH5ic1NBHuOH6y21NkyPYBuyH2CiVJimEGEPlwKfm1iL4D-V0e0tq25sK92xIat6S3rpWeYwR7DwQkh9Dxf9ZV2PZnyZIFvkB8pWkgPPruoOGjWCiJfyEeWTRR8z4_zuRJbsfcJ8n60fKekzgSaUjXDyDuZfQwc3VoT4saeD1N5Nkp10vaKPCkEHPQPwALTrJmfDxKUy4UaE3NdcQfftXXQ0OgIkP5xy6iAhpN-q-cL2Nj9AGR_beCQ5rf6FXcD2XdcLRAD_WTGPqzo7VOWscRbHhjvw-5opH57h6G-EUUTLlmVde-Y_njK5rrk3cUeBEGtYUFvrVNNG8vPAualuxaIZRLKThHf5YGSwqr8ymMr-94qdgu4p2HmZ-1Fuakp6eQouM8hTGmfQJlCEtGCKh5MRZ60299BOSntja28PgL1IEkOT-ueok9mccUZ8GZCR2VamgAb5aI5nFRGB7DaoBwQJmF9HzQw-za81oDtzy3opWzuPQzOYTuQuvzemjcCOdg_36Ia4LtJn5aewjgD4mv-yp1fCbk5GYeZP31KUtDgPGmWFmmatRMf9LfLBucYTiJQaf0-9_l7oyW_OnAOCfa6D8dRb6RcQs_scvwmsh7-wVJl6bQp3ZFumGxEUfWAfKOjsLEONinx4N9ChwLOZey_X2tP8EfLlidbEBtioCVRkBgHVfv3Zv6OkRxiFIE_88X7zCR8s0x7jMwPNTF6Uuj_VWwqKR2MCa2GnAeyrO-q3XCxh1IWrlW-_ih6-WrxS83pOwktbcrWV-UeYRnCGtt4L09PJPl8StRmqWfKSEl8d2nT7oc_Lowg11jw6FItmWjj3hiBMkHxmr-Ge9rfq-CrN0mEfNOpyyHtf151tQz7iIrl9uU9PIq2ZHF0vD4xasSeo216_7J86yccN6EFfyt-rTV3PcGS1IoGZ0DCKC-TO3hwyGSM4_e31FWs4r1duUQj81CDhmUGWOFtD9d9kgdG5c9KA1X0o65UkGGiQXYur-HDsuDhDJhyhKfI_YZekyNSqNlu8v7SWlreR6d0istsMbohci2Jlo_g0ZrE69JbSUKuO2zT8fAU07C6liRFK9eIxDMSWGy6LM1Dd_NfC2NxTHzjz9WoRN6e7qiyix-1ma9aq5-au-ItUxiDe1vUHrfsZJqW1YxqPdwEx8MrVWrpzFlq0xONgCsjxiTYQsCWkNIygR1Auy5_RQ18cTIp0-Em9i7izHZFKHpIMUgy4S38VQdyW033-esMU5WMTI_e9-wLZRQrjZKw3hHRUkzu5NGVhMDnrI1u4PNAhtm4bGptgvBobkCv8XAgFqrzbQyp41XouVC76Ci7C8_y4e4ezhEqNf3XrBANqGMiKSzLRNvlIn6qIEw75Qye14StyoyIR2IpSRLTMexgls4N3pSRdQQHCVQ5Xo43pJ8SLC7UxRranJmSDiy7BgOVJbQw-0DxRU2mQ_kH-lcN5BvWjnQRjDGdxysabmFlp84I_rFcqH7hcwZI63puMcYgcHGuKEUrRsxt5k5zqmgZar387LY79v6WIyvjgx0-lXm2YgVRvczJkFNzmCJVJmAjCcVRnkX_qrqnpMV4PFiiihN8vtaN-z6_2dRklT4FXB_kWMWOrAa36oeYhLSiIV2UYkk-kJCE13DSx8PCwiqyCU_2zeLPjgVC-Qn4h2ud8zhQ2rePfPkk0r31BQy9o1iVC5j-2alox-yhAIAtXB7UKyzi5Yl9zZQo0MUDspJoLsviBOCzj9tChpmm3zMtOQfQ5zGM_kKSFOxQgs5mpYKsq3U0VkCVNSCMeC9JqJAM7HJcaoBzQjiSUDd7oFZQjFFHvWlly0aIudqWxAeoSh1MQRUND1lh7GU6vk_qJC4URMGegFnTput9JMGyrrwJ92ngdFW-zBlgPB8Eur1hqPzCujtaHhoSsHfntzMGHJR8qRRFIBozQJk6Z3MK56n5iaJCCPM1bw&cid=CAASEuRoSvtckYTx_ZDhWCWa6L7Y4w&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9405
x-xss-protection
0
server
cafe
etag
9145933494120910982
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:20:17 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 7030 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Origin
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:32:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/ Frame 7030 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BietpAQJI5KtPEYZGmIK0c6t42RZFsoWeeEs4gG-xthbwK5CPG8kGxECUifWAj8Q_n3HhUQd7NDPTU-3SOeZGi1pQqa5Fb8Qc9ds_HXS_5ilH8UgceuKov4f_lQE8CoXS-4A7Hc8z_iD_JS6pdlhB_FxIiSw&dbm_d=AKAmf-A4VkP_eFufvnqBqaZpe9YQx-bva3v12CH59_k99a6dVd5t8wKRp9rFawQmNJVZ_3dt-lDZGjtSP1NrhdUF0bC1redVCV8RM8yNuhZQN3xysXn1I1wlYdFuP0WtBv46yMwwcq0pP4Do47seHZA_4QydzrVQcq0ADyr9AEaBQDMG--goivG37CVcP9TkiaKvVZ85t2sQ8fUDrFyHZfLq9uOg2FqgrSLV2Wajzy4dTZKIrsLyhMVKjJtjA08H0E9eAodJt622Z0k6R65teTdE5Sd4aXygP_LN11bNxPFAC1s_c9CMGxDJtX_4C94kh0S10GxufSbgNYTiaFRh2fuJY4vApiGhNFE169B1HRSrDkJ8MspBKYW4lLW4qBykU15AEy1EVlNhuTisbadYIWV_l21l9jTc7ZWAuhZaAnVd4amze_Dud_eunAUs6M-zep4rWF7TPhhdDFNMsUNUFt_8vKQuYwKcPJ9vkXLfWK8o6K3n1jiuWRf6l5D5pgCvepq7587wOd3QpLDVukb9W5sb1Zo6hnVHh32AcRnySupi5xfsy-9pb_welqflaEYo8EdltHKIx5KFZOnP5axBJfoDpiYtC8rfFOcO6MDDYyN5AnftfvPQWpHtnPaBvEiC8odhcMwbf5_CxyCWwYD4jBmj-vyahuL8w-s2Jww9e17I5z4G1JEZmnPZ3OCz_Wactmz-MzBLs2YKgbXfzwfiodXWRN0n2DCbLHsQWYuEg64OwGi3vSBreumU_MmW9SNwFlF3cIS68tFthK87822EDEU_ChKf3xlsRZea34WmmHjorCNRnybPObOsbiPlJ_eh-vixZO2JNyuYK5aqGPXlPZblFbYSIBHJVUbZyakBakp2qjhGVuk26FsUrHzxwn5FPaH8HoT-zaRRQ2hKa-Yxxg-rBfap3i4KEZjUZyA1w7f4Jw5GH8aBP_QCeM4N4I-h0zSOB4nOVRp3PeHRwYRyPEZWPiVBoMGt0lTb21F85RhqOsEovfALiefHnXt_n4vLsSR4kl6RdewDnUd8Js0QglHUn4kmA8xhcETvmwhzbYBfvInjW2td_RkdujYJgLL8cCzYr1x2Z8AVic-VexX3au-Bs5CaLLXQWZCHkLbV7y3UYrOprdDL0nschGzdwn8rsNGyQymLAYEpFSI8EQJsfibOSh5KTLMsxwPGMWusXIWDD12m8FU9wgMbtE3SVq23wrIlQ7LcLdjgvSbzIPvWUBmrRPwIvar7gfuhE3Xau0haZQW93q-FqTHx3e2fJOR4GCyjrTaXjK5UqmXRC9fU9KFTLlFtvtNp-Agdsu1YtkRvgSslvKf-PimlGe-Rq7pdVAQykiU46KR-AC6BsY5VVVNU8BhexcaLsIXV-BDsH_8RLjWXc0eI7BSiEbgut7OfIYiNMtqDF9J29xOoA8MhLZWMPUNPe7KxiJq6v8UU-dKPj193N3_Tun2YhD03rCJ6bLwJ1BT0dc3Wn8AjfbfU7P3fhqqM0HmdLshOz5bTCtFVTNc8gHkXJalMmkB2kpthS1kC_s_-wRN1oKza8u1x_xpp99M1oXAraTt0a5aoar4FOzS7lGNjxVIIOhaPGcMlmkPLPCXoj0iEvowyQFDoKKr3jL3EzXPdhcPci9d0AuWOMK8OHGOHmA1oTCtZr_j1pyvW6uROeEIwqAVzPqFH8xl5P7BV2iAYiafCDCI14u-nTLEC2t_pgvYWAq7bxXvG39iWx-5pEg_K6jtg-ay6gEKEa9iiWx_szdzaY6GQ1S81mkMXfC3_q60Y8bYlqZ9EiOvV49cA5rAoS4Ro6s4sqwrw5eBtEcoA45XK-Lnk3KRd6sl2WnnTCmcZeH87w0pfHcBZjcG0l9rTeouYU1TXuaS9mTzJXXMtTVz9wV-1Xh4AMzOuushsaNFAVeYSmkkBOr_3Qy88v-mPpbYaDS4gedN7iyXT0yT1o0QpiQN7uNUQfiK8FzAWcxo2wuCRIkFcnpDfenuA4v0zGItzuo-7CZtramWaMHJ3uLsvBjlFeHN5jAMb29nVtvqJhPv8CTW7do9Obfhdg4G0qz-ERFeXKlH4aEMS_RoZoPCNPnNevDmW0H48F9fq7_kiiQVE183o8Il_zE1hPi9AoDie-qN6WYYcIPfWZ430u2vWwh7P07q0NbYat1pmj2nd4FQJj9o4o05Wh7FDSHe3KaWrTD0ulyIq_SxHEk6Vi6eagkDev1S5AA89vFGKw7wNkEgybdvFoWs7QZpIl03ouljYcDgIh6jASngJ76z00BtMriMCWOxU98pJ8L3-jRylNMj0Z6tPpkpuhsyhwSvDaVsv7BfDiMPvwm42_4XXfDWdJuO82HxeAjd6l-rA8qu7tJHHyk4QZaHmbVYZjm7Nx_wO-6XV1WAYKCXS6yvajNrMFKLhD7wkOZAU2UJe7t0J0FOHMzj0vXEFrwgFaO8GeLRONWgqkonK-6dl-HGfTSfAhIUTbjnXldvvvs2I6v6g5GQQCfB_pqctZs-p3YrAfz08DXFDGSDIjaos7YVqW_Jr1oKdQ-5KP7YlAQSabf5e-K0QnIlbcY6DVUXhXKeWHOaLi6f7yy5vuGIXKVvG4w7g1fN41Xkj6RoLAmzZg6vRtKmoGWbSHW2aDNk4d8im_gFnCs1rK1KjM4oR7TC0o8PHqy1_jmL3IjpDTxGp9yZrPdRsQmRXC95GrDyR6LB1tYBtF_CF5yOB_7oihZoKCsakR3jAtFORhQtomY2OO-D1o3V9wdl6BFfuMcSDfH0skSmJ2-G2OOhzG9DsZpUGjru43x44LM4kElnZvr4UBQZn4Hpr9hn1Xq15ksdzmiZt-OkI7qgdOo_EqOnuyOrgfpJoPtl0hItLhfemFu38r3QKRmlrr-JCJ-QUY_WH0IHjhwTD-53JSwaRV0aD-B7PxP1OBU1D4-A6rU2lV7D856gvEPznGs_lfjhOa_kW_NdyfdILRMhMSJJ03ZUNaNEEKRrL6JWX2L2-6L8MLvQJxL8h0uYL921Ur3aUmHOzjt2rYVWJ4Qvqp3uDIQ_G7140Vg&cid=CAASEuRoJJNiNS-yWUceEpnO-om4hw&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:19:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/ Frame 7030 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BietpAQJI5KtPEYZGmIK0c6t42RZFsoWeeEs4gG-xthbwK5CPG8kGxECUifWAj8Q_n3HhUQd7NDPTU-3SOeZGi1pQqa5Fb8Qc9ds_HXS_5ilH8UgceuKov4f_lQE8CoXS-4A7Hc8z_iD_JS6pdlhB_FxIiSw&dbm_d=AKAmf-A4VkP_eFufvnqBqaZpe9YQx-bva3v12CH59_k99a6dVd5t8wKRp9rFawQmNJVZ_3dt-lDZGjtSP1NrhdUF0bC1redVCV8RM8yNuhZQN3xysXn1I1wlYdFuP0WtBv46yMwwcq0pP4Do47seHZA_4QydzrVQcq0ADyr9AEaBQDMG--goivG37CVcP9TkiaKvVZ85t2sQ8fUDrFyHZfLq9uOg2FqgrSLV2Wajzy4dTZKIrsLyhMVKjJtjA08H0E9eAodJt622Z0k6R65teTdE5Sd4aXygP_LN11bNxPFAC1s_c9CMGxDJtX_4C94kh0S10GxufSbgNYTiaFRh2fuJY4vApiGhNFE169B1HRSrDkJ8MspBKYW4lLW4qBykU15AEy1EVlNhuTisbadYIWV_l21l9jTc7ZWAuhZaAnVd4amze_Dud_eunAUs6M-zep4rWF7TPhhdDFNMsUNUFt_8vKQuYwKcPJ9vkXLfWK8o6K3n1jiuWRf6l5D5pgCvepq7587wOd3QpLDVukb9W5sb1Zo6hnVHh32AcRnySupi5xfsy-9pb_welqflaEYo8EdltHKIx5KFZOnP5axBJfoDpiYtC8rfFOcO6MDDYyN5AnftfvPQWpHtnPaBvEiC8odhcMwbf5_CxyCWwYD4jBmj-vyahuL8w-s2Jww9e17I5z4G1JEZmnPZ3OCz_Wactmz-MzBLs2YKgbXfzwfiodXWRN0n2DCbLHsQWYuEg64OwGi3vSBreumU_MmW9SNwFlF3cIS68tFthK87822EDEU_ChKf3xlsRZea34WmmHjorCNRnybPObOsbiPlJ_eh-vixZO2JNyuYK5aqGPXlPZblFbYSIBHJVUbZyakBakp2qjhGVuk26FsUrHzxwn5FPaH8HoT-zaRRQ2hKa-Yxxg-rBfap3i4KEZjUZyA1w7f4Jw5GH8aBP_QCeM4N4I-h0zSOB4nOVRp3PeHRwYRyPEZWPiVBoMGt0lTb21F85RhqOsEovfALiefHnXt_n4vLsSR4kl6RdewDnUd8Js0QglHUn4kmA8xhcETvmwhzbYBfvInjW2td_RkdujYJgLL8cCzYr1x2Z8AVic-VexX3au-Bs5CaLLXQWZCHkLbV7y3UYrOprdDL0nschGzdwn8rsNGyQymLAYEpFSI8EQJsfibOSh5KTLMsxwPGMWusXIWDD12m8FU9wgMbtE3SVq23wrIlQ7LcLdjgvSbzIPvWUBmrRPwIvar7gfuhE3Xau0haZQW93q-FqTHx3e2fJOR4GCyjrTaXjK5UqmXRC9fU9KFTLlFtvtNp-Agdsu1YtkRvgSslvKf-PimlGe-Rq7pdVAQykiU46KR-AC6BsY5VVVNU8BhexcaLsIXV-BDsH_8RLjWXc0eI7BSiEbgut7OfIYiNMtqDF9J29xOoA8MhLZWMPUNPe7KxiJq6v8UU-dKPj193N3_Tun2YhD03rCJ6bLwJ1BT0dc3Wn8AjfbfU7P3fhqqM0HmdLshOz5bTCtFVTNc8gHkXJalMmkB2kpthS1kC_s_-wRN1oKza8u1x_xpp99M1oXAraTt0a5aoar4FOzS7lGNjxVIIOhaPGcMlmkPLPCXoj0iEvowyQFDoKKr3jL3EzXPdhcPci9d0AuWOMK8OHGOHmA1oTCtZr_j1pyvW6uROeEIwqAVzPqFH8xl5P7BV2iAYiafCDCI14u-nTLEC2t_pgvYWAq7bxXvG39iWx-5pEg_K6jtg-ay6gEKEa9iiWx_szdzaY6GQ1S81mkMXfC3_q60Y8bYlqZ9EiOvV49cA5rAoS4Ro6s4sqwrw5eBtEcoA45XK-Lnk3KRd6sl2WnnTCmcZeH87w0pfHcBZjcG0l9rTeouYU1TXuaS9mTzJXXMtTVz9wV-1Xh4AMzOuushsaNFAVeYSmkkBOr_3Qy88v-mPpbYaDS4gedN7iyXT0yT1o0QpiQN7uNUQfiK8FzAWcxo2wuCRIkFcnpDfenuA4v0zGItzuo-7CZtramWaMHJ3uLsvBjlFeHN5jAMb29nVtvqJhPv8CTW7do9Obfhdg4G0qz-ERFeXKlH4aEMS_RoZoPCNPnNevDmW0H48F9fq7_kiiQVE183o8Il_zE1hPi9AoDie-qN6WYYcIPfWZ430u2vWwh7P07q0NbYat1pmj2nd4FQJj9o4o05Wh7FDSHe3KaWrTD0ulyIq_SxHEk6Vi6eagkDev1S5AA89vFGKw7wNkEgybdvFoWs7QZpIl03ouljYcDgIh6jASngJ76z00BtMriMCWOxU98pJ8L3-jRylNMj0Z6tPpkpuhsyhwSvDaVsv7BfDiMPvwm42_4XXfDWdJuO82HxeAjd6l-rA8qu7tJHHyk4QZaHmbVYZjm7Nx_wO-6XV1WAYKCXS6yvajNrMFKLhD7wkOZAU2UJe7t0J0FOHMzj0vXEFrwgFaO8GeLRONWgqkonK-6dl-HGfTSfAhIUTbjnXldvvvs2I6v6g5GQQCfB_pqctZs-p3YrAfz08DXFDGSDIjaos7YVqW_Jr1oKdQ-5KP7YlAQSabf5e-K0QnIlbcY6DVUXhXKeWHOaLi6f7yy5vuGIXKVvG4w7g1fN41Xkj6RoLAmzZg6vRtKmoGWbSHW2aDNk4d8im_gFnCs1rK1KjM4oR7TC0o8PHqy1_jmL3IjpDTxGp9yZrPdRsQmRXC95GrDyR6LB1tYBtF_CF5yOB_7oihZoKCsakR3jAtFORhQtomY2OO-D1o3V9wdl6BFfuMcSDfH0skSmJ2-G2OOhzG9DsZpUGjru43x44LM4kElnZvr4UBQZn4Hpr9hn1Xq15ksdzmiZt-OkI7qgdOo_EqOnuyOrgfpJoPtl0hItLhfemFu38r3QKRmlrr-JCJ-QUY_WH0IHjhwTD-53JSwaRV0aD-B7PxP1OBU1D4-A6rU2lV7D856gvEPznGs_lfjhOa_kW_NdyfdILRMhMSJJ03ZUNaNEEKRrL6JWX2L2-6L8MLvQJxL8h0uYL921Ur3aUmHOzjt2rYVWJ4Qvqp3uDIQ_G7140Vg&cid=CAASEuRoJJNiNS-yWUceEpnO-om4hw&rfl=1%2Chttps%253A%252F%252Fwww.turnto23.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9405
x-xss-protection
0
server
cafe
etag
9145933494120910982
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Nov 2021 05:20:17 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=197020496690&cu=1635916870387&m=1750&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=0&ag=47&an=0&gf=47&gg=0&ix=47&ic=47&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=47&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=94&cd=0&ah=94&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1080422524&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:12 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 29DB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 01 Nov 2022 11:10:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 163C 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Nov 2021 21:11:57 GMT
expires
Wed, 03 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
29355
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 29DB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc5f156d20e389fd1d7f51678cac1da858ea05adba976e90a67d776408b223ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7030 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 01 Nov 2022 11:10:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E513 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Nov 2021 21:11:57 GMT
expires
Wed, 03 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
29355
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7030 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb7f00e7169a2ecbdb291d2959a093e6524d29347c47f866420f2afd16b12c44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1050&gp=2256.671875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=985519088657&cu=1635916870387&m=1756&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=2256.671875&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10&cd=0&ah=10&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115768602741&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=1363798126&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6DF8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 01 Nov 2021 11:10:41 GMT
expires
Tue, 01 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
151831
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
300x600.html
s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/ Frame 5875 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf78cc1055b58cb594c35ea6e8abfa063edb07a72ef2f2d41120123e9a13cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
10103
date
Wed, 03 Nov 2021 05:21:12 GMT
expires
Thu, 04 Nov 2021 05:21:12 GMT
cache-control
public, max-age=86400
last-modified
Mon, 07 Jun 2021 14:39:33 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 29DB 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvpbBUjs_flPGAzSgUHO4uaAyA9l1ddk_E4MzgrnqfJztMbq77hnatpBvWcAxzfAStJ7FEo1eZaPhLfzbNYYnJNUwRogcrSHMXiJjuTsS0WYe2PtH2pOAtE_5cYkThhnMxqENcV8XG4RteiTiO-vK0t6MzBSrJgIDjDGsn61kgSX5zy3QEAWCtKlNomA2VWNk3KSdpE5OORqiHPJZe3NwRjOSCEoBXMJwxPLFgSCAOejFiZ0kynJQk6OolwW5XSTFBeGSMqrslhl5_M2YtsN5TeczK2b2txpZjvkS2c4abTTEk8XfZkNHO0YoY88Air0sKdLLtyATQ4Swsa0i2cd5H6r-I3dFGvQ3lXirUg2LluA86lzxt6WVf7UeHEG_GRUTP2n2oQClTBJjiCmxdAElWdxk17ZIkHQFT-FM6lPsW7to2wENJ140oXc7VTjC6nq7yqtltt9F3KGpJ3eg8NfEO0_hqQ7cmAb4BDLhGgF8v1u_0TxJxEEt1YKrqckiuSPzfGX_x164Rfb_jr0QYy1O8_6ZnCHjUWVq4W-H6ldCq0tQCRzepzTnnW-7yXDdqvrGhDaVo6t4UqxQGRb3NFWk0fWArhOZE6EXRz99y4eBThIR857L_p_opDty_BWP8S0wh8-NuWXdfM8kVSOpMPjZIy3gnIfnTA-GdR3aUf4hEyiH38JmanvbgGpaLpeZZtr8tcTPC7iozrAc6H69OlNMCBxd06XF8qi-27hV_ptqF1lNnpOQBcn4Vick9-X4VDYEdB7lJEoLe89EVx6kL7_VkQWRn0ytVFVNY13bzrxVmRYnOOQyl_EDWOvIx5XKMj6j-76Lp87cWTT9c9ARviGCp04XefYVAHs6YoGW0NC3C1lYvaMXNjhoWgLs_Rz4JL1EKdoPlrJDwdl9HLvC_-k9Sj4JNcrDI-OqrXcj1r-jQpF71z2DoLMcSO-Ao3XJAvOBg7TTgNiIT56oNwwywlDzi8lrT5ki1ogPRHPxGeSBNxLgwvIZv1xug2XPAcUt_OwRhWVrheABOWeUKF78wbmyGSTKl8MNk-IzcH6IhEQazjbe8QhiRKIFiWAiSARBaJBbK9zA8ZqGDIvQUvLTCZrsGeRnyun1VsqFSg8YYdarrgJA-38PFs1MrLW0a2D3-ESwyhghj0jiO_Au2F47TjgCieNV2yHWc3LbJIGy3vhbJVZOA6KvlGIdDP4TwLi4P7HZxAGc2D0oee1N4lUtm7yRT8h49FBTBKmKWz84gUUlYXKwCNUIpBHV77hNZ8XqLiVMpM5myAh8t1O4GjuIlx01nw17H&sai=AMfl-YRNK0dMc0yXuijUI4uuG2EJPDTQoxStB7PYIcOwmoy8y9Ln2A4PFcjQ6t8kXhovaUSyJ_gEeeFTkB5gP-xaQZW-gphqKQGBGRRGBKdR4oJMWZaQ-v6mI8z0Rcbre9qXyjCccNdSYJTNzPFglaqJGVLlBMk_vw&sig=Cg0ArKJSzGlYbftFe-_tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&cbvp=1&cstd=216&cisv=r20211029.82467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 03 Nov 2021 05:21:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
728x090.html
s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/ Frame DD36 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9058b67a8458554f0d07463b92e0f994c8ec8cdc79b705f2eff8b882fc7a0f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
10141
date
Wed, 03 Nov 2021 05:21:12 GMT
expires
Thu, 04 Nov 2021 05:21:12 GMT
cache-control
public, max-age=86400
last-modified
Mon, 07 Jun 2021 14:49:44 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 7030 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstk-VbXbjvuvX2iV8K5r6m15HOFAluBvRCap2_UcIesuZyrbqLy6UnKTaKcFe43Nq_zhreUIEgD7GXLyfttJMymSgVyXQSZZ1_CQMfGAGnAViuNJwN8t4j4W3LXRJ74KWJbVtyieYg-383cnYgzCP5_MgYja9k_ak0o7LO5AOeLY6mW_XDwX67hgng7y5qczOtCf_zNUUvBzzU3jw3BdeAhB2_LXKZQ0eIO6FWMSc6Sbq47eDvxh7FExYuq-AlYWYdWynPIQ8TLxQu6h_8Rzp7_XzDlDuprQ5jwKKNxG9oejiZKu54jkW1bPFvDvVdqSsy6z48W0XNwW5BhWHGiOsD-jdQfWFg-nBF8OIrtwaXO_FIWRAFQ7pXfubEO74jI-K-7uIR_FBH5rK6ZefotxxSjRmH0HIjBotDf4ORy39iT0Or7NIRgVIQC6LBpDzCilNoolz51dGhOeazUoDj-8sGvDO2vxh8NcpS8gM5rUfdJljqFDiUPPKl9M4yog-c4M7cpih-5qOcG4CkVBNaHtxttq1N5Vx-MvErfDgle1b4pRPwHMisYJy9OJYI6nevBG2v6qCcTHxDyHEa7Y19kqE0AyS8zwGjxuPD6dTtuPeFQ1rlfVavSbuW3Zty1oY1a9auNRxtfoXkoKre8czIdYUztCRhHzwTSaoxJ1_Wq__M6Dn9zRpKbU7wimTiFTepKzNATydOKHUs9UDFQ-QVD2UebVp64r9TGEeZZ15nqXI-DDRJMmUBqjXXhE9OyDL1_AdrcY0C5_4q_2YsB_-ENp-gSuIiDrA8_jBoq3YyppegmW-Cvd-n3LqyzpcSaSjHXFW7q3YMcWnV30Zud2StdeqgxhE-vGiKkrUTqxMWE77YhxnYvSw9LPDRSdSx3NrhU8z8dUjjE6GA2EtR3JsKRautNrC7GzQlxAOTFNJu3C-ydAZHpF_CWrlf5Y2caXsMThnLTdG4fk2Mr-Jr53_TlMiU4ftB6ZEkF8Img8mpbRUPavuIGSxv-eqqkbfcQMXCUAbraEzHoGjvJ_E1nBSXwvnigr9ZLy0P-XWWd8oeANlWuhlK7VsRaO4VfLBV_UowLWbzH7HVNNunAb4lztJbEQrvR8OxDhFa-WAJ640LMjeETkYdR_Sig_K8pgTSVAu9ttlYtw3iEIOOCWuwp1Oeky2jRNmNQp48gPjerLX04r8wT_Sh2yfhro8nPbxBAEHIfjM4TRJnYgdNf0Fkp7d_KAJhB7V8vQu4rshH90hDZtE-hRXDxWGrTFqb6epd_xmhF6GWQzJpgICHUe0zhe-V2pg&sai=AMfl-YR9lZ1g8QTVXLhOZ12_GZX0vLpiH5PeBrlhHUYUcFb31rTvJhCqB9lwbG2ZNeFT40T2PXNk5yj408ypC9knZ39mQ58ZgJ5yYe2_AHzQvkdav-gc5s4H09qCWMyO_axxd0P_7Z22B8zJprWKSu3QxdGgppbxaw&sig=Cg0ArKJSzPitOThyHdDnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=216&cisv=r20211029.25689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 03 Nov 2021 05:21:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F507 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 01 Nov 2021 11:10:41 GMT
expires
Tue, 01 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
151831
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MzdwSlVWQmcxTUk4STA1&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MzdwSlVWQmcxTUk4STA1&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL16BAsaY7bji688uwJM_w3Q_sX9iyA2w43P8uI1-tyWipgQN6wlQ
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:11 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MzdwSlVWQmcxTUk4STA1&google_gid=CAESED-TS6GvZwmUOTsD6ckw6pc&google_cver=1&google_push=AYg5qPITp2bMOXbPux2iuacYQkjRvudyrLK0etR6LWeFEEL16BAsaY7bji688uwJM_w3Q_sX9iyA2w43P8uI1-tyWipgQN6wlQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 163C 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPakJXKK-E-ECpJD1yjteM&google_cver=1&google_push=AYg5qPIHJ5u8h28DCOJu53InjfvWs1Y2tUHWh-kMepNO8oy49xCjtGHimvgM1n7Xy_2zD5rteWDWoxTqciUaAQYsjoTQ8YEk5II
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 05:21:12 GMT
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7T7Ph7T2dVfDBHwYH32qw&google_cver=1&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ&google_hm=ARfPEefVjkG3_a_e3isBdw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ&google_hm=ARfPEefVjkG3_a_e3isBdw==
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:11 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLoJC4cwDdKMN8r-PpzU0SXXrs8Yh3NJp7HuNN5lu-dtO5TO4jMkeA3ots047j-_2HOBYkqd5USVSEG3djhAEwFbvZNRQ&google_hm=ARfPEefVjkG3_a_e3isBdw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
l51537ukeh4rquu0e8jia8k7kju87b3l
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAPOY69KknuOndB7wJxqeco&google_cver=1&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZKMk8wN1UtSi1JVzBF&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQlPJGUlzNWP7f7S9SPEQaT9g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZKMk8wN1UtSi1JVzBF&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQlPJGUlzNWP7f7S9SPEQaT9g
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZKMk8wN1UtSi1JVzBF&google_push=AYg5qPJgXkrC5NCubZq4wE_uGOsGm2fj8AOuUMd7IIfx1758Mdf_0Dm7vTvOmV5OzrXAGMFN-HQlPJGUlzNWP7f7S9SPEQaT9g
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEELyDvhtfEWCt2WI1i1h5Oo&google_cver=1&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3m...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEELyDvhtfEWCt2WI1i1h5Oo&google_cver=1&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3m...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU&google_hm=64e4eb142ee249f40cfed8c2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU&google_hm=64e4eb142ee249f40cfed8c2
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 03 Nov 2021 05:21:12 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL4SHaT09UgphsJ8s4hWq3LHGD8qTO1cl7iBvRelnDEGa17_5PK9_ZQN8ictEtMj1J-9fHBn_M_rHqv3Cy3mKwmZTDF0mU&google_hm=64e4eb142ee249f40cfed8c2
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHOQqcpnFQpcLr2_-KLa2Io&google_cver=1&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHOQqcpnFQpcLr2_-KLa2Io&google_cver=1&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkln...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPkl...
0
0
pixel
cm.g.doubleclick.net/ Frame 163C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEFw1t8TfSNRNsBkjEJfNCk&google_cver=1&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw&google...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D&google_push=AYg5qPLtWg3CbvZrvcfUIV6Yvr_BPYgbrhkQQwcsY_Or55DxVLwruYkZVzDKZS5qPAvD8eiOKMQYPoUkrs_gIKFdgJe-FLEeIw
date
Wed, 03 Nov 2021 05:21:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 163C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_OxuoViWrjFmvlYQy7C-BSIRIsH0WxH3f2DRLEWxYvTrbpCSx5lh5Amj0zecsVUPs4kZF
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame E513 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E513 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELS0VXA8zcPuOHjRGr5Yft0&google_cver=1&google_push=AYg5qPLQfSJ-X8jvHlW6B0ByXqt5iXVouCd1sBwpvR3SMmINTVKuMmjbGA9N7dwQSTfKbBOgYDrXNAA0dsQCW6AaWuCGzfkKNA
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E513 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAPdefs1p0AQaNnxLKnNJ_A&google_cver=1&google_push=AYg5qPI3ZY4cpde4b7bVdzgj3Gc32OPVbc1emfZXCBdQkpoZ2PaRUSzepGxu1oolZv9hLzQBaW7WJOC_71SpoUaWKkoKCv_v5Gs
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame E513
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELiLE2t5J_4S04NBhCDm4io&google_cver=1&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GTnT1SpgSSqOY-7J3EIkAw2&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU0yscpSobJXw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GTnT1SpgSSqOY-7J3EIkAw2&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU0yscpSobJXw
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 Nov 2021 05:21:12 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GTnT1SpgSSqOY-7J3EIkAw2&google_push=AYg5qPIdcJ40A_Qay8-tJNUyZIV23yxeJ0pat-XkfhXpVgOQfH4ke964b23Q3H_9xoJGjMqtKN-ubXYCBMIgIjhU0yscpSobJXw
x-host
tde-deliveryengine-production-7f8fcb5db4-vk8k2
alt-svc
clear
content-length
0
dot.gif
s0.2mdn.net/ Frame E513 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPakJXKK-E-ECpJD1yjteM&google_cver=1&google_push=AYg5qPJ36r83FIaipymEqfQJNjy-pHUxalZvgBXBgbJ_r69OBW8qTTYJadf2TMa1PQ_BxsJCy02K-wdVMaWsZXoqP9wrAMkLOQ
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 05:21:12 GMT
pixel
cm.g.doubleclick.net/ Frame E513
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG7vZflnJho2QWwprT-T3OQ&google_cver=1&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvK...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvKlz1tuOZKoIsyyYo3BQYVU&google_hm=ODI3MDc2MTc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvKlz1tuOZKoIsyyYo3BQYVU&google_hm=ODI3MDc2MTc4Nzg2NzMwMjQz
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJ3VM3zIN41v0TgUjEPIXCb8Uue7Qv-VOcx8KFL-dFlUr6Rbx5UrKM7u5lSPuo4SND407AmvKlz1tuOZKoIsyyYo3BQYVU&google_hm=ODI3MDc2MTc4Nzg2NzMwMjQz
date
Wed, 03 Nov 2021 05:21:11 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E513
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEC816Ok6cI4GcRuh5fdMRLo&google_cver=1&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkYzFlNGY5OC0zYzY1LTExZWMtYmFiMS0wNjgzNTcwYzljM2E%3D&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkYzFlNGY5OC0zYzY1LTExZWMtYmFiMS0wNjgzNTcwYzljM2E%3D&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 03 Nov 2021 05:21:15 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkYzFlNGY5OC0zYzY1LTExZWMtYmFiMS0wNjgzNTcwYzljM2E%3D&google_push=AYg5qPJ6ReXq7o8cxseUrsRs_vT3hPQCicqu0ZAQTnb_sVGqMOb3_K67soZwq-ODxaPzLO-guw32FYBOolTON3nqc_FJdLfZBIU
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E513 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLVxU8VjRZI9wzp1Nl4RKwPVJgDXCxXXez_gq8x6wUBb3-_9_X5k5RFfFMxhbyN_n7JSu_JQ
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
pagead2.googlesyndication.com/bg/ Frame 6DF8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 17:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
43424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13525
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 02 Nov 2022 17:17:28 GMT
sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
pagead2.googlesyndication.com/bg/ Frame F507 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 17:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
43424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13525
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 02 Nov 2022 17:17:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110101&jk=3447818420648923&bg=!mpmlmd3NAAZzbWp4c207ACkAdvg8WsEhdxYqV_7DYJNVNEhWb7vQ_dp-3DmPT3KdU3thd-lEUAeP3gIAAAE5UgAAABtoAQeZAsMM3Ka-lQOrTAIAsap8m8KesAJPZiRJhLJEVpZrx48VHiMOwN-ETWzCS8UOLa3qpQiTFip11axt_qzahA7X75L2g-WglvL5ba-srmtiQf_dfwB4l2YnD3tkcZY0zTSEgwDhe929WC8ofUmq9xOABtAGbZGxclkqoA2NeOvmqblIL_Ps3HJRTLYuJ7gr_0y9KX-eqEQmP0Nyg7tnLyHqARscsgx_6875l5-EXx5caduLfsn5aG8HhHNAYMOiBYKravH0kPVV9i3jyt7sVVB0fVU5R3ne1vO96G0UjSkP7ux2dkpYdC0W4PrMoezSkUd1R6IKtSLPWO7plT4sQcTDeBSah-YaxguD9h_0mXI4vq-0I6lddpYqylvxQWU8HY4krjz0k8SJ-APHa5D6Az-bUqvrAjv3Zna50kasqoAvbXjzF-hBS56ZU_yOf8QZ4eCl68aYR1GwkCYdrfPlHUhseYA2Q-HMRKt8xQq9WqFqdHAeOR3jr8Qqy72h9NW4IMamkA46mCmMoQsEMJEBOMBeb60UnGfZZmnpWW8u5nzuj_rCwZ7NT7M2o-m7OYKXcL1I9m4SJy7nfHVj4SF1TwHe-jwaozwLa-WLhLWGEQVG3IEuTvBb3KmCIc4e0_S4Ra_MtT5_Ts1QoBM36Rm6JNp2sEcPMCFGvOm5eSGEAt3t2jcRbO0uCxexKargXhj83dpt7p_mSwpvVyxq_x8tdyGPakGmWUnNIf-uvsZrpJM7NOnk68JXPlqCGgSigYr-xSV1q6DTtPmwgFq_gdFjL0cEhD-BwSLwyQ1DwHaizFp-pu2KQhH66YYeGooWJzDvuH4iNTYjd0WvOanLRccpQ-M3J1rMjkZTlXPW_Bd8gDEXd3HuLdf_f9VjzQFB09CVw_2k4R-bIGsrw3-mFy_H-unMMp23yRNBlZbABIbe-huTMeSYrokGlQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DF8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKnduSByCYbinAY2U3gOTqbXQCwAAAAA4AeAEAg&bg=!goGlgcXNAAZzbWp4c207ACkAdvg8WmqH3tgBALgJTT2a78REc0k8rf7JFbfldXNKnbpNQvZu839kQwIAAACpUgAAAAtoAQcKACxUHj9ymBC46dXeLMoIIgYVNp5xdSnnvw3Bni6AAdwTYEV32ES2N38jz7nr_pkC-qZQXgkpmU25e5DA6cb2Kdg_Qfl22Ag7ZqDJ94U5MerfBT6ZoKZ4hRFo9DWB6jDu020gp4dsRhSrMu4jocnK913Ei3JxFUv18i6oKunQ9cU1XFfYfkR4cAYoyiNhYeCWVJYnZM86kZwWGsbXgDj5bPj-NRdiv-Bq9pNurkQsrQ8a4B95i1q3K_4CH3cdGNe5xbxAgBSNF7jvouxDQLm2l7iwMM3l8LFrWt2EBIzLTJuBHb0dQTZDpF0vp8kp6vBeN1Yde4PYCGraJ0U7o4KEQa6AbU5u3BCoK-jwf5GNwrU_3Fx9aYKCPHKIobr7T-gzYjZ5LCm3jQW2n0-2UZbKWCqlVLGiyXlLvyzMppj31ien49y7b-Ks35xCOpd09LZnGq4q7JlSjElky6U5tZaED2RB8jOW8KaWlPQy6nnBb4vVMaaH6o-4Wf7dRiXNrSfFLpv3KoQvmYfE9SWMVI6FPBw6R2OqLnCt5N0NEhYSJ2gJ1KadU0jvPsC92nJViZ8622-J7pjTHoswQ0YEwVBI63Yv5CGUCMa11_EB9wX02C6ylI4-krXSqw-l52CTWYnqUqAm0dVhfa5l7qTFSExebFsRIVdAoaX9bsrHov_XMqQ1MZ0W_jKtE58pSmox6Gzg4TLUlPjiPH36Wbc9clYGdfYvmt6ibG1HzxVOmx9a7YKBQe-oQvPdplihMg1KoV_MGDfro1xRjdMoMmRADphbUFnq5qkA9rV6lGZyuF0f1uqZvSm_IEZslspvd36yX8gqlGHIcwWjIEpjDge-R9X7W-k16EUeByZXVro8HadiWERCaIYd_RNbSUDC4lY6IDFjNubi7E1UHGMKoB5PyD7SUXwGT26KNYkpNQYe4IvD0-NRJYWhqg_qLVB_ZmeDZcKr2DMivzFxtDyFd3AFpngxHH1YBbSKwlRHxWI3b-9WUcQtwylf0pDgh0vPe4kA67EHGtDJAfs1ebg2Lvxz__-DJ5gw37myhMdn0U6irlkEniy0-uKmvYd8oaQv4g
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F507 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqByXSByCYciLAcecgAfdp6ToDQAAAAA4AeAEAg&bg=!SUqlSg7NAAZzbWp4c207ACkAdvg8WmB1PfZNqZrEUFa5JrcrpTC79N00yDSZo_Apbj37R0zxwbgoDwIAAACnUgAAAAxoAQeZAwq62aSNWADeYpQOAmdjC1i-mUGX4IBpLosHm4xjUKHaULbT_cZCpYLTXaGC9dq6Am8fLFMmMlsa8QQNI0KA_5zNoEERXwjP5jSMo8w8hAdxJ-csTacJXV0UMhUvSlI94TIkbAwuy5a1UwEmKq8__mwJFYTSeq9LVd2D5BHVNSDD3N3uXBAPC6rA0kFAFIPqekdCshq-JZ8ULh41SkggSHw2W82AlEMHPeufGNpy9QG4YN9HpJZsFUaQmzwCd9ntuWiRs3smjkzsws3wT41Oxx0PkG92EwJ1V2Jy5rT759scUB-10uTef1rsFL2LjDBRH4TR-_bSbEDY4rsxbJdngNlLEENg2-9eNRHkpUVI804iAJRdt8c_W5xjrHbtcnxxj-vmROxR28dfMFQQXiRfKVh8ItmvUdd-d73LsasPm3qYXjYnmeNV2cePcceGiqef4XfEaoVpr4Sbq_ttrbqRqcHuXwCkRM9SNPoLBGQeEGch-eUBSd2Wr9_WLqpfXS0yy3bodkEf_zlIi3z0lrWs2Tn4JFbAtmwAXSzX87gAVuecUznFI94ueS32rSIa-7ThTGPQcshqx_6_WwJEUwzOMg-D4q6aZAm19qjmQtTOnidDPHqP-uWBMKYh4Zj65oWoYphAvhZG2os49iSSisgdTFJ5hfW7IWaP95S-h0wsFTBDD19fqld-lWoAsXL6PPpXLAWKcvkhwJiRiuiSb6OO84wsz3LLGcn3qU5HuFmtzqI3NaHMpA-xa9b3SzJHD4NnKMYJz83NiwqSmfmKp2Kn4lGokXkDg2SWf-9wQnkctAO9HlxqK6tSWVV_xyrigLE3P_3W60DG3GVh8cfzP-pvAEp1hgr_vWQtSzM1krblZEmbJ7OFYHtAkIvxESq1qQZfcSTjuVdqi4VGOKphohUJbhWh5e9zPsZw1TR6e2vt4PiOSRbcpbQs_5tgORb7ivcfqUH9uvfQxCTYE4cfE3FoAmUkhwcu1kpQ602PcevJ54QUOm6ZLeUd1a-NsVE1QxCIDip0lcwyrnUa7l-4
Requested by
Host: 0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
URL: https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame DD36 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:32:01 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame DD36 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:21:12 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 5875 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:32:01 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5875 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:21:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7030 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstk-VbXbjvuvX2iV8K5r6m15HOFAluBvRCap2_UcIesuZyrbqLy6UnKTaKcFe43Nq_zhreUIEgD7GXLyfttJMymSgVyXQSZZ1_CQMfGAGnAViuNJwN8t4j4W3LXRJ74KWJbVtyieYg-383cnYgzCP5_MgYja9k_ak0o7LO5AOeLY6mW_XDwX67hgng7y5qczOtCf_zNUUvBzzU3jw3BdeAhB2_LXKZQ0eIO6FWMSc6Sbq47eDvxh7FExYuq-AlYWYdWynPIQ8TLxQu6h_8Rzp7_XzDlDuprQ5jwKKNxG9oejiZKu54jkW1bPFvDvVdqSsy6z48W0XNwW5BhWHGiOsD-jdQfWFg-nBF8OIrtwaXO_FIWRAFQ7pXfubEO74jI-K-7uIR_FBH5rK6ZefotxxSjRmH0HIjBotDf4ORy39iT0Or7NIRgVIQC6LBpDzCilNoolz51dGhOeazUoDj-8sGvDO2vxh8NcpS8gM5rUfdJljqFDiUPPKl9M4yog-c4M7cpih-5qOcG4CkVBNaHtxttq1N5Vx-MvErfDgle1b4pRPwHMisYJy9OJYI6nevBG2v6qCcTHxDyHEa7Y19kqE0AyS8zwGjxuPD6dTtuPeFQ1rlfVavSbuW3Zty1oY1a9auNRxtfoXkoKre8czIdYUztCRhHzwTSaoxJ1_Wq__M6Dn9zRpKbU7wimTiFTepKzNATydOKHUs9UDFQ-QVD2UebVp64r9TGEeZZ15nqXI-DDRJMmUBqjXXhE9OyDL1_AdrcY0C5_4q_2YsB_-ENp-gSuIiDrA8_jBoq3YyppegmW-Cvd-n3LqyzpcSaSjHXFW7q3YMcWnV30Zud2StdeqgxhE-vGiKkrUTqxMWE77YhxnYvSw9LPDRSdSx3NrhU8z8dUjjE6GA2EtR3JsKRautNrC7GzQlxAOTFNJu3C-ydAZHpF_CWrlf5Y2caXsMThnLTdG4fk2Mr-Jr53_TlMiU4ftB6ZEkF8Img8mpbRUPavuIGSxv-eqqkbfcQMXCUAbraEzHoGjvJ_E1nBSXwvnigr9ZLy0P-XWWd8oeANlWuhlK7VsRaO4VfLBV_UowLWbzH7HVNNunAb4lztJbEQrvR8OxDhFa-WAJ640LMjeETkYdR_Sig_K8pgTSVAu9ttlYtw3iEIOOCWuwp1Oeky2jRNmNQp48gPjerLX04r8wT_Sh2yfhro8nPbxBAEHIfjM4TRJnYgdNf0Fkp7d_KAJhB7V8vQu4rshH90hDZtE-hRXDxWGrTFqb6epd_xmhF6GWQzJpgICHUe0zhe-V2pg&sai=AMfl-YR9lZ1g8QTVXLhOZ12_GZX0vLpiH5PeBrlhHUYUcFb31rTvJhCqB9lwbG2ZNeFT40T2PXNk5yj408ypC9knZ39mQ58ZgJ5yYe2_AHzQvkdav-gc5s4H09qCWMyO_axxd0P_7Z22B8zJprWKSu3QxdGgppbxaw&sig=Cg0ArKJSzPitOThyHdDnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=599&vt=11&dtpt=379&dett=3&cstd=216&cisv=r20211029.25689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 29DB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvpbBUjs_flPGAzSgUHO4uaAyA9l1ddk_E4MzgrnqfJztMbq77hnatpBvWcAxzfAStJ7FEo1eZaPhLfzbNYYnJNUwRogcrSHMXiJjuTsS0WYe2PtH2pOAtE_5cYkThhnMxqENcV8XG4RteiTiO-vK0t6MzBSrJgIDjDGsn61kgSX5zy3QEAWCtKlNomA2VWNk3KSdpE5OORqiHPJZe3NwRjOSCEoBXMJwxPLFgSCAOejFiZ0kynJQk6OolwW5XSTFBeGSMqrslhl5_M2YtsN5TeczK2b2txpZjvkS2c4abTTEk8XfZkNHO0YoY88Air0sKdLLtyATQ4Swsa0i2cd5H6r-I3dFGvQ3lXirUg2LluA86lzxt6WVf7UeHEG_GRUTP2n2oQClTBJjiCmxdAElWdxk17ZIkHQFT-FM6lPsW7to2wENJ140oXc7VTjC6nq7yqtltt9F3KGpJ3eg8NfEO0_hqQ7cmAb4BDLhGgF8v1u_0TxJxEEt1YKrqckiuSPzfGX_x164Rfb_jr0QYy1O8_6ZnCHjUWVq4W-H6ldCq0tQCRzepzTnnW-7yXDdqvrGhDaVo6t4UqxQGRb3NFWk0fWArhOZE6EXRz99y4eBThIR857L_p_opDty_BWP8S0wh8-NuWXdfM8kVSOpMPjZIy3gnIfnTA-GdR3aUf4hEyiH38JmanvbgGpaLpeZZtr8tcTPC7iozrAc6H69OlNMCBxd06XF8qi-27hV_ptqF1lNnpOQBcn4Vick9-X4VDYEdB7lJEoLe89EVx6kL7_VkQWRn0ytVFVNY13bzrxVmRYnOOQyl_EDWOvIx5XKMj6j-76Lp87cWTT9c9ARviGCp04XefYVAHs6YoGW0NC3C1lYvaMXNjhoWgLs_Rz4JL1EKdoPlrJDwdl9HLvC_-k9Sj4JNcrDI-OqrXcj1r-jQpF71z2DoLMcSO-Ao3XJAvOBg7TTgNiIT56oNwwywlDzi8lrT5ki1ogPRHPxGeSBNxLgwvIZv1xug2XPAcUt_OwRhWVrheABOWeUKF78wbmyGSTKl8MNk-IzcH6IhEQazjbe8QhiRKIFiWAiSARBaJBbK9zA8ZqGDIvQUvLTCZrsGeRnyun1VsqFSg8YYdarrgJA-38PFs1MrLW0a2D3-ESwyhghj0jiO_Au2F47TjgCieNV2yHWc3LbJIGy3vhbJVZOA6KvlGIdDP4TwLi4P7HZxAGc2D0oee1N4lUtm7yRT8h49FBTBKmKWz84gUUlYXKwCNUIpBHV77hNZ8XqLiVMpM5myAh8t1O4GjuIlx01nw17H&sai=AMfl-YRNK0dMc0yXuijUI4uuG2EJPDTQoxStB7PYIcOwmoy8y9Ln2A4PFcjQ6t8kXhovaUSyJ_gEeeFTkB5gP-xaQZW-gphqKQGBGRRGBKdR4oJMWZaQ-v6mI8z0Rcbre9qXyjCccNdSYJTNzPFglaqJGVLlBMk_vw&sig=Cg0ArKJSzGlYbftFe-_tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=628&vt=11&dtpt=405&dett=3&cstd=216&cisv=r20211029.82467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 5875 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:16:39 GMT
x-content-type-options
nosniff
age
273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:31:39 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 5875 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:13:06 GMT
x-content-type-options
nosniff
age
486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:28:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5875 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6de40fea817c31c0890b9547b8589f2d690370ac9aeea6ec7b176fc3b9bd7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
60005582_20210923010541472_STOERER_x-212_y-92.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5875 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210923010541472_STOERER_x-212_y-92.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b381590846d847bed60ba32d12456a7402cb15c3ac5287c2ed68f94d9042e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:59:20 GMT
x-content-type-options
nosniff
age
22912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6108
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 08:05:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 22:59:20 GMT
60005582_20210923010355980_iPh_XR_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5875 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210923010355980_iPh_XR_ASSET.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c228007f26321178efa6c46f1c5da6368a408c2a77f3d92ac41b8d20273b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61703751/20210607073933803/300x600.html?e=69&leftOffset=0&topOffset=0&c=8NldF5es3E&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 18:15:27 GMT
x-content-type-options
nosniff
age
39945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
155013
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 08:03:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 18:15:27 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 5875 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197255_145933475_-0&ref=25667676_4307561_303197255_145933475_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:12 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DD36 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:16:39 GMT
x-content-type-options
nosniff
age
273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:31:39 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DD36 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:13:06 GMT
x-content-type-options
nosniff
age
486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:28:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DD36 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e568cfb1589484790daff61bf71f2b93f3e1144fcb7311b8e536ca4ef0585ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5326
x-xss-protection
0
60005582_20210906032130669_728x090_Intro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DD36 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210906032130669_728x090_Intro.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e9390bc8fd509467d22ab8cf7f636c12da4657ac4ffd76f6f5d5908699aa1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 03:42:18 GMT
x-content-type-options
nosniff
age
5934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29291
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:21:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 03:42:18 GMT
60005582_20210907032415802_Stoerer_Wechselbonus.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DD36 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907032415802_Stoerer_Wechselbonus.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
519fe910ba95ec9d472f9be9b8fb049ca349c50cdab8ffc14f278ddf2196c64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:22:50 GMT
x-content-type-options
nosniff
age
3502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3747
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 10:24:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 04:22:50 GMT
60005582_20201002051027660_SAM_Galaxy_S20-FE_Blue_Tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DD36 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20201002051027660_SAM_Galaxy_S20-FE_Blue_Tab.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f8079b0e7dae0b4d96728502d4bc9490d7523c4d1f8f02a8f841caef326b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692973/20210607074944362/728x090.html?e=69&leftOffset=0&topOffset=0&c=EIT7FSqlKZ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:07 GMT
x-content-type-options
nosniff
age
85745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48699
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 12:10:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 05:32:07 GMT
postview.gif
portal.o2online.de/nws/img/ Frame DD36 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146026999_-0&ref=25667676_4307561_303197273_146026999_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:12 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5875 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 03 Nov 2021 05:21:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DD36 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 03 Nov 2021 05:21:12 GMT
9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
pagead2.googlesyndication.com/bg/ Frame 5891 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
115756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13471
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:11:56 GMT
9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
pagead2.googlesyndication.com/bg/ Frame 6515 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
115756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13471
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:11:56 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=197020496690&cu=1635916870387&m=2704&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=1&ag=1006&an=47&gi=1&gf=1006&gg=47&ix=1006&ic=1006&ez=1&ck=1006&kw=852&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1006&bx=47&ci=1006&jz=852&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=852&cd=94&ah=852&am=94&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=833106712&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:13 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=197020496690&cu=1635916870387&m=2705&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=1&ag=1006&an=1006&gi=1&gf=1006&gg=1006&ix=1006&ic=1006&ez=1&ck=1006&kw=852&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1006&bx=1006&ci=1006&jz=852&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=852&cd=852&ah=852&am=852&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=11071805&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:13 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=197020496690&cu=1635916870387&m=2706&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=1&ag=1006&an=1006&gi=1&gf=1006&gg=1006&ix=1006&ic=1006&ez=1&ck=1006&kw=852&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1006&bx=1006&ci=1006&jz=852&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=852&cd=852&ah=852&am=852&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=541290469&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7030 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstspQZJAhrtbjaC5EPdOrJwB3H0KtdYcHwfFeslS8cIsRe97hRzx0umE9Na-sbwePSSltAxSUoPlya-p20OpW5v580P09idfIhNBd-Mg7qwP528UXPeoA&sai=AMfl-YTPgHl174sD_HBm1VAw6bMYJkzaghvrqohg3lvJ-P8-zZt-AWrmCW24OPEwWpmBmM2g85gdrNa-NvEIyckvMG5AB18xUaoHrvwJ5_BoxetWcfcZalNtaFxImtan&sig=Cg0ArKJSzMBhxJXwXKCREAE&cid=CAASEuRoJJNiNS-yWUceEpnO-om4hw&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3989627229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635916871602&rpt=633&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ssc-cms.33across.com/ps/ Frame 96D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dJ-bV6Byur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.176 -, , ASN (),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Wed, 03 Nov 2021 05:21:16 GMT
usersync
rtb.gumgum.com/ Frame B09B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=07b06182-1c4c-4200-b1c2-156058864336&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=07b06182-1c4c-4200-b1c2-156058864336&gdpr=1&gdpr_consent=
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 03 Nov 2021 05:21:16 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=07b06182-1c4c-4200-b1c2-156058864336&gdpr=1&gdpr_consent=
Expires
Wed, 03 Nov 2021 05:21:15 GMT
sync
eb2.3lift.com/ Frame 0590 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a25b63420a3cdc785ff64937ee58d213251f6d402c2a9b2d4ddf9ea0b31f46f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
text/html; charset=utf-8
content-length
464
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8724 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 03 Nov 2021 05:21:16 GMT
Age
854
X-Served-By
cache-lga21933-LGA, cache-fra19179-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 4306
X-Timer
S1635916877.726767,VS0,VE0
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 16CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dMRW1kByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.176 -, , ASN (),
Reverse DNS
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Wed, 03 Nov 2021 05:21:16 GMT
usync.html
eus.rubiconproject.com/ Frame 1A5A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Nov 2021 05:21:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 20CB
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Connection
Keep-Alive
Cache-Control
max-age=81709
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx00000000000001fc6e7a6-00618209fa-67d82fc-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
96
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1635916877.dop231.fr8.t,1635916877.cds139.fr8.shn,1635916877.cds139.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
pd
eu-u.openx.net/w/1.0/ Frame 3F24 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
559bfc17e1fb2dbfa3f1af79753e00a368d06a5962aa3acfd101fbb75168c72b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1916825912516056161
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1916825912516056161
Protocol
H2
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:16 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ff1041b6-9767-43a0-9ce5-5b8247e7b83b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1916825912516056161
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=463291&dpuuid=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=1e0a41f5-bef9-4eef-9e4e-6d98723f22c4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=1e0a41f5-bef9-4eef-9e4e-6d98723f22c4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=c3d494fb-a999-48b9-b9f0-ea0a0e81d9e7&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOKT1pS99-ZyRdDNw68o_a8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1916825912516056161&opid=apx&ops=&utidl=tech:goo:CAESEOKT1pS99-ZyRdDNw68o_a8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22194734217&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=fc21078429e6cd235fb42b20154ef60d&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
generic
match.adsrvr.org/track/cmf/ Frame 0590 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 0590
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELEm1J_V8WH-j4IMPtv_oQ8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELEm1J_V8WH-j4IMPtv_oQ8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELEm1J_V8WH-j4IMPtv_oQ8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0590
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1MTQ2NjYwODk3NzA4NDUyNTA%3D
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0590 		0
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13514666089770845250&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
SqVWeLvxsxZQt8QSzSoAAA==
xuid
eb2.3lift.com/ Frame 0590
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13514666089770845250?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-H1HwW9hE2oTo.Bp951Oi6WWMEii5P6u_8NDt9PilTw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-H1HwW9hE2oTo.Bp951Oi6WWMEii5P6u_8NDt9PilTw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 03 Nov 2021 05:21:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-H1HwW9hE2oTo.Bp951Oi6WWMEii5P6u_8NDt9PilTw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 0590 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=13514666089770845250&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.195.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 0590 		42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13514666089770845250&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3670E1EAF08E4861B630A92F03ADE647 Ref B: FRAEDGE1410 Ref C: 2021-11-03T05:21:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 0590
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13514666089770845250
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13514666089770845250&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13514666089770845250&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E29FAPMC0P8V847MR2CF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13514666089770845250&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0590
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0590
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8628630469474301415&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8628630469474301415&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8628630469474301415&dongle=d407
pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
eu-u.openx.net/w/1.0/ Frame 3F24
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=07b06182-1c4c-4200-b1c2-156058864336
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=07b06182-1c4c-4200-b1c2-156058864336
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 03 Nov 2021 05:21:16 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=07b06182-1c4c-4200-b1c2-156058864336
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 05:21:15 GMT
sd
us-u.openx.net/w/1.0/ Frame 3F24
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kXcGvZYlCrmKJAa5n3ETuMUkDumKIwm4xSSgE36x
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kXcGvZYlCrmKJAa5n3ETuMUkDumKIwm4xSSgE36x
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=kXcGvZYlCrmKJAa5n3ETuMUkDumKIwm4xSSgE36x
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3F24
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6071657934346466747
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6071657934346466747
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6071657934346466747
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 3F24 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=de41452d-4e53-376f-5189-e3690d323bcd&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3F24 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjIyZTk2ZTctODcyNC02OWNiLTQ0NjktYjlkMGM3ZDBmNWFk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3F24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOnyovjaEHRZUskj7dY-RC0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1A5A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
42791965699adfa7e125cbe73f7dc87064f957276c275e352cb016e8488ab257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Nov 2021 17:32:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47019
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9396
Expires
Wed, 03 Nov 2021 18:24:55 GMT
async_usersync
ib.adnxs.com/ Frame 8724 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:16 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0c764441-6f8e-47fd-9b21-f967141b5991
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 1A5A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 1A5A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYIcTAABtxuHHwBG
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYIcTAABtxuHHwBG&_test=YYIcTAABtxuHHwBG
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYIcTAABtxuHHwBG&_test=YYIcTAABtxuHHwBG
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635916877.008615,VS0,VE0
x-served-by
cache-fra19166-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYIcTAABtxuHHwBG&_test=YYIcTAABtxuHHwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 1A5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
v1
ads.yahoo.com/cms/ Frame 1A5A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVJ2O07U-J-IW0E&sigv=1&esig=2~af6daddcdcbcd6365d59fc35c2f65ea0ab8cdc1b
0
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVJ2O07U-J-IW0E&sigv=1&esig=2~af6daddcdcbcd6365d59fc35c2f65ea0ab8cdc1b
Protocol
H2
Server
2a00:1288:80:800::7000 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVJ2O07U-J-IW0E&sigv=1&esig=2~af6daddcdcbcd6365d59fc35c2f65ea0ab8cdc1b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1A5A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJjZDNhZjZkY2Y0MWFmNGViMDM4OWEyOTI3MmQ2ODgxNGNhOTZlMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJjZDNhZjZkY2Y0MWFmNGViMDM4OWEyOTI3MmQ2ODgxNGNhOTZlMA
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJjZDNhZjZkY2Y0MWFmNGViMDM4OWEyOTI3MmQ2ODgxNGNhOTZlMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1A5A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=07b06182-1c4c-4200-b1c2-156058864336&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=07b06182-1c4c-4200-b1c2-156058864336&expires=28
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Wed, 03 Nov 2021 05:21:16 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=07b06182-1c4c-4200-b1c2-156058864336&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 05:21:15 GMT
tap.php
pixel.rubiconproject.com/ Frame 1A5A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cGzpwMhZ5DpO1Q5njMczow?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4108659570740189488
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4108659570740189488
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Wed, 03 Nov 2021 05:21:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4108659570740189488
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 1A5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKT0VKAtr-oE08KSHfPYCBM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKT0VKAtr-oE08KSHfPYCBM&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKT0VKAtr-oE08KSHfPYCBM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 3295
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Nov 2021 05:21:17 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Wed, 03 Nov 2021 05:21:17 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 93E4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=62017
expires
Wed, 03 Nov 2021 22:34:54 GMT
date
Wed, 03 Nov 2021 05:21:17 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 55B6 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 03 Nov 2021 05:21:17 GMT
Age
15638214
X-Served-By
cache-lga21975-LGA, cache-fra19179-FRA
X-Cache
HIT, HIT
X-Cache-Hits
11367, 113854
X-Timer
S1635916877.070526,VS0,VE0
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 20CB
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=e79fcae2-f7cc-0486-3a05-237c8c69f940
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=e79fcae2-f7cc-0486-3a05-237c8c69f940
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=e79fcae2-f7cc-0486-3a05-237c8c69f940
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1koedsfb3l3u0gehr9b0608arg259ern
i.gif
e.serverbid.com/udb/9969/sync/ Frame 20CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1916825912516056161
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1916825912516056161
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
46f543b9-d291-40f5-a83b-cc8f8e7a9386
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1916825912516056161
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 20CB
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 20CB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYIcSF5aDl43-TgwUk9z.AAA%261123
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYIcSF5aDl43-TgwUk9z.AAA%261123
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYIcSF5aDl43-TgwUk9z.AAA%261123
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 03 Nov 2021 05:21:17 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 20CB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=64e4eb142ee249f40cfed8c2
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=64e4eb142ee249f40cfed8c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=64e4eb142ee249f40cfed8c2
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 20CB 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
p.adsymptotic.com/d/px/ Frame 20CB
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.5834961392902747%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
cache-control
no-cache
content-length
0
async_usersync
secure.adnxs.com/ Frame 55B6 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 -, , ASN (),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ffed2aff-10bd-4b11-a086-e8cfad6f4dc2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=197020496690&cu=1635916870387&m=6736&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=1&ag=5037&an=1006&gi=1&gf=5037&gg=1006&ix=5037&ic=5037&ez=1&ck=1006&kw=852&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5037&bx=1006&ci=1006&jz=852&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4874&cd=852&ah=4874&am=852&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=2074894076&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:17 GMT
usync.js
eus.rubiconproject.com/ Frame 3295 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
42791965699adfa7e125cbe73f7dc87064f957276c275e352cb016e8488ab257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Nov 2021 17:32:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47018
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9396
Expires
Wed, 03 Nov 2021 18:24:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 93E4 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78893153&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f1ac6f6df89f8ade2af9089da56d3fddb3776fe86760eb2423bdcb35ac9d118

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:15 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3295 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 3492 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CBC4800E-1946-422B-883D-AD33D1F59D7A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:17 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E979
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7625814139216508103
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7625814139216508103
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:382
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7625814139216508103
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F826 		43 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 03 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1169060
Pug
simage2.pubmatic.com/AdServer/ Frame 3C6D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026209485693319307
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026209485693319307
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:06:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0022:0:409
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 03 Nov 2021 05:21:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026209485693319307
Pug
simage2.pubmatic.com/AdServer/ Frame B636
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYIcTAABtxuHHwBG&gdpr=0&gdpr_consent=
1 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYIcTAABtxuHHwBG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug015:0:424
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYIcTAABtxuHHwBG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 03 Nov 2021 05:21:17 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1635916877.223285,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 9A63
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJVHlrN0RCRGtBQURiS0R0b0NJdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAITyk7DBDkAADbKDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAITyk7DBDkAADbKDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAITyk7DBDkAADbKDtoCIw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame FB7F
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
108 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:04:16 GMT
content-type
text/html; charset=utf-8
x-lat
amspug0021:2:191
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 03 Nov 2021 05:21:17 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame B31A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3881012348
  • https://sync.1rx.io/usersync/tradedesk/206ea11f-4306-4bd1-96e8-8181872fb3c6
  • https://sync.targeting.unrulymedia.com/csync/RX-7fac1846-3005-4f2c-af13-bdc143948554-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fac1846-3005-4f2c-af13-bdc143948554-003
42 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fac1846-3005-4f2c-af13-bdc143948554-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug010:0:354
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 03 Nov 2021 05:21:17 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fac1846-3005-4f2c-af13-bdc143948554-003
etag
RX7fac184630054f2caf13bdc143948554003
dpe
ad4m.at/ad/ Frame 9AF4 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a832882d8a3698b-FRA
Pug
image2.pubmatic.com/AdServer/ Frame E15A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aIKxZ1uCX35ZbCYRh1KMXwPB
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aIKxZ1uCX35ZbCYRh1KMXwPB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug008:0:418
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 03 Nov 2021 05:21:17 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aIKxZ1uCX35ZbCYRh1KMXwPB
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame AE29 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.232.228 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
sjc-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 6211
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:276895634588953
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:276895634588953
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 05:21:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug013:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
komodo-fb3090a42ec5@version_1.342
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:276895634588953
Content-Type
text/html; charset=utf-8
Content-Length
287
X-core-time
0ms
Date
Wed, 03 Nov 2021 05:21:17 GMT
141
match.deepintent.com/usersync/ Frame 84F8 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 03 Nov 2021 05:21:16 GMT
server
a
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B626
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f20afa0d-a076-4436-a134-e68a6a919ec1-tuct87ba1cd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f20afa0d-a076-4436-a134-e68a6a919ec1-tuct87ba1cd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 03 Nov 2021 05:21:17 GMT
via
1.1 varnish
x-served-by
cache-fra19128-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635916877.292989,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f20afa0d-a076-4436-a134-e68a6a919ec1-tuct87ba1cd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 03 Nov 2021 05:21:17 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635916877.249680,VS0,VE9
x-vcl-time-ms
9
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame EE63 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=CBC4800E-1946-422B-883D-AD33D1F59D7A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 03 Nov 2021 05:21:17 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 93E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y8SADhlGQiuIPa0z0fWdeg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
2.18.233.180 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=62017
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 03 Nov 2021 22:34:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=07b06182-1c4c-4200-b1c2-156058864336
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=07b06182-1c4c-4200-b1c2-156058864336
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=07b06182-1c4c-4200-b1c2-156058864336
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 05:21:16 GMT
/
pixel.onaudience.com/ Frame 93E4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CBC4800E-1946-422B-883D-AD33D1F59D7A
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f09cca092f4192877c1b16480aae677f
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f09cca092f4192877c1b16480aae677f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Server
51.210.112.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Wed, 03 Nov 2021 05:21:17 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f09cca092f4192877c1b16480aae677f
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0JDNDgwMEUtMTk0Ni00MjJCLTg4M0QtQUQzM0QxRjU5RDdB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:343
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC93wTElvVOleVGJwKS1Vtk&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC93wTElvVOleVGJwKS1Vtk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC93wTElvVOleVGJwKS1Vtk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 93E4 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Nov 2021 05:21:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:07b06182-1c4c-4200-b1c2-156058864336&gdpr=0&gdpr_consent=
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:07b06182-1c4c-4200-b1c2-156058864336&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:07b06182-1c4c-4200-b1c2-156058864336&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 05:21:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=206ea11f-4306-4bd1-96e8-8181872fb3c6
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=206ea11f-4306-4bd1-96e8-8181872fb3c6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:562
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=206ea11f-4306-4bd1-96e8-8181872fb3c6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6071657934346466747
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6071657934346466747
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6071657934346466747
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1916825912516056161&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1916825912516056161&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:358
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d1aea47e-116f-47f5-9a8e-252209c49734
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1916825912516056161&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YgUWaWVXGm15VhZtbAMDbDZWHj15URlsNlYfyN8P
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YgUWaWVXGm15VhZtbAMDbDZWHj15URlsNlYfyN8P
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YgUWaWVXGm15VhZtbAMDbDZWHj15URlsNlYfyN8P
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CBC4800E-1946-422B-883D-AD33D1F59D7A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8.zTu1ZE2uXJ7jCen4NnPuNG86YWz8A-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8.zTu1ZE2uXJ7jCen4NnPuNG86YWz8A-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8.zTu1ZE2uXJ7jCen4NnPuNG86YWz8A-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
CBC4800E-1946-422B-883D-AD33D1F59D7A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 93E4 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CBC4800E-1946-422B-883D-AD33D1F59D7A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:b508:a921:ac6e:d806 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c3d494fb-a999-48b9-b9f0-ea0a0e81d9e7&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c53de697-36d5-4e4e-b68e-9c6a5e0d3b4c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c53de697-36d5-4e4e-b68e-9c6a5e0d3b4c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:408
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c53de697-36d5-4e4e-b68e-9c6a5e0d3b4c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 03 Nov 2021 05:21:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 93E4 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CBC4800E-1946-422B-883D-AD33D1F59D7A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8628630469474301415&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8628630469474301415&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:373
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8628630469474301415&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:627397f4-2110-45b5-9669-96bb4f0f4232&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:627397f4-2110-45b5-9669-96bb4f0f4232&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:627397f4-2110-45b5-9669-96bb4f0f4232&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 03 Nov 2021 05:21:17 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 93E4
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1916825912516056161
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1916825912516056161
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:21:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:253
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a32a3004-1d87-4996-bba5-5383e1fce401
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1916825912516056161
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 93E4 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.kero&zMoatAdUnit2=home&zMoatAdUnit3=landing&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2F8%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-yVEldYv6BziEcg%3D%3D&sc=1&os=1-zA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.turnto23.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=996770494360&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=1050&gp=2256.671875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.turnto23.com%2F&id=1&ii=4&f=0&j=&t=1635916870387&de=985519088657&cu=1635916870387&m=7161&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=2256.671875&lb=16578&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A901%3A901%3A1694%3A881&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5215&cd=10&ah=5215&am=10&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115768602741&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195402&na=824202139&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 05:21:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 03 Nov 2021 05:21:17 GMT
async_usersync
ib.adnxs.com/ Frame 8724 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 05:21:17 GMT
X-Proxy-Origin
168.119.25.195; 168.119.25.195; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
30ca0a95-843b-4db1-b014-d958d18f03d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPUFSSvkO9vd8_ISoJNHV7Q&google_cver=1&google_push=AYg5qPLzDQtNp1TCoysIPw_8WTh-89f4IW3LOptl1LkwHE_HK8yAqqm3VmCjrkldUhQh6BqSwORU6jdaSD2SlsqW9nk02kW-MG0
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer function| x00_0x278e function| x00_0x4a36 object| _Scanner function| onReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag function| moatYieldReady object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo object| otStubData function| fbAsyncInit function| ready function| loadChartbeat string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| FB boolean| apstagLOADED undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_51512523 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| HeaderSM object| google_tag_manager function| pbjsChunk object| _pbjsGlobals object| google_tag_data object| _comscore object| _qevents string| ssaUrl string| GoogleAnalyticsObject function| ga object| optimizely function| ia function| _typeof object| PARSELY object| Optanon object| OneTrust object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE object| _0x5193 function| _0x27fd object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint string| jsWxTemp string| jsWxCond object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

48 Cookies

Domain/Path Name / Value
.turnto23.com/ Name: _gcl_au
Value: 1.1.527268486.1635916871
.turnto23.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.turnto23.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1635916870562%2C%22slts%22:0}
.turnto23.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b8875a29beead1d6f7e8f642c62840c2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1635916870562}
.turnto23.com/ Name: _ga
Value: GA1.2.981218540.1635916871
.turnto23.com/ Name: _gid
Value: GA1.2.735598621.1635916871
.scorecardresearch.com/ Name: UID
Value: 1JY7MW1MMKD4ST2TLB5OWFg1635916871
.turnto23.com/ Name: _gat_ScrippsEnterprise
Value: 1
.turnto23.com/ Name: _gat
Value: 1
.www.turnto23.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Nov+03+2021+05%3A21%3A10+GMT%2B0000+(GMT)&version=6.15.0&hosts=&landingPath=https%3A%2F%2Fwww.turnto23.com%2F&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0004%3A1%2CC0002%3A1
.media.net/ Name: gdpr_status
Value: 1
.quantserve.com/ Name: mc
Value: 61821c46-b8687-7bb0f-e77bb
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.qq-8LeSiFvvZs1RLlLF2ahQGDBQ_TEyohe7Icr2L8Tk2ZV4MDBKOFg.nd-RYt5rl3GV1BV3.0ewOmscRhYUAm9I-b85LGVzuO2T_KkWNtMNmuQgbCSM7WdYY8V7oG0WKas7moqzWidQQoVyk_GgIY8YLqJZ0xe6f5XrkJo9wLZ1MBfHZxcdk9XeWZgaMz4-SElugp29jr0J6oRbURrJWX_WZCz6xfu7AdgdlPITee8w-mqAjCvs46eDYdBFto9b-bszk3nmIHQ8e0MJ-i561M01nOwIoc8YALiHJ4z4Rf04NHrwfasYhV6gTmFOjea7dotDAAjQWN0fUzk607Kq4grsCnoIi8THRy6-l5k8wN8AqKahn_GosbEej9y2pZVXZWFZXQsU8Xge8-vc7AK3Fsm5or7uNHbrxqhR5vh99dkE3sAnsxXY.cvaWhj1KCXfjkYaby8YW0g
.pymx5.com/ Name: _ia_version
Value: 2
.turnto23.com/ Name: __qca
Value: P0-1079958754-1635916870738
www.turnto23.com/ Name: mnet_session_depth
Value: 1%7C1635916870823
.openx.net/ Name: i
Value: 0ded7a74-e7d4-0898-0b5f-2b8169150830|1635916870
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm845wFyC1nEdJe_i0vbL1iSxv_BAMOjyAWXcU5g4XObNUfgtsx6P2hY7LEeTvlMuIM
.gumgum.com/ Name: vst
Value: e_2ebe0645-b6fd-4bda-a4d0-2937d7adc742
.adnxs.com/ Name: icu
Value: ChgIxIZ3EAoYASABKAEwx7iIjAY4AUABSAEQx7iIjAYYAA..
.adnxs.com/ Name: uuid2
Value: 1916825912516056161
e.serverbid.com/ Name: azk
Value: ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
.rubiconproject.com/ Name: khaos
Value: KVJ2O07U-J-IW0E
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8EvrzPAh1r4z5NGroQMTyZLOPgOikSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFQIioAWpDL9dOsX4JPWMcjCRbro=
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2mwf2Kw4syKa3T44WD0xC8rrUfOpRTiXElMNVEfWi2ygViUmb+7gdvmcXfZYZk9q5JdG1IAFRyyiYbB5SW5XQ3/lc30Coghjc=
.doubleclick.net/ Name: IDE
Value: AHWqTUkbvMLmen9JBwHCpmHpS4h6rVRyaXj7mwnQGOr7S_9TxWOu8oGjWVtucJGzcUM
.turnto23.com/ Name: __gads
Value: ID=c9cbfd943fc4f231:T=1635916871:S=ALNI_Ma2VqFbjueOvy13ozzBR9R8XoCBEw
.casalemedia.com/ Name: CMID
Value: YYIcSF5aDl43-TgwUk9z.AAA
.casalemedia.com/ Name: CMPS
Value: 5207
.casalemedia.com/ Name: CMPRO
Value: 1123
.casalemedia.com/ Name: CMST
Value: YYIcSGGCHEgA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%so.N>7!]tbPl1M>e)ZlrFUfJ+tGXxoTMZRpKVDi=m?h%p%U*w<iQ8zUJQ<7wl-Fj6S%nugO%v4VB%nmGZ)nT+7
.casalemedia.com/ Name: CMRUM3
Value: 2d61821c482760CAESEAIM4ZrykIstKYCTmudkmdk
.3lift.com/ Name: tluid
Value: 13514666089770845250
.w55c.net/ Name: wfivefivec
Value: 37pJUVBg1MI8I05
.360yield.com/ Name: tuuid
Value: 1e0a41f5-bef9-4eef-9e4e-6d98723f22c4
.360yield.com/ Name: tuuid_lu
Value: 1635916872
.w55c.net/ Name: matchgoogle
Value: 5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221939D3D5-2A60-492A-8E63-EEC9DC422403%22%7D
.blismedia.com/ Name: b
Value: 61821C48A1E6590ED8F265B4BLIS
.advertising.com/ Name: APID
Value: UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
.lijit.com/ Name: ljt_reader
Value: 64e4eb142ee249f40cfed8c2
.smartadserver.com/ Name: pid
Value: 827076178786730243
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146026999_-0&ref=25667676_4307561_303197273_146026999_-0
.yahoo.com/ Name: A3
Value: d=AQABBEkcgmECENdC2fMh_F6HIjBRwnyB__EFEgEBAQFtg2GLYQAAAAAA_eMAAA&S=AQAAAj_nvYyRnGwKW4Nhigw88dM
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~21bh
.yahoo.com/ Name: APID
Value: UPdc1e4f98-3c65-11ec-bab1-0683570c9c3a
.yahoo.com/ Name: APIDTS
Value: 1635916875

6 Console Messages

Source Level URL
Text
network error URL: https://assets.scrippsdigital.com/cms/images/color_schemes/kero/square--144.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HgpB9b75Tu-eTm2Ycj8ixA&google_push=AYg5qPLkOwX81gKcB-ipxxmGhepHagCIhpLsm9DfYZ2mb4HZO9Xuhn3cvBO2zU-Eym96QNX6fFN4zANz3LumPklnpKsDL4fICpU
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-ff5483cc-fa53-46eb-9b35-8d41671a295d
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOql3hGgaBgkVPu7fUmG6FSoubI_oA4sltabQqeg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a778f7e86cb45bf1c012df73f61d903.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b1sync.zemanta.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.parsely.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mb.moatads.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
pymx5.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
sync.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
turnto23.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.turnto23.com
x.bidswitch.net
cm.g.doubleclick.net
dpm.demdex.net
google2waycm.netmng.com
104.111.242.245
104.18.100.194
13.32.21.201
13.32.22.112
13.32.22.42
13.35.253.75
13.35.253.85
134.209.131.220
142.250.186.134
142.250.186.98
143.204.215.18
15.197.193.217
151.101.130.49
151.101.65.108
151.101.65.44
159.65.196.12
162.55.6.212
169.197.150.8
169.50.137.190
172.217.18.98
178.162.133.149
178.250.0.163
18.171.9.184
18.184.95.242
18.196.195.54
185.29.134.244
185.33.220.100
185.33.221.15
185.64.189.110
185.64.190.78
185.86.138.143
195.5.165.20
198.47.127.20
199.187.193.177
2.18.233.180
2.18.234.21
2.18.235.40
2.18.235.93
2.19.35.65
2001:678:cb4:bbbb::11
205.185.216.42
208.100.17.176
213.155.156.164
213.19.147.44
216.58.212.130
23.79.143.124
2600:9000:211e:1400:10:618e:d880:93a1
2600:9000:211e:9a00:6:44e3:f8c0:93a1
2600:9000:211e:ec00:13:a391:88c0:21
2602:803:c004:200::143
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:cb69
2606:4700:3037::6815:4e07
2606:4700::6810:9540
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9a
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:400::300
2a05:d018:d29:3601:b508:a921:ac6e:d806
3.126.56.137
3.65.202.227
34.149.20.76
34.254.143.3
34.96.105.8
34.96.74.203
34.98.107.212
34.98.64.218
35.156.135.60
35.190.0.66
35.227.203.93
35.227.252.103
35.244.174.68
37.157.4.23
51.210.112.236
52.17.151.21
52.205.167.202
52.212.206.16
52.28.203.152
52.46.154.242
52.57.26.239
54.77.19.59
64.74.236.63
65.9.7.60
65.9.71.50
66.155.71.150
66.155.71.25
69.173.144.139
72.251.232.228
72.251.249.13
76.223.111.18
8.43.72.98
82.113.101.132
85.114.159.93
87.98.128.108
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
068ae1f4db763f31c44a90a28ccb3a8daea83f76d3db8a33bd3cc32fd8fd480c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0742535236a5186724f83e18514d8976f2715f1064462183bb13d1dad4951e4f
097d55ce2f09439c5e880c63873057662a72a7e55fa5b1dcba1f6fe763773158
0a60daa97152adfc4f1a0401c14b2fa601336ee6c3c98204702fd94a64fb6257
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3114b72e12428c4b4dce5b462c2e313e1af462ba551fac9e103aa58bc3947b
0eb0edcc6301cb11ae54667351549ea1543dfaffa5623b5245ae07d5499de81d
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
14cf57b9eead9c383b8c8f63147a6fb2bfd4e9778a3110298ca1425c399b19a0
167a9578ab67511f8467d8e46ead1ddad66e37c37161f0b1352eda13eb4f3d0f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fa66d6d9e9597366e874ecbfd5b1fb97acbe1d870527470b2590b926bc659d4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c
26cdc0226b2d4d1e0fecd82c5a150694000a138fbec6635902afbd8a8928dfd3
270bd922f6b137e19d5cc6cd9342b03991c40d2472f81b0470d9386522515ff1
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
2d587d5f76374b6b44152b83c6a3a4be81db0e9b153eb22b43db41d677156b85
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fb64f17d09944fe60defa529eec097702c4b8e78022e7c13aef96c7e424584
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
342a5ce10a6f77a4ff2c36d64c312d2d21785a18b0db9516562bf982801c9973
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39871bd210a4429e177f43daf35a3784e1f95fac63789db9553ba8625fc0aa5d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c
3fc2b99baed4a40d29783692d44aa2e7a4e3e7cb050d007212613899334d3253
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b9f2b21792d9e6af2064c20af5eb167f5db59d26037a31a59a76cf2d5727e5
42791965699adfa7e125cbe73f7dc87064f957276c275e352cb016e8488ab257
442e4d9f47f0599917e4c6c1cac461d5ec838fb3fd0d870cb33c46e8090f3e51
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d862f62a1c16b9e0cb732777b603dbe7201bc230e339404a3bae0a7a845e536
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519fe910ba95ec9d472f9be9b8fb049ca349c50cdab8ffc14f278ddf2196c64e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559bfc17e1fb2dbfa3f1af79753e00a368d06a5962aa3acfd101fbb75168c72b
5898e82c5c3724a48e4c0b36fedbcdd4a1115fc335ad5e018b8c4d91d1943ac1
5c82632f830ff80ae452e6b972a6e6c52d65f68f556fa0e983983960070aa099
5d2395e805a4cf653925e16351349d5c7e6cb76763f56dd7091aad2c67b80827
5ed80f7de4f71bf8923bf514c53c7064aac4f513527d4f61d80706ce9992d870
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65e20a04353726a0aa3e8212a47ec054698c9347b737672d566be2837c507c20
66a56901b423b02d2993e3e5090b2f2757f31adf8670ec0c07bff4ee3d54e27c
6716207d8af64d06be048ab0b7fd9c4e723b8bb6fdb5ceabada90866127fae0c
67e96c5db0f9c22c7952a2b3e76a5a67201893d6060be162d4216769e0ec8c5f
69e636db7f559652e56ba4f5b095e9204efaf513243e2b858dc13881b1bf32f4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e619fe3223a26faac6cff9311c9aa356ea9544d1453b489772cb0a59b7ea472
6e9390bc8fd509467d22ab8cf7f636c12da4657ac4ffd76f6f5d5908699aa1e8
6f1ac6f6df89f8ade2af9089da56d3fddb3776fe86760eb2423bdcb35ac9d118
70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ae7e314400b361df284ddf65e1173804ca99c0d4379286c422cd37a314bc4f5
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
7dab23eac6de3298e9dd1550ece6f78c1383cf09931ba0e989eda771f2acc3eb
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85df47e0b841fa5740b3ae738f6449b5c5f5e052c970a02c79a0f034a2e2cb5c
85f68ec80fff0a43aff57495efeec7f4bbd48bdb4556740276a6478bf11766ea
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87d11191492a71fdb33ef02b7fdaafdcf9331127beeef13e7abf56af5990f070
88af98f90d30914b8e4d0c7592105987f3ea400f6b8c699a27583f626a15afce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad4bbdd2396400aaaca1b3465295b903fc528152a1fb9c4107245ebdcdc9a38
8bf78cc1055b58cb594c35ea6e8abfa063edb07a72ef2f2d41120123e9a13cbf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248
9058b67a8458554f0d07463b92e0f994c8ec8cdc79b705f2eff8b882fc7a0f64
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94fcc6d35f6fa03a0459a3aca050d214b723e0c26fb5872feaf482ba82f3682b
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad862c84744488161582ce05717640724c6e1698d5c8821dd164b9563b2d36b
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a029ccdb179d289334f5c1e8ddf0932912c6d26633762acd73a9e73a538fbe41
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25b63420a3cdc785ff64937ee58d213251f6d402c2a9b2d4ddf9ea0b31f46f9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a824da043346112326edecefca2e483ffd77ba505f29b339b25d7f87fdbaf395
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a8afc8f030f800513d79e636e279485daa0c5f3cd8634f5574dc8ff7d959a513
a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b381590846d847bed60ba32d12456a7402cb15c3ac5287c2ed68f94d9042e1e9
b5df800fcd6fd7760874b65beb803e16f200ec76063361fae55e1a7d24719e40
b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c20d7999a7c13f4d4cdda3b94d4d69eb6640c232b7a16df08dc597cd82b1d1df
c23a9028e37473903cb24a477fdf010875553ca5a9398e90a8794ec4fb970f6d
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c888cad41f1abd8cfd3461e0dcd9b1b4a777101bb23f6c3dff2fb7d63e822084
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
ce14350e4f58ce7716971e2d9d28d0a541082065fae25dbd2f4375417de101c5
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1b138f69de857d2da017c4a770478a5e54552962d3256631fd9811f8ca3c22f
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d53efcbbd7d9e5738d7793fe5d6beaf63d59316ce9d2fa1a9dcba63213d96fbc
d5f8079b0e7dae0b4d96728502d4bc9490d7523c4d1f8f02a8f841caef326b52
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d7c7356567acafc6988201935642a78f1f2a2139aeed2ab383cf483430fbd316
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
dc5f156d20e389fd1d7f51678cac1da858ea05adba976e90a67d776408b223ce
e2646b88a65626848347e7dd3df40fdb369e1dd42566c4ff0a5aeda579c8d356
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e568cfb1589484790daff61bf71f2b93f3e1144fcb7311b8e536ca4ef0585ae5
eb7f00e7169a2ecbdb291d2959a093e6524d29347c47f866420f2afd16b12c44
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f2083a44752d1c6d0cb8a311ee6083bf6e7ebf9219dff075803e64cb777d6
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f3c228007f26321178efa6c46f1c5da6368a408c2a77f3d92ac41b8d20273b3a
f453b4f5a256e8752c58e85146ec810f8ed8317dc4dc687ae001ca6a2b68f872
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
f68ba9ea52969fb30dca0370962056160abc5cbc8dba244b9dbf575af356e2ad
f6de40fea817c31c0890b9547b8589f2d690370ac9aeea6ec7b176fc3b9bd7f9
fc483e89d348078cd392a9959799a43a3499737962c1449a18e9496a6808918a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62