wjon.com Open in urlscan Pro
192.229.233.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wjon.com/
Effective URL:
https://wjon.com/
Submission: On August 05 via manual (August 5th 2022, 12:30:18 pm UTC) from US — Scanned from DE

Summary HTTP 398 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 92 IPs in 10 countries across 71 domains to perform 398 HTTP transactions. The main IP is 192.229.233.217, located in United States and belongs to EDGECAST, US. The main domain is wjon.com. The Cisco Umbrella rank of the primary domain is 289802.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 13th 2022. Valid for: 4 months.

This is the only time wjon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	192.229.233.217 192.229.233.217	15133 (EDGECAST) (EDGECAST)
38	192.229.144.129 192.229.144.129	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:4a00:0:b015:b300:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
8	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f20... 2a03:2880:f207:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
3	92.123.21.200 92.123.21.200	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7 14	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
11	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 10	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	104.103.86.63 104.103.86.63	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
6	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
3	3.120.106.63 3.120.106.63	16509 (AMAZON-02) (AMAZON-02)
3	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	3.121.8.16 3.121.8.16	16509 (AMAZON-02) (AMAZON-02)
6 12	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.241.55.221 34.241.55.221	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	69.166.1.15 69.166.1.15	27630 (AS-XFERNET) (AS-XFERNET)
15	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	13.32.110.7 13.32.110.7	16509 (AMAZON-02) (AMAZON-02)
6	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	54.69.95.91 54.69.95.91	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	2.20.73.51 2.20.73.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.121.54 13.32.121.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.218.238.35 52.218.238.35	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	54.74.193.12 54.74.193.12	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3123:a000::d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	52.92.177.184 52.92.177.184	16509 (AMAZON-02) (AMAZON-02)
3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223c:fe00:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.29 18.66.97.29	16509 (AMAZON-02) (AMAZON-02)
6	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
9 22	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	18.193.198.179 18.193.198.179	16509 (AMAZON-02) (AMAZON-02)
12 13	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
9	34.239.52.148 34.239.52.148	14618 (AMAZON-AES) (AMAZON-AES)
2 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
3 3	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 9	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	54.211.243.57 54.211.243.57	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	18.194.25.184 18.194.25.184	16509 (AMAZON-02) (AMAZON-02)
1 1	52.54.46.88 52.54.46.88	14618 (AMAZON-AES) (AMAZON-AES)
1	3.67.157.21 3.67.157.21	16509 (AMAZON-02) (AMAZON-02)
1 2	52.45.92.187 52.45.92.187	14618 (AMAZON-AES) (AMAZON-AES)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:358d:1e8a:10d4:e287	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
398	92

26 192.229.233.217 (United States) 1 redirects

ASN15133 (EDGECAST, US)

wjon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 192.229.144.129 (United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:4a00:0:b015:b300:21 (United States)

ASN16509 (AMAZON-02, US)

dbejeqv8nk3po.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.233.218 (United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f207:c4:face:b00c:0:43fe (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.103.86.63 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-86-63.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.106.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-106-63.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

townsquaremedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.8.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-16.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.211.12 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.241.55.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.110.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-7.vie50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.69.95.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-95-91.us-west-2.compute.amazonaws.com

scorestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.73.51 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-73-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-54.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.218.238.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

cdn-scorestream-com.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.193.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-193-12.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:b4f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3123:a000::d (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.177.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:fe00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-29.fra56.r.cloudfront.net

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.18.18.126 (None, ) 9 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.240.210 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.193.198.179 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-198-179.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.126.56.137 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.239.52.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-52-148.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.128 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.46.155.104 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.243.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-243-57.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.25.184 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-25-184.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.46.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.157.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.92.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-92-187.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:358d:1e8a:10d4:e287 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	townsquare.media townsquare.media — Cisco Umbrella Rank: 23428	2 MB
32	casalemedia.com 12 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1330 htlb.casalemedia.com — Cisco Umbrella Rank: 560 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453 r.casalemedia.com — Cisco Umbrella Rank: 713 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	27 KB
28	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040 pixel.rubiconproject.com — Cisco Umbrella Rank: 326 token.rubiconproject.com — Cisco Umbrella Rank: 707	50 KB
26	wjon.com 1 redirects wjon.com — Cisco Umbrella Rank: 289802	237 KB
24	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	41 KB
22	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 ad.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	263 KB
18	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3590 sync.serverbid.com — Cisco Umbrella Rank: 7056 x.serverbid.com — Cisco Umbrella Rank: 8288	7 KB
18	amazon-adsystem.com 7 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 288 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264	52 KB
15	yahoo.com 13 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 ads.yahoo.com — Cisco Umbrella Rank: 2334 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	3 KB
15	undertone.com hb.undertone.com — Cisco Umbrella Rank: 3323 cdn.undertone.com — Cisco Umbrella Rank: 5987 usr.undertone.com — Cisco Umbrella Rank: 4592	12 KB
13	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518 ads.pubmatic.com — Cisco Umbrella Rank: 496 image8.pubmatic.com — Cisco Umbrella Rank: 577 image6.pubmatic.com — Cisco Umbrella Rank: 636	35 KB
13	gstatic.com fonts.gstatic.com ssl.gstatic.com	145 KB
12	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	10 KB
12	openx.net townsquaremedia-d.openx.net — Cisco Umbrella Rank: 39217 u.openx.net — Cisco Umbrella Rank: 719 us-u.openx.net — Cisco Umbrella Rank: 396 rtb.openx.net — Cisco Umbrella Rank: 1516	2 KB
11	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	3 KB
11	google.com apis.google.com — Cisco Umbrella Rank: 161 www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 117	222 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	71 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 111	127 KB
7	consensu.org cdn.conversant.mgr.consensu.org — Cisco Umbrella Rank: 26603 api.conversant.mgr.consensu.org — Cisco Umbrella Rank: 28696	201 KB
6	advertising.com 6 redirects pixel.advertising.com — Cisco Umbrella Rank: 871	1 KB
6	amazonaws.com cdn-scorestream-com.s3.amazonaws.com — Cisco Umbrella Rank: 175125 s3-us-west-2.amazonaws.com	81 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	1 KB
6	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2202 sync.go.sonobi.com — Cisco Umbrella Rank: 1010	4 KB
6	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 652 eb2.3lift.com — Cisco Umbrella Rank: 411	13 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	152 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1474	19 KB
5	media.net prebid.media.net — Cisco Umbrella Rank: 1356 contextual.media.net — Cisco Umbrella Rank: 526	17 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	355 B
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803 in.hotjar.com — Cisco Umbrella Rank: 1526	68 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 592	18 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 741	2 KB
3	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 931	99 B
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	831 B
3	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 597	573 B
3	solutionshindsight.net static.solutionshindsight.net — Cisco Umbrella Rank: 26481	27 KB
3	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2368	2 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 145	5 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 sync.taboola.com — Cisco Umbrella Rank: 933	166 KB
3	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1620	37 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 7009 www.instagram.com — Cisco Umbrella Rank: 975	5 KB
3	townsquareblogs.com cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 43676	103 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 4226	562 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 784	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	644 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1324	1 KB
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 5383	375 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 5837	354 B
2	btloader.com btloader.com — Cisco Umbrella Rank: 1206 api.btloader.com — Cisco Umbrella Rank: 1317	12 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731	62 KB
2	scorestream.com scorestream.com — Cisco Umbrella Rank: 89883	29 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124	56 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1370	15 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 802 id.rlcdn.com — Cisco Umbrella Rank: 611	453 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	56 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 484	682 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1488	408 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 292	220 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 749	584 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 551	317 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1445	378 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 736	380 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	1 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2143	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	38 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5596	501 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1232	5 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 15664	617 B
1	net. dbejeqv8nk3po.cloudfront.net.	41 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
398	71

	Domain	Requested by
38	townsquare.media	wjon.com dbejeqv8nk3po.cloudfront.net.
26	wjon.com	1 redirects wjon.com dbejeqv8nk3po.cloudfront.net.
24	www.google-analytics.com	wjon.com www.google-analytics.com scorestream.com
13	dsum-sec.casalemedia.com	3 redirects r.casalemedia.com um2.eqads.com
13	ups.analytics.yahoo.com	12 redirects r.casalemedia.com
12	ib.adnxs.com	6 redirects cdn.production.townsquareblogs.com cdn.undertone.com
11	cm.g.doubleclick.net	7 redirects r.casalemedia.com
11	match.adsrvr.org	js-sec.indexww.com cdn.undertone.com sync.serverbid.com r.casalemedia.com
9	s.amazon-adsystem.com	5 redirects r.casalemedia.com
9	usr.undertone.com	cdn.undertone.com r.casalemedia.com
9	ssum-sec.casalemedia.com	6 redirects js-sec.indexww.com
9	cdnjs.cloudflare.com	scorestream.com
9	e.serverbid.com	cdn.production.townsquareblogs.com sync.serverbid.com
8	pixel.rubiconproject.com	2 redirects cdn.undertone.com
8	eus.rubiconproject.com	dbejeqv8nk3po.cloudfront.net. eus.rubiconproject.com cdn.undertone.com
8	apis.google.com	wjon.com dbejeqv8nk3po.cloudfront.net. www.youtube.com accounts.google.com apis.google.com
7	www.youtube.com	dbejeqv8nk3po.cloudfront.net. www.youtube.com
7	stats.g.doubleclick.net	www.google-analytics.com
7	fonts.gstatic.com	fonts.googleapis.com
6	x.serverbid.com	sync.serverbid.com
6	pixel.advertising.com	6 redirects
6	r.casalemedia.com	3 redirects cdn.undertone.com
6	ads.pubmatic.com	dbejeqv8nk3po.cloudfront.net. sync.serverbid.com
6	ssl.gstatic.com	accounts.google.com wjon.com
6	onetag-sys.com	cdn.production.townsquareblogs.com dbejeqv8nk3po.cloudfront.net.
6	fastlane.rubiconproject.com	cdn.production.townsquareblogs.com
6	c.amazon-adsystem.com	wjon.com c.amazon-adsystem.com
5	cdn-scorestream-com.s3.amazonaws.com	scorestream.com cdn-scorestream-com.s3.amazonaws.com
5	g2.gumgum.com	cdn.production.townsquareblogs.com
5	www.facebook.com	wjon.com dbejeqv8nk3po.cloudfront.net.
4	cdn.conversant.mgr.consensu.org	dbejeqv8nk3po.cloudfront.net. cdn.conversant.mgr.consensu.org
4	connect.facebook.net	wjon.com dbejeqv8nk3po.cloudfront.net.
4	platform.twitter.com	wjon.com dbejeqv8nk3po.cloudfront.net.
4	js-sec.indexww.com	wjon.com dbejeqv8nk3po.cloudfront.net.
4	fonts.googleapis.com	wjon.com scorestream.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	token.rubiconproject.com	3 redirects
3	sync.go.sonobi.com	sync.serverbid.com
3	rtb.openx.net	sync.serverbid.com
3	p.rfihub.com	3 redirects
3	cs.emxdgt.com	sync.serverbid.com
3	ap.lijit.com	sync.serverbid.com
3	pixel-sync.sitescout.com	cdn.undertone.com
3	image8.pubmatic.com	cdn.undertone.com
3	us-u.openx.net	cdn.undertone.com
3	secure-assets.rubiconproject.com	3 redirects
3	u.openx.net	dbejeqv8nk3po.cloudfront.net.
3	sync.serverbid.com	dbejeqv8nk3po.cloudfront.net.
3	cdn.undertone.com	dbejeqv8nk3po.cloudfront.net.
3	eb2.3lift.com	dbejeqv8nk3po.cloudfront.net.
3	static.solutionshindsight.net	dbejeqv8nk3po.cloudfront.net.
3	hb.undertone.com	cdn.production.townsquareblogs.com
3	apex.go.sonobi.com	cdn.production.townsquareblogs.com
3	htlb.casalemedia.com	cdn.production.townsquareblogs.com
3	hbopenbid.pubmatic.com	cdn.production.townsquareblogs.com
3	krk.kargo.com	cdn.production.townsquareblogs.com
3	townsquaremedia-d.openx.net	cdn.production.townsquareblogs.com
3	prebid.media.net	cdn.production.townsquareblogs.com
3	tlx.3lift.com	cdn.production.townsquareblogs.com
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	sb.scorecardresearch.com	dbejeqv8nk3po.cloudfront.net. wjon.com
3	securepubads.g.doubleclick.net	www.googletagservices.com
3	secure.cdn.fastclick.net	wjon.com secure.cdn.fastclick.net dbejeqv8nk3po.cloudfront.net.
3	cdn.production.townsquareblogs.com	wjon.com cdn.production.townsquareblogs.com
2	um2.eqads.com	1 redirects r.casalemedia.com
2	pm.w55c.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	contextual.media.net	dbejeqv8nk3po.cloudfront.net.
2	ad-delivery.net	wjon.com
2	action.media6degrees.com	wjon.com
2	action.dstillery.com	2 redirects
2	maxcdn.bootstrapcdn.com	scorestream.com maxcdn.bootstrapcdn.com
2	accounts.google.com	dbejeqv8nk3po.cloudfront.net. wjon.com
2	scorestream.com	dbejeqv8nk3po.cloudfront.net. cdnjs.cloudflare.com
2	pagead2.googlesyndication.com	wjon.com dbejeqv8nk3po.cloudfront.net.
2	syndication.twitter.com	platform.twitter.com wjon.com
2	i.clean.gg	dbejeqv8nk3po.cloudfront.net.
2	cdn.taboola.com	wjon.com dbejeqv8nk3po.cloudfront.net.
2	www.instagram.com	1 redirects wjon.com
2	www.googletagservices.com	wjon.com scorestream.com
1	id.rlcdn.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	sync.taboola.com	r.casalemedia.com
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	r.casalemedia.com
1	x.bidswitch.net	r.casalemedia.com
1	sync.srv.stackadapt.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	bttrack.com	r.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	id5-sync.com
1	s3-us-west-2.amazonaws.com
1	api.btloader.com	btloader.com
1	ad.doubleclick.net	wjon.com
1	btloader.com	dbejeqv8nk3po.cloudfront.net.
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	www.googletagmanager.com	dbejeqv8nk3po.cloudfront.net.
1	vars.hotjar.com	dbejeqv8nk3po.cloudfront.net.
1	script.hotjar.com	dbejeqv8nk3po.cloudfront.net.
1	www.google.de	wjon.com
1	www.google.com	wjon.com
1	static.hotjar.com	dbejeqv8nk3po.cloudfront.net.
1	a.teads.tv	dbejeqv8nk3po.cloudfront.net.
1	as-sec.casalemedia.com	js-sec.indexww.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	api.rlcdn.com	js-sec.indexww.com
1	platform.instagram.com	1 redirects
1	dbejeqv8nk3po.cloudfront.net.	wjon.com
0	cs.admanmedia.com Failed	cdn.undertone.com
398	112

This site contains links to these domains. Also see Links.

Domain
minnesotasnewcountry.com
youtube.com
www.facebook.com
twitter.com
www.coborns.com
publicfiles.fcc.gov
www.youtube.com
www.townsquaremedia.com

Subject Issuer	Validity	Valid
www7.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2022-10-28`	4 months	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2022-10-27`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-14` - `2022-10-28`	4 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
cdn.conversant.mgr.consensu.org R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2022-05-12` - `2023-06-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.undertone.com Amazon	`2021-10-04` - `2022-11-01`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
scorestream.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
solutionshindsight.net Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2021-10-20` - `2022-11-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://wjon.com/
Frame ID: B46C2CEDB50EF7989E8C9655F0586541
Requests: 217 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: 8964544EE62388A73AA6B1579AA04E6F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fwjon.com
Frame ID: 3F7D7F62775BEAFBAA8CA487FE136E7F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E4413946A86701CE19218927B9AC8826
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=TSStCloud&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwjon.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
Frame ID: D0E2634BAA96365AC2DE8243A9D8DD5F
Requests: 5 HTTP requests in this frame

Frame: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Frame ID: AD0C50FAA8A47CD39C30FB708F121A7C
Requests: 26 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Frame ID: E7E1505BF8E31AE1C97A8531118BEA5A
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwjon.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
Frame ID: 73166C1375F38D5E10426A2853451729
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: D4717CBD176FE6F05E3A51BBA522C6A1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCt03ChdBxjIeStQWVfd-K7A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
Frame ID: ADF60EA8205C5AF6F508DDE9B3C73C68
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=3584600378431041&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4fb5304c29c44%26domain%3Dwjon.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwjon.com%252Ffc277d07c985f8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2F1240WJON&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 386345E21480C6114CD1E79B37A4B612
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659702612252
Frame ID: 58F055F09B7B85F866CC81BCEC89EDEF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7A5D9378D6055E0665E24B499F769B4
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 57519FBB29A838BCF058E537FC45734D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: D9A77CADBB4D722778B1D116C9DF8DB7
Requests: 10 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: CAFCC22A29896978DCE329A033B3E46D
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: E8E5D08C8500E092065F7217CD7E41E2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 9D517063EA9997193000C7D2E5F7F225
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659702612254
Frame ID: E6593E7BFCD65F2B082C019C2EB62B25
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 86052D6E471EA050A9D2A912583E0738
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9A686C66EF1140E0E4640A93D914855D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659702611871
Frame ID: ACBB863B1F4B770091C67CB4C8415F81
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 4F0590877DC3596CE9F08F9E4783F626
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 24AA7C0ACAEF51178B943CE488431BEB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4EC56674B613A99CD5D78F076A1D0157
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F83956980A61E07B49D1198766F82D42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: A7EBF25C4054AB6EF3809C6B6BD49100
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 026D82F1F671FE90B2C8CFFD1A85C446
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 18CD1DDBD2C459336FEAE0FD83B99214
Requests: 10 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 7A2C206A7732A805FFC2286FABC287E6
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 281A7543836A390A23792B1223428CC7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2624FB12C4D785418F20DE0C216E1577
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4C66FCC66194E75A0D03711A194061B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 443373EC4CEA81C7A5C34A7F48DA5F90
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DD8B3F80F532C0505582C715E492167B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D658CC262CE8FFC8C5E84EB71A826928
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A0B51D7BD0E23E88A541900CFD389C38
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CEF6400130A124F1179DA59313ABBCCD
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 562AE99517133E0B50085A4B858638C8
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: BC0A2CDA717F4F75B63BDB0189DAA6E4
Requests: 3 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 29FEB97A205FED693CDB3D4D8BF60FA7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D3B09F29B689753E17CC4BE5351B2A5B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: EFCECCB92D9A7FAFF23F3E0FE2B35021
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 6FA46A71943437655348B6279EEADC9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 978814CC42E45A2789B0AE9518A96E22
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: C475CAD3F7FDB370C1E117AA9C472F0B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: DC5F91E1FDC154A78A07109F9FD008B1
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 4752E5469EC48C172D3E97C7FAFF694E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=3584600378431041&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa67c0500ea62%26domain%3Dwjon.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwjon.com%252Ffc277d07c985f8%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwjon.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 0247E3B8B2CD283A5375B37439F62F5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AM 1240 WJON – News, Talk, Sports – St. Cloud News Radio

Page URL History Show full URLs

http://wjon.com/ HTTP 301
https://wjon.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

398
Requests

89 %
HTTPS

29 %
IPv6

71
Domains

112
Subdomains

92
IPs

10
Countries

4355 kB
Transfer

11463 kB
Size

70
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://minnesotasnewcountry.com/dream-getaway-rules/
Title: Dream Getaway Rules

Search URL Search Domain Scan URL

URL: https://youtube.com/user/TSStCloud
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1240WJON
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WJON_News
Title: Visit us on Twitter

Search URL Search Domain Scan URL

URL: https://www.coborns.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/WJON
Title: Public File

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TSStCloud
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/
Title: , Townsquare Media, Inc

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wjon.com/ HTTP 301
https://wjon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 235

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24

Request Chain 236

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

Request Chain 281

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 282

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 285

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

Request Chain 291

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

Request Chain 294

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

Request Chain 300

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

Request Chain 301

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 302

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 307

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5144588521038049639

Request Chain 308

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

Request Chain 310

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900

Request Chain 312

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 315

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5133329521968729524

Request Chain 316

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

Request Chain 318

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900

Request Chain 320

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 325

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921453647263

Request Chain 326

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

Request Chain 328

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1753257751898190963

Request Chain 330

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 335

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

Request Chain 341

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

Request Chain 342

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 343

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 350

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB&dcc=t

Request Chain 351

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG0GcT3oMcps0fSxkxIzqws&google_cver=1&gdpr=1

Request Chain 353

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7ee3f595-e755-45bb-b1a8-c0a0e178c0da&expiration=1691238616

Request Chain 354

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yu0NVwAEL8gl2ABC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yu0NVwAEL8gl2ABC&gdpr=1&_test=Yu0NVwAEL8gl2ABC

Request Chain 357

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB&dcc=t

Request Chain 358

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIa8xG-zBtVoazvqVj4mKLU&google_cver=1&gdpr=1

Request Chain 360

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 361

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0poQH0mK1OjWt15&gdpr=1

Request Chain 362

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=7tlpDHmISh9jACsiLbDWOFQTr7c

Request Chain 365

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 366

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE6aQWmf83Lu0LlVF8iKfU&google_cver=1&gdpr=1

Request Chain 367

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&dcc=t

Request Chain 372

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e2e62ed-0d58-4500-a90a-223da220a886&gdpr=1&gdpr_consent=

Request Chain 375

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L9UFiWuLRraZtUCMX1Kcxg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L9UFiWuLRraZtUCMX1Kcxg

Request Chain 377

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6GG2Z96-Z-BCMF&sigv=1&esig=2~c12c3732bf3e2a780559aa775231984802121a22

Request Chain 378

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZHRzJaOTYtWi1CQ01G

Request Chain 379

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/c9sXWOs_RnDK9otjBN9ZiA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525010351123024120

Request Chain 381

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDF9MWGwEHaExyC6uC4mXOU&google_cver=1

Request Chain 382

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SAahAfEHT-GAp3CiB6CUcw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SAahAfEHT-GAp3CiB6CUcw

398 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wjon.com/
Redirect Chain

http://wjon.com/
https://wjon.com/

266 KB
49 KB

483ms
418ms

Document
text/html

192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

4b72f044ea2c71c1d4bed65a50f93f6b25c91151beb20543f7784c446288e7fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
cache-control: no-cache
content-encoding: gzip
content-length: 49994
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 12:30:09 GMT
etag: W/"429d5-FbGRqnTIb4VybTFi/GaJdg"
expires: Fri, 05 Aug 2022 12:30:08 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 607850388 607850125

Redirect headers

Cache-Control: no-cache
Content-Length: 178
Content-Type: text/html
Date: Fri, 05 Aug 2022 12:30:08 GMT
Expires: Fri, 05 Aug 2022 12:30:07 GMT
Location: https://wjon.com/
Server: nginx
X-Frame-Options: SAMEORIGIN
gdpr-source: DE

GET
H2 200 base.css
wjon.com/styles/desktop/ 529 KB
115 KB 24ms
22ms Stylesheet
text/css 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) / Express

Resource Hash

69f9231c708fd46243dc77fa9e4df7a10b0adfa746abbb2c08e62b37ccfc4cde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71092
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 117144
last-modified: Wed, 03 Aug 2022 16:42:51 GMT
server: ECS (frb/67F2)
etag: W/"845bf-fuJQn2ozieKIJw2gRcDvxg"
x-frame-options: SAMEORIGIN
x-varnish: 592279241
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Fri, 05 Aug 2022 12:30:08 GMT

GET
H2 200 main.bundle.eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163.js Show response
townsquare.media/public/dist/desktop/ 909 KB
236 KB 1374ms
251ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163.js?mver=32&gver=3

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74F) / Express

Resource Hash

d01a432795fc449091f3e7f9e028fd0ec4932b67421b61ac9c91ee1578067048

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71875
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 240756
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (sgb/C74F)
etag: W/"e32af-182362e6435"
x-frame-options: SAMEORIGIN
x-varnish: 1889213274 1889169170
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 90ms
30ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 11:47:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5289
date: Fri, 05 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 05 Aug 2022 13:02:00 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 1301ms
757ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C725) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 78192
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 20:12:19 GMT
server: ECS (sgb/C725)
etag: W/"119a-16d93407ae3"
x-frame-options: SAMEORIGIN
x-varnish: 1887604410
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 script.js Show response
dbejeqv8nk3po.cloudfront.net./ 117 KB
41 KB 113ms
22ms Script
application/javascript 2600:9000:2240:4a00:0:b015:b300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4a00:0:b015:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bea18979f51229647b58a6c0c5a3971fb41d73157c1a494f36cd8ae477ed346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:24:14 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 12:10:05 GMT
server: AmazonS3
age: 355
etag: W/"c07f618ecca678faf0ba80c884588878"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 9E9EvMTYC9LmKmYUx5p8yX76BBPtDLnlCJMvIR8KWeDrf4WyPdA4FQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db7c1c7200604815efaf52334c9ddb64373e3ab22e3779eefca47b76b20f827e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28613
x-xss-protection: 0
server: sffe
etag: "1294 / 593 of 1000 / last-modified: 1659697745"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H/1.1 200
OK 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 111ms
20ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Aug 2022 12:16:52 GMT
Server: Apache
ETag: "da48b2-930b-5e57d70f05a40"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3072
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12790
Expires: Fri, 05 Aug 2022 13:21:21 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 344 KB
102 KB 514ms
19ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) / Express

Resource Hash

3ade3e99ac3b3033225a6773d3567496177f17f6c3bfd9815d537f546c205069

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 52988
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 103608
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 22:58:00 GMT
server: ECS (frb/67F3)
etag: W/"5617b-5A8ovwUSX2i93KMYFdOa1g"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-varnish: 596873193, 597892936 596873190
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 05 Aug 2022 12:30:08 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 81ms
29ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

104d9312b0ab49ab36365302d0dbc3db5dc9f5a24d8d4494bc4dd3f27b343714

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 05 Aug 2022 12:30:09 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6c3f880666401504"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

57ms
26ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H3
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 18:35:45 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Fri, 05 Aug 2022 12:30:10 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 site-logo.png
townsquare.media/site/67/files/2019/08/ 15 KB
15 KB 795ms
252ms Image
image/png 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2019/08/site-logo.png

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C726) / Express

Resource Hash

82a39bbbf41bf1d7f6bcfa9f93f6de901033261cd43ee71c92e64c06e6724318

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 varnish
age: 13996720
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15134
last-modified: Tue, 27 Aug 2019 20:16:45 GMT
server: ECS (sgb/C726)
x-frame-options: SAMEORIGIN
x-varnish: 1747920516 1730796684
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Fri, 05 Aug 2022 12:30:09 GMT

POST
H2 200 cogitoergosum Show response
wjon.com/rest/high/api/ 128 B
483 B 113ms
112ms XHR
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/rest/high/api/cogitoergosum

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d5457ef0281e46aabe87ec20247ec3dfa69d89b926d33fd5893a119277b3c0e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:09 GMT
etag: W/"80-RrqSryb9In29hwWhCD4x+2L5U6Y"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 128
expires: Fri, 05 Aug 2022 12:30:08 GMT

GET
H2 200 cmp.bundle.js Show response
townsquare.media/public/resources/js/ 185 KB
46 KB 1299ms
757ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/cmp.bundle.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C68C) / Express

Resource Hash

9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 84220
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 46582
last-modified: Mon, 26 Oct 2020 18:28:49 GMT
server: ECS (sgb/C68C)
etag: W/"2e534-175662b83ee"
x-frame-options: SAMEORIGIN
x-varnish: 592767782 589070764
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 13 KB
5 KB 125ms
31ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b5511237fcf94bad2aca9c53a0da15e1795be9377fac8dc44f06afd51113322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 18:00:40 GMT
server: Apache
etag: "33d8-5d5f329e9535b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 4752
expires: Fri, 05 Aug 2022 12:45:09 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 115ms
36ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 05 Aug 2022 11:43:18 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:51:40 GMT
server: AmazonS3
age: 2812
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
x-amz-cf-id: HUICbWN14BK0HUptDOFAdE39G5-S1MAPjTMZ6tW-UZLvyNJUljr9qA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 125ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:09 GMT
Content-Encoding: gzip
Age: 117
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29203
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 21:01:21 GMT
Server: ECS (frb/67BA)
Etag: "2db8c3ce16d9541818f0d180a9ea89b1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 98ms
32ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebcb3cd75b0c14332ba361ee41b3ed95c49d2b8fdc3b78a067d4dbcfa436167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8mv28CEPk0NmfnweXx3D0Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: K9IGXuNZafV8O0fhU0QCNtnzHk5svLK96lMZi6OIakSS5yPWCAqrAbdBUsq8dWIh5AZOmOxgqRtSZgtRC/OCiA==
x-fb-trip-id: 720026100
x-fb-content-md5: d8f1e4d7195dbab8c71bc038404c4689
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 12:30:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6a7149522e7e0121ba214618691079e4"
timing-allow-origin: *
expires: Fri, 05 Aug 2022 12:37:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 90ms
33ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e04996bce115cd63369e3d421e8e6eedf08bac25392d0d30203a9ff1069b7785

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26463
x-xss-protection: 0
pragma: public
x-fb-debug: fAhehGxzXeqdGQqNUZwnMyx7keZ2/7zDse7Wjq9DK86CwxSsUaWm5Kzbx62wgEJn19xm3FFakYNU6GLaPwJveA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 12:30:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/townsquaremediatsm-network/ 96 KB
25 KB 80ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41f9649af86dfc713c5ecf2f1796a00a06d995d018c657c8112e79910801f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 9RizGwPCoQsd5lumUYfw74V7huqaTwBV
content-encoding: gzip
etag: "dad1d05c93838372f6b401d0c1917c54"
age: 2
x-cache: HIT
content-length: 25010
x-amz-id-2: tbxrWzJWfJpjQnBBeU69yLDT21vSE8HmUVfXEp34YC8r1p7qZnq1zkJMYVFsKpaEM7+JAYIuz6A=
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 04 Aug 2022 09:19:34 GMT
server: AmazonS3
x-timer: S1659702610.990164,VS0,VE1
date: Fri, 05 Aug 2022 12:30:09 GMT
vary: Accept-Encoding
x-amz-request-id: V67AGTNCCP24JGV8
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 99
x-cache-hits: 1

GET
H2 200 / Show response
cdn.production.townsquareblogs.com/aleph/ Frame 8964 2 KB
857 B 18ms
18ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.townsquareblogs.com/aleph/
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) / Express
Resource Hash: e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 177
cache-control: no-cache
content-encoding: gzip
content-length: 708
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:09 GMT
etag: W/"7dd-17eb77f354f"
expires: Fri, 05 Aug 2022 12:30:08 GMT
gdpr-source: DE
last-modified: Tue, 01 Feb 2022 22:54:34 GMT
server: ECS (frb/675D)
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-powered-by: Express
x-varnish: 607810969 607810025

GET
H2 200 wjonam.jpg
townsquare.media/site/67/files/2018/08/ 241 KB
241 KB 1259ms
755ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2018/08/wjonam.jpg

Requested by

Host: wjon.com
URL: https://wjon.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C68B) / Express

Resource Hash

4042700cc9763ca5901dbea176831ec886f5cf27d0e2a06b634fe6a4c57aac52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 varnish
age: 21408860
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 246894
last-modified: Wed, 25 Sep 2019 20:50:16 GMT
server: ECS (sgb/C68B)
x-frame-options: SAMEORIGIN
x-varnish: 936525045 936445176
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 321734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 19:07:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 96ms
47ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 307219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 23:09:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 90ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 272688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 08:45:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 73ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 330317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:44:52 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame 8964 128 B
478 B 114ms
113ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d5457ef0281e46aabe87ec20247ec3dfa69d89b926d33fd5893a119277b3c0e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:09 GMT
etag: W/"80-RrqSryb9In29hwWhCD4x+2L5U6Y"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
vary: Accept-Encoding
content-length: 128
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 attachment-Monster-Truck.jpg
townsquare.media/site/67/files/2022/08/ 116 KB
116 KB 1173ms
756ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2022/08/attachment-Monster-Truck.jpg?w=980&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74D) / Express

Resource Hash

3a2b7372498399542e2aa84d0c7d0e60d30960b53c59509900442be7cb1355e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 varnish
age: 58917
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 118597
last-modified: Thu, 04 Aug 2022 20:07:27 GMT
server: ECS (sgb/C74D)
x-frame-options: SAMEORIGIN
x-varnish: 1892477922
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 wjonam-promo2.jpg
townsquare.media/site/67/files/2017/10/ 3 KB
3 KB 1104ms
755ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2017/10/wjonam-promo2.jpg

Requested by

Host: wjon.com
URL: https://wjon.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6A4) / Express

Resource Hash

66c6de2eb0b4f00bbfc845f84e130d7e8c5e2ad3bc2339e3260a72c2b1126678

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 varnish
age: 21699557
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 3345
last-modified: Mon, 23 Sep 2019 04:54:06 GMT
server: ECS (sgb/C6A4)
x-frame-options: SAMEORIGIN
x-varnish: 889099597
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 attachment-GettyImages-82597579.jpg
townsquare.media/site/65/files/2022/08/ 30 KB
30 KB 1104ms
755ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/65/files/2022/08/attachment-GettyImages-82597579.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6E6) / Express

Resource Hash

daf8c6b41adfd0c3f6bdca0d65d774519a1f5102546503e3e780358bf785b64c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 varnish
age: 299275
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 30417
last-modified: Tue, 02 Aug 2022 01:18:14 GMT
server: ECS (sgb/C6E6)
x-frame-options: SAMEORIGIN
x-varnish: 1843208036 1842280994
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:09 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 28ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 22:33:26 GMT
x-content-type-options: nosniff
age: 223003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:33:26 GMT

GET
H2 200 pubads_impl_2022080301.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 120ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068785

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d6f327e8f217c193d4139ec967dd138dde3958395b06a4e4cd8e346faa27dedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 11:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132985
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:38:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Aug 2023 11:47:11 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 262 B
767 B 119ms
30ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wjon.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

15c7d86ae9e86d3fe31ec984acb046d6413c2df53ac83775bc840da9d743afb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 206ms
45ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c8721c104444b6a3330eb7a9d04e6954044dbf82debe16e2a6999fca9d4c22ea

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wjon.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 04 Sep 2022 12:30:10 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
355 B 173ms
43ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 42 KB
15 KB 76ms
38ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a383ecd625c00c3b5051fd8eb6ad8ab4aa40503f4ebc2267338b11931d17875b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 18:00:40 GMT
server: Apache
etag: "a7f8-5d5f329e947c3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 15432
expires: Fri, 05 Aug 2022 12:45:10 GMT

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 157ms
115ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 203ms
112ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wjon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 05 Aug 2022 12:30:10 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H/1.1 200
OK widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html Show response
platform.twitter.com/widgets/ Frame 3F7D 320 KB
104 KB 39ms
28ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fwjon.com
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 141417
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Aug 2022 12:30:10 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6794)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
602 B 90ms
40ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fwjon.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 06:53:21 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
age: 20209
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
content-length: 248
x-amz-cf-id: WLYXjSVUzqtW176wJb_tIsH8jFQSREYKH-WxN0qqHuJMtOP6W50ClQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 133ms
29ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 50594
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Thu, 04 Aug 2022 22:26:57 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: bfwtDlCOLOwWz3hgbOa9SzL0k5hVVVCFbMF_F3dO6JpIbKH6EEIdbw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 296 KB
84 KB 98ms
37ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ad7de3f613f1f7d747fa0ec2984dae27

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47d9e5cf1d996e7224b32c84276f88388c8925c39e672ebec5ddfe35ab0d7113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wjon.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZoJSTFfjAH1zHmdQUkplZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86365
x-fb-rlafr: 0
x-fb-debug: R+6COcO4Hha6GW8G4uan2dmRzX5FELJB81djLnDB7m06UtkR6IBTyJYEFLtCK8tjXy6q6g2ZbUkY0knRLRKAkA==
x-fb-content-md5: 68faadc35d22bbf18f6ff0924d64580b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 12:30:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b0d763a468cffaffa4bb7c99f1511e06"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 05 Aug 2023 12:05:23 GMT

GET
H3 200 631470830669776 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 91ms
37ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/631470830669776?v=2.9.71&r=stable

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a95e4a214bf3548fcd9c882015ccba496f5dc5983aa22e94a382a5359a27c6d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86174
x-xss-protection: 0
pragma: public
x-fb-debug: Cd4mxO5bQ0yl+pPa99bEspm5zbmfECaTLINRVRH0UffIOCn62ZSyGDzINS8+o8dZQDAhCWupWUnYQrjxUfUZCw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 12:30:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20220804-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 679 KB
141 KB 44ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220804-10-RELEASE.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: bf330099e4e402d3c58c5f17bf5d7d883818ba338e01648756614e5037fcc9e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 6f3eZeN3pEZabjbSquuvep2lW434xwKE
content-encoding: br
etag: "2fe70f2de2581642c7a56447fef96c0b"
age: 13150
x-cache: HIT
content-length: 143628
x-amz-id-2: jcVVe4yGzBvB8e1jb6TZF7GKT6iIvHj2/zpM+JJbuPkBEYuCHp7UmXIOba0/H9X/S7Bi2/fx8LY=
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 04 Aug 2022 08:45:55 GMT
server: AmazonS3-br
x-timer: S1659702610.308535,VS0,VE0
date: Fri, 05 Aug 2022 12:30:10 GMT
vary: Accept-Encoding
x-amz-request-id: 2AHBP7B92CAWHGH5
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 5
x-cache-hits: 9833

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 112ms
23ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 07:54:42 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 29762
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: np7VXJgs9HlICFtnLRrkpLCOmP64L5_g_Ci8MAXHLYmO_xPgjSJ__w==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3F7D 513 B
523 B 196ms
127ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f3916a8a955575257a3de6e60977853f9db2a183

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fwjon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 05 Aug 2022 12:30:09 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 12:30:10 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 93b66a6b8421846821f6d3b7c28be4b6a9f2fe3631a4636cd419c26b6b5f932e
content-length: 242

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 415 B
617 B 162ms
28ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.0&lid=336
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://wjon.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 415
expires: Fri, 05 Aug 2022 13:00:10 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 35ms
33ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Fri, 05 Aug 2022 12:45:10 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 115ms
55ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_ced&pvsid=2977235816619826&sc=f&level=page&vrg=2022080301&nw_id=8328825&nslots=7&eid=31068785%2C42531605%2C42531607%2C31068520&pub_url=https%3A%2F%2Fwjon.com%2F

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
568 B 173ms
80ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fwjon.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rthrR%2BssaZoZi5L3TJirHnYXeHGYzedyoZm3ry6A5SwOBuNzL0n66pvVqYaCX3Vj37VMwKgI8wOPMD7fDZXRDYZowrgrhKG4hBclcSY9SZvhKGBK6RTuSArNswgLX5Mx8gGVCDjmXww%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wjon.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 735f8ae4086c693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 73ms
22ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2Fwjon.com%2F&rl=&if=false&ts=1659702610560&sw=1600&sh=1200&v=2.9.71&r=stable&ec=0&o=30&fbp=fb.1.1659702610559.1347986343&it=1659702610256&coo=false&rqm=GET

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 307 KB
68 KB 243ms
30ms Script
application/javascript 104.103.86.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.86.63 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-86-63.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "4cd44-5dd1830eaa2ac-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 69090

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
288 B 429ms
55ms XHR
application/json 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.6.0&c=69303415329
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: a3e69c4fea43c6927c8ce075e98a06ba435de4c441530a774ec51c7c07cfb134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E441 0
18 B 42ms
19ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wjon.com
Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://wjon.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 12:30:11 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 370 KB
49 KB 130ms
31ms XHR
application/json 104.103.86.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.86.63 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-86-63.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 78ffb0193d423881099abcf555be62a57c351f18fe58d0d4ea7c77ec3a035cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 16:15:01 GMT
server: Apache
etag: "5c607-5e56ca6d2f4d3-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 49681

POST
H2 200 cogitoergosum Show response
wjon.com/rest/high/api/ 128 B
339 B 348ms
348ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

e47a4128beb7ab9fba3b2b9d82e7f340daeeede0fdf0c4d702a95a0607f9eb54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
etag: W/"80-aCKlhBueBoGkBoXu3Z2YZB/EOPA"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 128
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 67ms
67ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=3584600378431041&input_token&origin=1&redirect_uri=https%3A%2F%2Fwjon.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: W4LFOa/O8QKOFTzTDFWzwLt0zyya3Q7hv0qAhK1hrAfjxG8KaQolLAaT4Dwo4S7V1C5VgIkPJWILMil/kBjZdA==
fb-s: unknown
date: Fri, 05 Aug 2022 12:30:11 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wjon.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chunk-4.1488d756d199e623693b.1658519812594.js Show response
wjon.com/public/dist/chunks/ 6 KB
2 KB 33ms
26ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-4.1488d756d199e623693b.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) / Express

Resource Hash

fba1bd6312e410489a59cb22593f0afb5c6499610611ebdd844b987d898b256d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71428
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2122
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6763)
etag: W/"1755-182362e60ba"
x-frame-options: SAMEORIGIN
x-varnish: 592192880
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-22.6eb004657f451b16dab4.1658519812594.js Show response
wjon.com/public/dist/chunks/ 658 B
777 B 36ms
29ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-22.6eb004657f451b16dab4.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) / Express

Resource Hash

331d6c254831ba29998957f1caf9672307ad0ea4c8c804aed6928b598920a76d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 72027
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 658
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67E2)
etag: W/"292-182362e6379"
x-frame-options: SAMEORIGIN
x-varnish: 1889130807 1889128421
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-19.21d68f7127e8c2c2b6c3.1658519812594.js Show response
wjon.com/public/dist/chunks/ 806 B
902 B 35ms
30ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-19.21d68f7127e8c2c2b6c3.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

a0cdb4c842213259d49174c4c3c459db9fc6e1e63bf0f923c4479f96559e9acf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 71930
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 806
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67BE)
etag: W/"326-182362e60b6"
x-frame-options: SAMEORIGIN
x-varnish: 592192882 592059929
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-21.6d4be2526be7c761134f.1658519812594.js Show response
wjon.com/public/dist/chunks/ 1 KB
881 B 35ms
30ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-21.6d4be2526be7c761134f.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D6) / Express

Resource Hash

b4cd3b055ba32e94b5f05141b4bf92c0da37a117f3c7458e5446c1fdfccda098

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72033
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 783
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67D6)
etag: W/"514-182362e6379"
x-frame-options: SAMEORIGIN
x-varnish: 1889287755 1889126691
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-43.c4b4a4de333d1924c358.1658519812594.js Show response
wjon.com/public/dist/chunks/ 2 KB
927 B 36ms
32ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-43.c4b4a4de333d1924c358.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

f164cab4e087e773f8ed0723294ee7bee19681cdb2edc46500d24e52339ca227

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72027
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 829
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67A7)
etag: W/"728-182362e60ba"
x-frame-options: SAMEORIGIN
x-varnish: 1889224310 1889128422
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-32.e009ce1ef346ffa2e35a.1658519812594.js Show response
wjon.com/public/dist/chunks/ 40 KB
12 KB 35ms
32ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-32.e009ce1ef346ffa2e35a.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) / Express

Resource Hash

c7bca65ec9bb39b8b07a36b2db5809ed8d2c226d92fa061f3304b61ac7599518

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72033
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 12000
last-modified: Mon, 25 Jul 2022 16:26:40 GMT
server: ECS (frb/6724)
etag: W/"a09a-182362e9b28"
x-frame-options: SAMEORIGIN
x-varnish: 592192939 592033218
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-13.812512b0fb60ab6e5b79.1658519812594.js Show response
wjon.com/public/dist/chunks/ 27 KB
8 KB 36ms
34ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-13.812512b0fb60ab6e5b79.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) / Express

Resource Hash

6808b52575ee5670dc4baccd0a6f6f5e25f02352b7d985af0329b9db21bd536e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72092
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7887
last-modified: Mon, 25 Jul 2022 16:26:43 GMT
server: ECS (frb/6772)
etag: W/"6ae3-182362ea799"
x-frame-options: SAMEORIGIN
x-varnish: 592583979 592018043
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-49.0baf0a0385862dc75ddb.1658519812594.js Show response
wjon.com/public/dist/chunks/ 2 KB
920 B 36ms
35ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-49.0baf0a0385862dc75ddb.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) / Express

Resource Hash

b89064eda1428624b37cb985d66122350bec24e637e0f92b65d2941c3213e564

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71428
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 807
last-modified: Mon, 25 Jul 2022 16:26:28 GMT
server: ECS (frb/6794)
etag: W/"663-182362e6e5c"
x-frame-options: SAMEORIGIN
x-varnish: 1889287711
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-18.f00f27e81f465d488be9.1658519812594.js Show response
wjon.com/public/dist/chunks/ 65 KB
16 KB 31ms
28ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-18.f00f27e81f465d488be9.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

43eb05e3593d9c1eb46e863b433b9a6e7c0168237468825f236abb3da988e5c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72001
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 16769
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67C1)
etag: W/"10557-182362e6379"
x-frame-options: SAMEORIGIN
x-varnish: 592192884 592041471
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-14.6f98e66888da252737e3.1658519812594.js Show response
wjon.com/public/dist/chunks/ 5 KB
2 KB 35ms
32ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-14.6f98e66888da252737e3.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

b5f98699f7656749c3d530f4dfe7089caeeb905005663bd4a8724f86ba8ef2b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71428
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2021
last-modified: Mon, 25 Jul 2022 16:26:28 GMT
server: ECS (frb/67A7)
etag: W/"13d9-182362e6e58"
x-frame-options: SAMEORIGIN
x-varnish: 592192885
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-17.72e900b2f86a4c17da28.1658519812594.js Show response
wjon.com/public/dist/chunks/ 64 KB
14 KB 40ms
37ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-17.72e900b2f86a4c17da28.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

6d07cd25dd670e4a471aae42095f46ed3e2f346e3ea6a05945f39c3fded8db9d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 71428
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 14142
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/6738)
etag: W/"1014f-182362e6375"
x-frame-options: SAMEORIGIN
x-varnish: 592192883
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-10.fe2b905c9c397c3c5954.1658519812594.js Show response
wjon.com/public/dist/chunks/ 967 B
1 KB 30ms
28ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-10.fe2b905c9c397c3c5954.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) / Express

Resource Hash

ef68f1402e8b4c134ed2fd2b1e37ea0537244c929d5a679279eb81d5a6908ff6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 72001
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 967
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6752)
etag: W/"3c7-182362e6273"
x-frame-options: SAMEORIGIN
x-varnish: 592192886 592041478
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 chunk-11.98db4ed55fb5d9fa5c98.1658519812594.js Show response
wjon.com/public/dist/chunks/ 4 KB
2 KB 29ms
29ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-11.98db4ed55fb5d9fa5c98.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

23f06c0643529bc819ea2e3551488291076ca18aefaf2e1e637e6d003b79aeb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72092
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1496
last-modified: Mon, 25 Jul 2022 16:26:40 GMT
server: ECS (frb/67D3)
etag: W/"e03-182362e9b24"
x-frame-options: SAMEORIGIN
x-varnish: 1889130746 1889111316
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 / Show response
wjon.com/internal-ad-api/ 2 KB
1001 B 123ms
123ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx /

Resource Hash

52c03eb3c0aa8aceddb68de6fda2feed979cd960337ec0678cdeb6a5b1fa1f94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
age: 187
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 938
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-varnish: 1904921612 1904878553
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 189ms
55ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-728a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=479b377b-c8c3-4560-b7d8-0995fc5db5f0&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13404284707772796
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b95aeee5e4dd932224233e8312e3ff66b3fb42d4393d7db7c821cf819dc779b7

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 203ms
69ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=2&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-728b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=cd2617c9-43e9-47fe-b86b-58774dd81463&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6763938683663862
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: da28f77bb4e8d508bcc47d95d9319ec1d4d91884f5a4b9b7f4dd80b721251181

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 295ms
160ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=57&p_pos=atf&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-970a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=db72fd7c-ada8-4ca5-935c-053be20a8c4d&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9566742757167124
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8524e0b2fc8a168bf8e36692f9566e88be8f4f797da69e408ed2cc5c844be1d5

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 209ms
74ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-maintop-300a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=6d90b36e-6b79-4b09-98bd-fd014fcbd2cb&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7649468900983656
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dffc773d0a05621a7f2b1de866855df7faac5ecc3637e565ab1b16a7bc056324

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 12 KB
5 KB 249ms
143ms XHR
application/json 3.120.106.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwjon.com%2F&tmax=2000

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.106.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-106-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7fb3f5fe2907f964e353cf11e45ea686ba5bc37d157f00ff7781d317d223292d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
accept-ch: sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 4982
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
449 B 138ms
33ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d8d2a71a482a4a6dd43542b54f54433cb3e6c80060c0fd5c5b030a81ae0764d

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 74 B
374 B 148ms
44ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwjon.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=479b377b-c8c3-4560-b7d8-0995fc5db5f0%2Ccd2617c9-43e9-47fe-b86b-58774dd81463%2Cdb72fd7c-ada8-4ca5-935c-053be20a8c4d%2C6d90b36e-6b79-4b09-98bd-fd014fcbd2cb&nocache=1659702611562&aus=728x90%7C728x90%7C970x250%7C300x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a%2Ctsm-ad-maintop-300a&aucs=%2C%2C%2C&auid=539829446%2C539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250%2C250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d6020f55c70d41680170e607cdbf6dbb626a46bb7f23a5134998d5675d65a846

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 136ms
26ms XHR
application/json 3.121.8.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221905c0fe-09e2-45de-aaf7-99170794d621%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1659702611563%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22225197ca43880c2%22%3A%22_wPlmCMrvTH%22%2C%2223720a81b3a29b9%22%3A%22_wPlmCMrvTH%22%2C%22248585094c30a6d%22%3A%22_wPlmCMrvTH%22%2C%22259dfa0ad4ebf39%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22225197ca43880c2%22%3A%5B%5B728%2C90%5D%5D%2C%2223720a81b3a29b9%22%3A%5B%5B728%2C90%5D%5D%2C%22248585094c30a6d%22%3A%5B%5B970%2C250%5D%5D%2C%22259dfa0ad4ebf39%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22479b377b-c8c3-4560-b7d8-0995fc5db5f0%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%22225197ca43880c2%22%2C%22bidderRequestId%22%3A%2221fa4c53c147588%22%2C%22auctionId%22%3A%22c330c18c-1634-41ba-8081-0b4f9769ddc3%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22cd2617c9-43e9-47fe-b86b-58774dd81463%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2223720a81b3a29b9%22%2C%22bidderRequestId%22%3A%2221fa4c53c147588%22%2C%22auctionId%22%3A%22c330c18c-1634-41ba-8081-0b4f9769ddc3%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22db72fd7c-ada8-4ca5-935c-053be20a8c4d%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%22248585094c30a6d%22%2C%22bidderRequestId%22%3A%2221fa4c53c147588%22%2C%22auctionId%22%3A%22c330c18c-1634-41ba-8081-0b4f9769ddc3%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-maintop-300a%22%2C%22transactionId%22%3A%226d90b36e-6b79-4b09-98bd-fd014fcbd2cb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22259dfa0ad4ebf39%22%2C%22bidderRequestId%22%3A%2221fa4c53c147588%22%2C%22auctionId%22%3A%22c330c18c-1634-41ba-8081-0b4f9769ddc3%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwjon.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.8.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-8-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 125ms
28ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b939af03-07fb-4d9e-8dea-a1e671be3a85
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 10 KB
6 KB 280ms
152ms XHR
application/json 34.241.55.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1659702611570&to=0&aun=tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwjon.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwjon.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.55.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 289c9d622dd04e4ac1f0fa56de652fbed9afcf73fdf6bd2a68d3daf023ab23ca

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 815 B
988 B 237ms
108ms XHR
application/json 34.241.55.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1659702611573&to=0&aun=tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwjon.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwjon.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.55.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6735d4c3dd77eec9f4f3c38859e3e60bf43a349ccdc190563d74b363ca2bb1a6

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 10 KB
6 KB 266ms
140ms XHR
application/json 34.241.55.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1659702611573&to=0&aun=tsm-ad-maintop-300a&maxw=300&maxh=250&si=9176&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwjon.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwjon.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.55.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 214722e9b5d40af75baf12a7a8f5c41640aeddad28e2fa0be05f1d4c00cf1882

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 488ms
36ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
634 B 139ms
55ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272479&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22455abbe309556e9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwjon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22466b0d244f8e2b2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22473451380bcfcf1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2248ca7c5f2a40d99%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272494%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de3a482364d3cef9991d8d09b4a9eb8f03993d715da05ed58a8cc01dc46af481

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edTtBYCkKWFnq13dfgXgsDatLUOBmibVRO%2Bpz33VtkGqt9Ajcryn%2BYhse6tnICAgu6nD%2B%2FUh2Kv97wl4Ev61MAaA2zXWCumSa1Qp%2BFkNuiSOlSJ1AcE3ZZWfqixSk0pMoWfavst4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://wjon.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 735f8aeafedd9b37-FRA
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 158 B
900 B 523ms
152ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22501fa1f59181b19%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%2C%225197b4092a11c84%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%2C%2252b3cd2077b131c%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%2C%22535f98b0f7c3177%22%3A%22c04745a2e2f71ae36abf%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%7D&ref=https%3A%2F%2Fwjon.com%2F&s=74607b83-d789-4d43-81d5-c486b09d42a7&pv=63231130-c8f4-4658-871a-8db9703708dd&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e4943cba9f9e0e72e7d970255db80b9337332b86e2b8b4a70b76b20eaa778809

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-36
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 183
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
201 B 638ms
161ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 204 hb Show response
hb.undertone.com/ 0
444 B 281ms
188ms XHR
text/plain 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=wjon.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: Vo1eHW0NBncH9QfFDM4mLB9CuvqhzPCCj6mKi_-WhXYxjdS991_jDA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 99ms
22ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://wjon.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
56 KB 124ms
83ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eaacc902b520030e3b0934b8a4e4cc9d3a05170d42bd34ac5d40bdbbd02177d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57336
x-xss-protection: 0
server: cafe
etag: 13627782987303547345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 21ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:11 GMT
Content-Encoding: gzip
Age: 141421
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (frb/67BA)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
115 B 112ms
54ms XHR
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:11 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 326 KB
82 KB 34ms
33ms Script
application/javascript 104.103.86.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.86.63 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-86-63.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "5172d-5dd1830eaae64-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 83280

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
527 B 80ms
79ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwjon.com%2F&pid=QfqL1HA5fzu8h&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-970a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-maintop-300a%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-maintop-300a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-728a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-728b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: JCTE20G9VXJS9R3VC2JX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: hQ_qwJ1R8-kf31cjFXhb14-D1bT0Tvbl4oSIv4VXy7vsamEjDkgusg==

GET
H2 200 Jim_Maurice-363x363.jpg
townsquare.media/site/67/files/2018/03/ 17 KB
17 KB 259ms
249ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2018/03/Jim_Maurice-363x363.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74E) / Express

Resource Hash

4bdbacb20d7045060152083ce016f7f49c0f582682b7c1b1a22c67ed5819bed8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 21408470
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17542
last-modified: Sun, 15 Sep 2019 07:29:55 GMT
server: ECS (sgb/C74E)
x-frame-options: SAMEORIGIN
x-varnish: 936525655
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 St.-Cloud-Graniteman-Triathlon.jpg
townsquare.media/site/67/files/2014/06/ 21 KB
21 KB 1027ms
1014ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2014/06/St.-Cloud-Graniteman-Triathlon.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

6027da330cb84ffac323d4c9935b7adf2d8656ba769d78a5d112c1a2469f15c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
vary: Accept-Encoding
age: 5967
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21832
last-modified: Thu, 31 Dec 2020 10:08:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-varnish: 1904921739 1903598408
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 State-Patrol-Stock-Image-3.jpg
townsquare.media/site/67/files/2020/09/ 22 KB
22 KB 268ms
255ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2020/09/State-Patrol-Stock-Image-3.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6DE) / Express

Resource Hash

00a0619da444e9e5f8aa71988acf2457f543807cd9afc52d89418906ea14f2a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 19258361
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 22522
last-modified: Sat, 26 Sep 2020 14:17:42 GMT
server: ECS (sgb/C6DE)
x-frame-options: SAMEORIGIN
x-varnish: 1660886235
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 DSC00005.jpg
townsquare.media/site/67/files/2019/12/ 21 KB
21 KB 270ms
258ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2019/12/DSC00005.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74B) / Express

Resource Hash

7c5d8c04878544e99f062ad3aa1a16b4bb61529ebc917a3c362a9cbaa8e61701

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 48404
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21437
last-modified: Sat, 01 Jan 2022 15:00:04 GMT
server: ECS (sgb/C74B)
x-frame-options: SAMEORIGIN
x-varnish: 597970682
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 Rain1.jpg
townsquare.media/site/67/files/2017/08/ 26 KB
26 KB 271ms
259ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2017/08/Rain1.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C7B8) / Express

Resource Hash

624d3a281fa38ee504358a0f40533c198d5c8a5c6b921fc9044960d032c94914

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 50441
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 26565
last-modified: Wed, 20 Apr 2022 17:12:21 GMT
server: ECS (sgb/C7B8)
x-frame-options: SAMEORIGIN
x-varnish: 1895061197 1894574641
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 attachment-Monster-Truck.jpg
townsquare.media/site/67/files/2022/08/ 13 KB
13 KB 279ms
267ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2022/08/attachment-Monster-Truck.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74D) / Express

Resource Hash

9336158216c03f2d50049876b1fdf388fc53261579a1dccd48d72b2b3c8041eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 56496
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13690
last-modified: Thu, 04 Aug 2022 20:07:26 GMT
server: ECS (sgb/C74D)
x-frame-options: SAMEORIGIN
x-varnish: 1893108184
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 District-742-Logo-Stock-Image-Bus.jpg
townsquare.media/site/67/files/2018/08/ 21 KB
21 KB 280ms
268ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2018/08/District-742-Logo-Stock-Image-Bus.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6A2) / Express

Resource Hash

b76b1799684ce87e0459eccd835231c4e73d5a06b76159737c97df3850d775c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 5537556
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21774
last-modified: Thu, 12 May 2022 16:43:58 GMT
server: ECS (sgb/C6A2)
x-frame-options: SAMEORIGIN
x-varnish: 574374888 574319839
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 Cop-car.jpg
townsquare.media/site/67/files/2019/08/ 16 KB
16 KB 284ms
272ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2019/08/Cop-car.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C738) / Express

Resource Hash

3dab1ac8e930ffc0d41fb71d0094ff377c18778318ea914afd4ec5ba02a2da33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 61404
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16642
last-modified: Tue, 17 May 2022 19:37:31 GMT
server: ECS (sgb/C738)
x-frame-options: SAMEORIGIN
x-varnish: 1891841135
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 St.-Cloud-Police-Seal-Logo-Stock-Image.jpg
townsquare.media/site/67/files/2017/12/ 19 KB
20 KB 284ms
273ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2017/12/St.-Cloud-Police-Seal-Logo-Stock-Image.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C73B) / Express

Resource Hash

88144b35c1a7f718614b813d0b4445097021a4146bb319c60973587baee3dd58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 5170554
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19930
last-modified: Mon, 06 Jun 2022 15:26:16 GMT
server: ECS (sgb/C73B)
x-frame-options: SAMEORIGIN
x-varnish: 529007968
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 attachment-waterfowl-hunting-Andrew-Schmitt.jpg
townsquare.media/site/67/files/2022/08/ 11 KB
11 KB 284ms
273ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2022/08/attachment-waterfowl-hunting-Andrew-Schmitt.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C7BB) / Express

Resource Hash

8538ced40c5158724d63081885ce0b412df9b2bb7309b9c5b4f219496cbbbece

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 69162
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10900
last-modified: Thu, 04 Aug 2022 17:16:51 GMT
server: ECS (sgb/C7BB)
x-frame-options: SAMEORIGIN
x-varnish: 592860699 592752909
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H2 200 attachment-Ezayah-Gomez-Oropeza.jpg
townsquare.media/site/67/files/2021/09/ 6 KB
6 KB 531ms
521ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2021/09/attachment-Ezayah-Gomez-Oropeza.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C717) / Express

Resource Hash

6c0f61b807391beed1e5cfd5c87828f90c4cdc9c8429b85fe3b7202c1309dda9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 72166
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 5915
last-modified: Thu, 30 Sep 2021 20:01:55 GMT
server: ECS (sgb/C717)
x-frame-options: SAMEORIGIN
x-varnish: 1889317632 1889091427
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 Becker-City-Hall-1.jpg
townsquare.media/site/67/files/2014/08/ 17 KB
17 KB 522ms
512ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2014/08/Becker-City-Hall-1.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C726) / Express

Resource Hash

49d510f483c7574786a60ca57a3efaa3d6ee32159fc83560d974495f27dac16b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 1373782
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17071
last-modified: Mon, 23 May 2022 23:37:52 GMT
server: ECS (sgb/C726)
x-frame-options: SAMEORIGIN
x-varnish: 1320417617 1319432600
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 Central-Minnesota-Community-Foundation.jpg
townsquare.media/site/67/files/2015/08/ 13 KB
13 KB 531ms
520ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2015/08/Central-Minnesota-Community-Foundation.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6E6) / Express

Resource Hash

38443763f148404855985829991c01d7b563216cc67dced08480166971d20852

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 1868595
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13160
last-modified: Thu, 14 Jul 2022 21:20:56 GMT
server: ECS (sgb/C6E6)
x-frame-options: SAMEORIGIN
x-varnish: 2134952043 2134605729
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-MNCRIME-on-Tiktok.jpg
townsquare.media/site/65/files/2022/08/ 54 KB
54 KB 523ms
514ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/65/files/2022/08/attachment-MNCRIME-on-Tiktok.jpg?w=980&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C68E) / Express

Resource Hash

5ae3bec9fa243546aff382802930045bb9c0316b0594dd633358864e9fd265c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 49151
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 55340
last-modified: Thu, 04 Aug 2022 20:23:03 GMT
server: ECS (sgb/C68E)
x-frame-options: SAMEORIGIN
x-varnish: 1894887346
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 Paul-Shea-2019.jpg
townsquare.media/site/715/files/2019/08/ 20 KB
20 KB 522ms
514ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/715/files/2019/08/Paul-Shea-2019.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74E) / Express

Resource Hash

8faa8d2bb4b6858fff3a38ebe4cfa92015a0dc304323f13f7896043046dc3392

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21402870
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 20110
last-modified: Mon, 26 Aug 2019 19:47:51 GMT
server: ECS (sgb/C74E)
x-frame-options: SAMEORIGIN
x-varnish: 937644957
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-Image-Credit-%252540RebsBrannon-via-Twitter-and-Canva.jpg
townsquare.media/site/65/files/2022/08/ 105 KB
105 KB 528ms
520ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/65/files/2022/08/attachment-Image-Credit-%252540RebsBrannon-via-Twitter-and-Canva.jpg?w=980&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6EA) / Express

Resource Hash

53a37f4272f74fe430cb0ea41f8f166ae841f9ec18da1ef740f00c850162c201

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 55632
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-tim
x-ua-device: desktop
x-device: desktop
content-length: 107027
last-modified: Thu, 04 Aug 2022 20:47:48 GMT
server: ECS (sgb/C6EA)
x-frame-options: SAMEORIGIN
x-varnish: 596220840
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-Benton-County-Fair.jpg
townsquare.media/site/67/files/2022/07/ 215 KB
215 KB 528ms
520ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2022/07/attachment-Benton-County-Fair.jpg?w=980&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C726) / Express

Resource Hash

2185b597a9c8794e258668699236ee2da1d47b817829c75daf6748bf7b98bf87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 354443
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 220194
last-modified: Fri, 29 Jul 2022 16:00:20 GMT
server: ECS (sgb/C726)
x-frame-options: SAMEORIGIN
x-varnish: 532947618
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-Pantowners1go.jpg
townsquare.media/site/65/files/2021/08/ 103 KB
103 KB 952ms
945ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/65/files/2021/08/attachment-Pantowners1go.jpg?w=980&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6BE) / Express

Resource Hash

341202151390a19c9fb07fc82bde7f6fcd2dc14dde42bfb6eb28ffaa57058ed4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 83758
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 105489
last-modified: Fri, 13 Aug 2021 13:12:36 GMT
server: ECS (sgb/C6BE)
x-frame-options: SAMEORIGIN
x-varnish: 1886265884
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 88ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1802391-1&cid=1536035086.1659702610&jid=1249704485&gjid=711985683&_gid=1066345384.1659702610&_u=6GBAgAADAAAAAE~&z=1877957151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 82ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19109753-1&cid=1536035086.1659702610&jid=475236474&gjid=410610581&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=1797307357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 72ms
26ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1802430-4&cid=1536035086.1659702610&jid=2126773152&gjid=1021943310&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=1588892985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 70ms
30ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28825804-2&cid=1536035086.1659702610&jid=1068132744&gjid=2050095553&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=1737742147

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 61ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45260060-1&cid=1536035086.1659702610&jid=1275966621&gjid=1212261206&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=1497654457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 58ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45260060-8&cid=1536035086.1659702610&jid=1188293482&gjid=34973148&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=182780828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 51ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-180756957-12&cid=1536035086.1659702610&jid=1272882401&gjid=1074883959&_gid=1066345384.1659702610&_u=6GDAgAADAAAAAE~&z=413308711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 12:30:11 GMT
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 75ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgAAD~&jid=1249704485&gjid=711985683&cid=1536035086.1659702610&tid=UA-1802391-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=3479211

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=475236474&gjid=410610581&cid=1536035086.1659702610&tid=UA-19109753-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=513302775

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 71ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=2126773152&gjid=1021943310&cid=1536035086.1659702610&tid=UA-1802430-4&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=659882612

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 72ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1068132744&gjid=2050095553&cid=1536035086.1659702610&tid=UA-28825804-2&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=124000794

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 73ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1275966621&gjid=1212261206&cid=1536035086.1659702610&tid=UA-45260060-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=1818507350

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1188293482&gjid=34973148&cid=1536035086.1659702610&tid=UA-45260060-8&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=319683356

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=pageview&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAgAADAAAAAE~&jid=1272882401&gjid=1074883959&cid=1536035086.1659702610&tid=UA-180756957-12&_gid=1066345384.1659702610&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Wed%20Oct%2025%202017&cd6=13%3A013&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&did=i5iSjo&z=711320284

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cogitoergosum Show response
wjon.com/rest/high/api/ 22 B
89 B 136ms
136ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Fri, 05 Aug 2022 12:30:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
28ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=535353080&t=event&_s=1&dl=https%3A%2F%2Fwjon.com%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=2064461203&gjid=1728371194&cid=1536035086.1659702610&tid=UA-115003007-7&_gid=1066345384.1659702610&_r=1&_slc=1&did=i5iSjo&z=1816678303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-48.cb96b60da7652134f6e0.1658519812594.js Show response
wjon.com/public/dist/chunks/ 767 B
848 B 22ms
21ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-48.cb96b60da7652134f6e0.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

a1cc951bbf1cff8818110958a4bcad1f7c3e5d66062e34fd4df8a6d92c023e62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 varnish
age: 72092
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 767
last-modified: Mon, 25 Jul 2022 16:26:28 GMT
server: ECS (frb/6738)
etag: W/"2ff-182362e6e5c"
x-frame-options: SAMEORIGIN
x-varnish: 592036917 592018117
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:10 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 245 KB
83 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e519439f613586c5cdd80c298dd87bb3c935d2df7249fbf5d23877ba77ba1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84929
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 14:40:07 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame D0E2 2 KB
2 KB 106ms
59ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=TSStCloud&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwjon.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c36e2cbe5880bff429a31bcdc12857fe11c3c61ceb1235092a44f45e9e050194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 05 Aug 2022 12:30:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 738 B
507 B 54ms
19ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_1?le=scs

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccc5ce3dda14e5a957397b0ff40d24b9ea61ed15b6570b4259e5db55733414b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 481
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 19:38:13 GMT

GET
H2 200 vert Show response
scorestream.com/widgets/scoreboards/ Frame AD0C 20 KB
5 KB 709ms
200ms Document
text/html 54.69.95.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.95.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-95-91.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 5c8cfcb7a6160dbd01532bca31557b3d5c8c0fb4f79cb7b6a493c90df429de9c

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 12:30:12 GMT
etag: W/"4e43-MnXgSr2YZSvFh/DSG3v7B71LoDM"
vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
112 B 85ms
83ms XHR
application/octet-stream 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 google
server: nginx
content-type: application/octet-stream
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 32

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
837 B 294ms
148ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22778ce4d1667c7fa%22%3A%22810bf2d7e35a61283050%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%7D&ref=https%3A%2F%2Fwjon.com%2F&s=0001dd6b-972e-451e-912b-1546a8975c17&pv=63231130-c8f4-4658-871a-8db9703708dd&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

b9cb9134004236cb1c1ab66f145cbe06187d1743e3c716f6a472eae40ade9b89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-36
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
444 B 186ms
185ms XHR
text/plain 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=wjon.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: HKB77qV9rRcCwZuqIuqVHh5Y8nI6k4niz232V3atrJSxdnmhLAr6nw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 29ms
29ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b5658185-0935-4c59-a04d-39010cfaf347
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 10 KB
6 KB 198ms
197ms XHR
application/json 34.241.55.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1659702611965&to=0&aun=tsm-ad-300b&pv=f9b3cefb-554b-4fd0-83bb-a69553520631&maxw=300&maxh=600&si=9150&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwjon.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwjon.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.55.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa0b417c78ec3adfb1f1c0c1fc70dda4ffbfebb35841e50edd55d5b1280dfdc7

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 65ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwjon.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=be1a30e3-2076-46c2-9e6d-19fd18a3c8d6&nocache=1659702611966&aus=300x250%2C300x600&divids=tsm-ad-300b&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b5bd11545de6ded7576a6bbf64d62a4e819d45416bb0dc20b714fd399f2b6033

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 108ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 21ms
20ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://wjon.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 29ms
29ms XHR
application/json 3.121.8.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221905c0fe-09e2-45de-aaf7-99170794d621%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1659702611968%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2293b1ba392853da5%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%2293b1ba392853da5%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%22be1a30e3-2076-46c2-9e6d-19fd18a3c8d6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2293b1ba392853da5%22%2C%22bidderRequestId%22%3A%22924fb4dba90df93%22%2C%22auctionId%22%3A%2274320904-4358-448d-a0bb-94708162c32a%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwjon.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.8.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-8-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
384 B 223ms
129ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 136ms
135ms XHR
application/json 3.120.106.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwjon.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.106.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-106-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

909a0c461a47bd72d08284ac8616c5b627702a42a643c2d30cbfe5af6c58d5cd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
accept-ch: sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1406
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
709 B 62ms
62ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-300b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=be1a30e3-2076-46c2-9e6d-19fd18a3c8d6&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3475613364543577
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ec88c0928715c9c3309d5b9ed982b5c733ec50d78c242beae4275383f0f66875

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
568 B 82ms
44ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221002ac7dc3499df%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwjon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22101bc8827c9a342c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e612ea96f2322f5c13c38dd2cfab4269fa97c19e69a7797a21040bb772b6481

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtWFuxKQFquNU28W76vU%2FFSUXHtPl1KSZXrzqUhE2QNm3RhdxS2GvvGeKb56Udg1vzUhz61aCE%2FwLd42%2FE%2Bzg3SfVrj7m1WdWOkCJNpvUTc%2F4oTuMUDDONM1eqSNcmrN20zhKaby"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://wjon.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 735f8aed1d9d9280-FRA
expires: 0

POST
H2 200 cogitoergosum Show response
wjon.com/rest/high/api/ 22 B
135 B 124ms
123ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
709 B 54ms
54ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836992&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwjon.com%2F&kw=tsm-ad-300c&tk_flint=pbjs_lite_v6.9.0&x_source.tid=9e8412df-7184-426f-8935-6519b6e887fe&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3796605962963189
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 70624b7d9196481f82130a808cd76b93ad9bb6a53dc67332b7e341b86126ba4d

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 54ms
32ms XHR
application/json 3.121.8.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221905c0fe-09e2-45de-aaf7-99170794d621%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1659702611986%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2210562fed4a985bbd%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%2210562fed4a985bbd%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%229e8412df-7184-426f-8935-6519b6e887fe%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2210562fed4a985bbd%22%2C%22bidderRequestId%22%3A%22104dd6b24b73607f%22%2C%22auctionId%22%3A%22645fb769-c7a5-422f-a2aa-c1e2bf55200e%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwjon.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.8.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-8-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 38 B
607 B 58ms
41ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272478&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22106825a987b9e6f6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwjon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22107080badd15f22e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 596f85f51fc5353f72dd5f98c5bf7b1ef9fbb54b3c3608762f821795d0808bc5

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h24LO2zNnr%2F5KnIKX5TzhglX9KhWsKvdgAjVUlQfEbjie4cXTCD3cpw3vG1FrkfvMMCfNar7DE3nF7RRWW%2BNVr2jSYfK0kjnAtnzhntPXTCy8ZzHvtcI%2BbQRWRW%2F%2FZnGf3I%2Ff5dv"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://wjon.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 735f8aed1d9f9280-FRA
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
202 B 674ms
604ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Aug 2022 12:30:11 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 auction Show response
tlx.3lift.com/header/ 14 KB
5 KB 78ms
58ms XHR
application/json 3.120.106.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwjon.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.106.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-106-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1fe2a6d02c36144cda53b82687f6b7a50f7b2c8cac068575d9aadd43fe140a29

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
accept-ch: sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 5069
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
317 B 54ms
34ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0aa01841adb60bd01d0c2a8fa5901e9f0fab2e99aa7633648dbd3233c9a33fe2

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 35ms
15ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://wjon.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 47ms
31ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9d224061-fbd5-47d7-accb-9b9598cb12f5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 815 B
829 B 120ms
105ms XHR
application/json 34.241.55.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1659702611998&to=0&aun=tsm-ad-300c&pv=f9b3cefb-554b-4fd0-83bb-a69553520631&maxw=300&maxh=600&si=9151&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwjon.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwjon.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.55.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-55-221.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d835d583daf956b92e41bcf421fed751423c51cf65c7fb17f0d39a458b81e638

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wjon.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ 0
445 B 201ms
186ms XHR
text/plain 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=wjon.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:11 GMT
via: 1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
x-amz-cf-id: VPRKnkDh8D7rs2HIsqjXkjAQaqAmP9FkxrniZiO66NG-YsDqqDDjDA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 48ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwjon.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e8412df-7184-426f-8935-6519b6e887fe&nocache=1659702612000&aus=300x250%2C300x600&divids=tsm-ad-300c&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: dd9329ddc3b3b5a00a3b5bd6a7faef6646a0439bfe673c399b583c58a17b2ad1

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://wjon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 73ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=wjon.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=32&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
724 B 293ms
114ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22129168d1944553a4%22%3A%227fbd8d4749c511640249%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Fhome%22%7D&ref=https%3A%2F%2Fwjon.com%2F&s=38bc60c2-4f10-4732-83f4-a28d616627b2&pv=63231130-c8f4-4658-871a-8db9703708dd&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

2d746beced6cff4b4689a5fd5df52f5e588e9ec7f3bb9c6ee41d54ea62543b6d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-35
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://wjon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 value_connection_sticker.jpg
townsquare.media/site/70/files/2010/11/ 7 KB
7 KB 735ms
725ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/70/files/2010/11/value_connection_sticker.jpg

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6FC) / Express

Resource Hash

ac35d7842f09558aa2344daecb63c97ce37427b3de11cecfd64881f2f0271e23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 13845286
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 6805
last-modified: Wed, 02 Oct 2019 23:14:03 GMT
server: ECS (sgb/C6FC)
x-frame-options: SAMEORIGIN
x-varnish: 837607359
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 /
townsquare.media/site/67/files/2021/11/attachment-wjonam-alexacard-big.jpg/ 6 KB
6 KB 734ms
724ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2021/11/attachment-wjonam-alexacard-big.jpg/?w=100

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C74D) / Express

Resource Hash

137c8b2e482309d0973779ba70b248d1e177ad1bb97623b60f7642343610295e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 22699638
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 5721
last-modified: Mon, 15 Nov 2021 19:00:10 GMT
server: ECS (sgb/C74D)
x-frame-options: SAMEORIGIN
x-varnish: 924620201 924559879
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 WJON-CobornsStudio.jpg
townsquare.media/site/67/files/2019/09/ 23 KB
23 KB 734ms
725ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2019/09/WJON-CobornsStudio.jpg

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C717) / Express

Resource Hash

cb67a9aa66913dcc03b2623a7bed8c028ce285db30d97a52188a17f50da350a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21408839
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 23830
last-modified: Thu, 05 Sep 2019 19:36:27 GMT
server: ECS (sgb/C717)
x-frame-options: SAMEORIGIN
x-varnish: 933417273 932013461
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-1802391-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=160654459

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-19109753-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1652528272

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-1802430-4&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1809709641

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-28825804-2&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=646065039

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-45260060-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=334742509

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-45260060-8&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1233116795

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=2&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-180756957-12&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1763258228

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61749
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 32ms
31ms XHR
application/json 104.103.86.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.86.63 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-86-63.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "f30-5dd1830eac5d2-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
487 B 75ms
74ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwjon.com%2F&pid=QfqL1HA5fzu8h&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300b%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228fff1df4-c737-471b-8cfa-dd3c0f37e6ba%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-300b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&gdpre=1&gdprc=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: ZHG2XPKXHH5PYFX0XM8N
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Q7TrVGoWPyryefyKp81I8lDJK4B4bqmdoeZvEi1uyg2ceq4krpQKUg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 76ms
75ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwjon.com%2F&pid=QfqL1HA5fzu8h&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300c%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228fff1df4-c737-471b-8cfa-dd3c0f37e6ba%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FSt_cloud%2FWJON%2Ftsm-ad-300c%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&gdpre=1&gdprc=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: GEY3WKWEGCBS3T60CB4Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://wjon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xQgq8BxgFLwx8DDDufpjex_CLz791yyLTDHcfEfhmCtYDxKVPZtI9g==

GET
H2 204 b2
sb.scorecardresearch.com/ 0
190 B 22ms
22ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1659702610464&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=23&cs_cmp_sv=3&cs_cmp_rt=1640&c7=https%3A%2F%2Fwjon.com%2F&c8=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&c9=
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: SeDX91tuJd9jIZQCsVArVwxw_qt-wFETLS3FgWBwclEV4gdlcDQ2hg==
x-cache: Miss from cloudfront

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
114 B 55ms
55ms XHR
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://wjon.com
date: Fri, 05 Aug 2022 12:30:12 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 81 KB
25 KB 188ms
124ms Script
application/javascript 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c67bf4df9ba03a46ddb9c00560b633602cec438362154d4cb081adc94dc1e5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 19:02:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "02b1c8548d0cc3e94b8c098b137c7028"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
content-length: 25483
x-amz-cf-id: iZ4e_IBaGjB4mQ9QPie_0pSulB-wLUOV2kX7sjfaNMEyOk_9dlaGxA==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 348ms
31ms Script
text/javascript 2.20.73.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.73.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-73-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding: br
last-modified: Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id: MPYD45708FXH0BZ4
etag: "f92f25ba5af332861dc8cea3da5eb278"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Fri, 05 Aug 2022 12:30:12 GMT
accept-ranges: bytes
content-length: 4779
x-amz-id-2: 0kqKFaqCblwMouM3PrM7kapg6LYD+SBz8wxEHs0o62VTjxw0lqFciVtkmuSjkYK70NJzdU0AFIs=

GET
H2 200 hotjar-1749163.js Show response
static.hotjar.com/c/ 5 KB
3 KB 109ms
47ms Script
application/javascript 13.32.121.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1749163.js?sv=6

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-54.fra60.r.cloudfront.net

Software

Resource Hash

13fd31d11f6fc66eef2968cca54dba808cbb4ce9afd8069fbbfd22f903934957

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA60-P1
etag: W/4c96dfaaeffc422cd4fa9eeb7fd5ef34
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: eHZ6QSFe0fDnhZ-TH4i9S6AAi8yzKXOXNrBaO2v6F1wVdwoNB07pfA==
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)

GET
H2 200 Jay-Caldwell-500x500.jpg
townsquare.media/site/911/files/2017/07/ 16 KB
16 KB 577ms
575ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/911/files/2017/07/Jay-Caldwell-500x500.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6A1) / Express

Resource Hash

e6d7a3551d20da4e39ea31123baccf88da01f4225afec7fd9031964c44992352

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21405452
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16596
last-modified: Thu, 12 Sep 2019 02:34:49 GMT
server: ECS (sgb/C6A1)
x-frame-options: SAMEORIGIN
x-varnish: 932706990
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-FAVORITE-2021.jpg
townsquare.media/site/65/files/2021/07/ 13 KB
13 KB 577ms
576ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/65/files/2021/07/attachment-FAVORITE-2021.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C68E) / Express

Resource Hash

1fbd59c274441ecdcbab333b35533ddf3b9639157872845a712984fc17db6a24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 1951999
x-powered-by: Express
x-us-region-source: AL
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13351
last-modified: Tue, 13 Jul 2021 22:10:25 GMT
server: ECS (sgb/C68E)
x-frame-options: SAMEORIGIN
x-varnish: 2115363823
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 dave_overlund_300x300.jpg
townsquare.media/site/70/files/2020/01/ 18 KB
18 KB 579ms
578ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/70/files/2020/01/dave_overlund_300x300.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C724) / Express

Resource Hash

27c16bcf28a10023178e260f7158baad9af17c90594d48874d63442d0c480a6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21408770
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 18650
last-modified: Fri, 24 Jan 2020 18:48:45 GMT
server: ECS (sgb/C724)
x-frame-options: SAMEORIGIN
x-varnish: 933417236 932028446
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 Lee.jpg
townsquare.media/site/67/files/2012/11/ 25 KB
26 KB 579ms
577ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2012/11/Lee.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C714) / Express

Resource Hash

54d0924ee7352e8b719b1ea6b3285527a10f7e19b5952a4af2a4edfe27d55e1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21406408
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 26103
last-modified: Tue, 24 Sep 2019 17:38:55 GMT
server: ECS (sgb/C714)
x-frame-options: SAMEORIGIN
x-varnish: 932512747
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 Alex-Svejkovsky-500x500.jpg
townsquare.media/site/67/files/2018/03/ 18 KB
18 KB 578ms
577ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2018/03/Alex-Svejkovsky-500x500.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C726) / Express

Resource Hash

1a129929706092981e0fa0aed0ced2406e79818d9f3dedd2da40322d4bc3accf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 21405556
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 18133
last-modified: Mon, 16 Sep 2019 16:48:35 GMT
server: ECS (sgb/C726)
x-frame-options: SAMEORIGIN
x-varnish: 937125254
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-Jeff-McMahon.jpg
townsquare.media/site/67/files/2022/04/ 13 KB
13 KB 577ms
576ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2022/04/attachment-Jeff-McMahon.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C714) / Express

Resource Hash

78dfbec7dcc7e9b064d139555fd1d11c7b568d6d8676db07bfe6f686c0f26599

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 9041399
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 12891
last-modified: Mon, 25 Apr 2022 09:32:31 GMT
server: ECS (sgb/C714)
x-frame-options: SAMEORIGIN
x-varnish: 510691502 476142818
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 attachment-Sarah-Mueller.jpg
townsquare.media/site/67/files/2021/07/ 12 KB
12 KB 580ms
579ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2021/07/attachment-Sarah-Mueller.jpg?w=300&q=75

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6A3) / Express

Resource Hash

6138dbae4ed7a6b83648a06459c2d00917e7d8f4b06ecbced62b92c4777a0e34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:12 GMT
via: 1.1 varnish
age: 13419398
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 12605
last-modified: Tue, 06 Jul 2021 23:09:32 GMT
server: ECS (sgb/C6A3)
x-frame-options: SAMEORIGIN
x-varnish: 912536416
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 05 Aug 2022 12:30:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 98ms
44ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19109753-1&cid=1536035086.1659702610&jid=475236474&_u=6GDAgAADAAAAAE~&z=1165507180

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 100ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19109753-1&cid=1536035086.1659702610&jid=475236474&_u=6GDAgAADAAAAAE~&z=1165507180

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html Show response
platform.twitter.com/widgets/ Frame E7E1 40 KB
15 KB 24ms
18ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 141417
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15049
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Aug 2022 12:30:12 GMT
Etag: "4226f50dc1d4b20c6bd89627506eabf4+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:07 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
379 B 135ms
128ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwjon.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22WJON_News%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1659702612237%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f3916a8a955575257a3de6e60977853f9db2a183

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Fri, 05 Aug 2022 12:30:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 93b66a6b8421846821f6d3b7c28be4b6a9f2fe3631a4636cd419c26b6b5f932e
x-transaction: dc18b656003c42c2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame D0E2 38 KB
6 KB 65ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=TSStCloud&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwjon.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=TSStCloud&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwjon.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 12:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 31 Jul 2023 12:59:27 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame D0E2 252 KB
72 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=TSStCloud&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwjon.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 23:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Aug 2023 23:27:38 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 7316 566 B
899 B 320ms
67ms Document
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwjon.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73d6cabc4d1aaf1e303e4333cc4b6f52d9f648ddf58153736c935315409be618

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-74IAhTt6qslmoC_-aPlaEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-74IAhTt6qslmoC_-aPlaEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 12:30:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame D0E2 156 B
179 B 21ms
20ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 22:55:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 308110
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 22:55:02 GMT

GET
H2 200 modules.0e32ccb9bfd67090f5ca.js Show response
script.hotjar.com/ 249 KB
64 KB 229ms
23ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72725
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64991
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 16:17:15 GMT
etag: "1c50abd15784ee393d3fe4003e188eef"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5yu7zaLmehQGWQw0elWDZjd6FBBMx0CB_fZs1VGK8pDehEewyMWMXQ==

GET
DATA 200
OK truncated
/ Frame E7E1 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d2pvbi5jb20= Show response
static.solutionshindsight.net/assets/ 2 KB
1 KB 474ms
432ms Fetch
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/d2pvbi5jb20=
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f87eace9cdf7d7263d025dbde727d623f69e45fd0aca94dc5b9eeb3c48d74af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"092fa5d38a2ba99690b50dd11e1c2767"
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 15:31:48 GMT
server: AmazonS3
date: Fri, 05 Aug 2022 12:30:14 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: U8HRu4hBOzappfnELNLGecfAWm8Q_LyTiECPjN01moTNszovItshzw==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ Frame D0E2 128 KB
42 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e221278f830690a97288800fa8740a3022cb1c142f0ad7e8a1f93705fb92a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 05:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42670
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 05:32:24 GMT

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame D471 2 KB
1 KB 83ms
22ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 340925
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id: asVvHnWuR9-6bINleqKkN08LWNCtNuHRAV3grD_V-zlYcK6vudbKkA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
38 KB 147ms
68ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56c52f5aa7efe1208d91b55ebb58e6f1267ab781cb8f6afaa3c7790d9c453226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38666
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AD0C 5 KB
633 B 88ms
36ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 11:00:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AD0C 10 KB
754 B 88ms
37ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,300,800,400

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db5977ed25a210e8c5b358febc00d828443173567e530ffeac3320cc10742e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 12:30:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AD0C 672 B
360 B 88ms
36ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09c57c1fa6f8e1339edeb5e8a763182f3ea2c866903f5cf8fa51f11ea21c5ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 11:40:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame AD0C 23 KB
6 KB 76ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 13660081
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cf-ray: 735f8af26c829a17-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sweet-alert.min.css
cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/ Frame AD0C 9 KB
2 KB 96ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/sweet-alert.min.css

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01223964fea2b7a74d6818a44c00c1ce4fb57ba04206ac6ab89666761ec462ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10045095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1587
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-22bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uz6fL3cfR6AWLTTieTo2HKnBOPbabdS%2FCAu79s5icMePD83BVDoTTyDxeZoX2DWmceQiYa0x52ayS9gvlztvdi8cABcsLlZk9olN7VbhHbrLIIqMaVOS5ftpDPuNvWt%2FuCHAE4U%2B6BeOUMMBM4palL%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fb39124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H/1.1 200
OK vert.css
cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/ Frame AD0C 77 KB
9 KB 812ms
205ms Stylesheet
text/css 52.218.238.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/vert.css?v=59
Requested by: Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.238.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2819cabffa3543dd98ce4506e5f93cfee2ddeb97d7125dfbad735b927ef402f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 21:03:15 GMT
Server: AmazonS3
x-amz-request-id: 3J4E9G7ZJPQYFETW
ETag: "99ef750eeadd7f79ff89a2143e9a9244"
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, no-transform, public
Accept-Ranges: bytes
Content-Length: 9237
x-amz-id-2: gocr9v6066aK5S/SidqlhiL+s9F04Rzj/h9DpY2gVQqL9HAGm6uLm0V0SdaG+eoLeO1Yj4I/LwA=

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame AD0C 83 KB
28 KB 67ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28612
x-xss-protection: 0
server: sffe
etag: "1294 / 63 of 1000 / last-modified: 1659697702"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ Frame AD0C 82 KB
26 KB 81ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7907630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftuDA%2FsURdx%2FhfBpfiIlm4YHK9%2FDKiY1fi1qrSZ8Dk9WE0olUbA0q2Q9dlAlL2bvmfx9bWJ%2BX%2Fu4pvnyTmXgH3FewK0xPK1OagQXNhNLF2F6dRsJLbae%2BBKXWljeRZwyVdXI89qDwvA5hAmSmz0mqbxe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fb59124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ Frame AD0C 1 KB
1 KB 97ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2554796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfAocWu3RTBN6Ab8gQ3G3B5wRIejTFNxWfUGY%2F9M4QMNTOGBM8PJ%2B7zZUCT4YLS8yFtT6xaWpL4sTZwryDFRgRCBSnasXOb9KDfhj4QRG8nmvnnAI%2Fh0XYgaSlHpTRlZp9Rgr2CzxJBy0Stx0pT1Kdju"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fb89124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 async.min.js Show response
cdnjs.cloudflare.com/ajax/libs/async/0.9.0/ Frame AD0C 12 KB
4 KB 98ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/async/0.9.0/async.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0daa37303ae9cf4bfbbdc1e84b61f4b4775255b4ad06676165282b2cfc2d31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7906881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3380
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:05:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d5e-2f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqSbbc%2BHpafV8ns%2FPwD0jOS7mB8DDVfrmiOQsfj6YQTTcHL13pHO6TDbNVJdv3KU4adJ9tZN8aXBGTcK914pIODOXNEe7aFonVYDW4bjMThoiqe%2B2SeqK1mtSTnfqZdrW0NhFbJZ5yEM9vxvNVuqFZev"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fbd9124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 lodash.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.1/ Frame AD0C 49 KB
17 KB 78ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.1/lodash.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10404096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16747
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-c56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2Wpvpf5lexJ7ka9D3u7Pv1SSRj2KUDwCxu%2BYpUa52k9NC1BjzF9prKmsALtwm6M60O4G4uS7StLIn3TfdCHq0R6nuz4gGSKrfOQ66bprfm6g3HqDKudGoPXNrisSvgfs6vbfN%2BwntI4xvShQ9wftQbl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fbc9124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 dust-core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dustjs-linkedin/2.7.2/ Frame AD0C 13 KB
4 KB 99ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dustjs-linkedin/2.7.2/dust-core.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3dbf29d5bf5c976b5652a505617a6867d0e1c240d7824fb5ffd48585ea5e31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10431141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3820
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-328d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V8OiET9oeBWhUgJAjxTbucgsBsgaQQAyRLTW6Drv6GgwfwKzGQzNekzhW0eQjg6HbwAhP44tIg9iW%2Fde4OMELFG0rC%2FuWefFjrEMNlsczN7Es06cxij9C6NfgP8ovgs8peoeqAm2QfixHMjrPMOZYHl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af29fe19124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 dust-helpers.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dustjs-helpers/1.7.1/ Frame AD0C 5 KB
2 KB 83ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dustjs-helpers/1.7.1/dust-helpers.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01f4bcb4a73433cc805e774f38b19ef6c6c52b551ac1fe857dd8a9d5795385e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4985844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-1216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGjVHkCE4BWXGjG7GuTxPQHddMCaCo8OUxzwDFFMmifxLVPCtnMh0NnTYiCqEqkVKtXaZmKsxehIMSBJwXyaOUuqPW8gZM1KLDo0f01sO6Sp5m2Lr1xszj%2F5x4MSKAvZIZmVtG7xtjHbFPBnkNgYXxjI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fc09124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/ Frame AD0C 34 KB
11 KB 83ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2426326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-8684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBbTbfDP51VJAOZOStuVmwzGND%2BRFkq7oWWtK285vABVC%2FbXg1XqBJ1pilIT0SeBLcym%2BK7POlWgl3fAxn6Alxab98YQzxTd08pXBq%2BIIvTwKQ0FfKyyHmyZh%2FIvxtfr7CS0YShctBPbnezRP1nANesz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fc19124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H2 200 sweet-alert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/ Frame AD0C 10 KB
3 KB 78ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/sweet-alert.min.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3d3481cf65d3f3dde8454f7e67ee233cb619a671f43f63dd982ed08fdfd4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5584481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3239
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-28b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m17OBXPkPLSnSzDvn6MwhHhAJPTcMbvW5ON0KDQ1imw12B6hqbir%2F3KxkJc0ahXuYK3lt47oRyNOGUMg56oLw1MO6bPmgvy4Lmy9ayaCVxcmKnKMci15BgylOf1%2BZNq5Kl3NU7uhyFXxI6Uq10NFxYr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735f8af27fc39124-FRA
expires: Wed, 26 Jul 2023 12:30:12 GMT

GET
H/1.1 200
OK vertBundle.js Show response
cdn-scorestream-com.s3.amazonaws.com/cdn/js/bundles/ Frame AD0C 203 KB
43 KB 843ms
216ms Script
application/javascript 52.218.238.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/js/bundles/vertBundle.js?v=59
Requested by: Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.238.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25244db9dc268beeb125b8deb6048471478d65ca733d1cdfab896fd303783a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 21:59:10 GMT
Server: AmazonS3
x-amz-request-id: 3J476EBJ4AQVH8DS
ETag: "0cdb364bcdeeeac5c67f23c873f76193"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, no-transform, public
Accept-Ranges: bytes
Content-Length: 43434
x-amz-id-2: fq76YV5YSC2Fkgc4NetKa1P92bATebIyDfwNVIyGmmKSoiQ5mtqGWVK56XKWHOcXFClgYzU2J1M=

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 28 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_2?le=scs

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66147a24f7c599deddc3049b8ba82ebac44ae95bcf58b2c03fe9084caa4171eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9438
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 19:24:14 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 7316 0
20 B 74ms
31ms Other
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sgsBxT1SuuoEtEevzAyqbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwjon.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:12 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-sgsBxT1SuuoEtEevzAyqbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 7316 10 KB
5 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwjon.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 12:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 02:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 12:35:01 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 7316 14 KB
5 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e69f9c2675ff3ee0eb3f023045d9075323d97fbfa682c13cc718de5eaaac5ec

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5574
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 05 Aug 2022 12:30:12 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "1d611bb1123a30fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H3 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AD0C 381 KB
130 KB 73ms
34ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Aug 2023 08:15:06 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame ADF6 604 B
298 B 59ms
58ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCt03ChdBxjIeStQWVfd-K7A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

833943685394d1e8072ee4d6a517c70d7984c98ad19030ed2a32df17d755e953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 05 Aug 2022 12:30:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
101 B 29ms
23ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 235824
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 18:59:49 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
575 B 27ms
22ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 235824
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 18:59:49 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
409 B 32ms
31ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:32:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 197855
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Aug 2023 05:32:38 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
214 B 26ms
24ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 231439
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 20:12:54 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
207 B 29ms
28ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 159934
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Aug 2023 16:04:39 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1749163/ 147 B
322 B 164ms
50ms XHR
application/json 54.74.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1749163/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.193.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-193-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1749163 Show response
vc.hotjar.io/sessions/ 0
258 B 127ms
48ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1749163?s=0.25&r=0.05992681385368703
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:13 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: m13IqK-Xscw9WxxrWv_RJqSZeWU0e3CP5dEE_8L2ufDRzMbDykhYuQ==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ Frame 7316 53 KB
19 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3bf40d3b366fae0cfadcef7591f8b8d3fdfc41c2d272c3e5e1c8d7af23e183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19031
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 19:20:21 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame ADF6 9 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCt03ChdBxjIeStQWVfd-K7A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCt03ChdBxjIeStQWVfd-K7A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 07:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 07:55:26 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame ADF6 149 KB
44 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCt03ChdBxjIeStQWVfd-K7A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gq6hJvUC8Rk.O%2Fd%3D1%2Frs%3DAHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 07:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 07:55:26 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ Frame ADF6 128 KB
42 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e221278f830690a97288800fa8740a3022cb1c142f0ad7e8a1f93705fb92a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 05:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42670
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 05:32:24 GMT

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
569 B 331ms
330ms Script
application/javascript 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:14 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 19:02:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "65d0e6b4f69d00d7dd7883f40aaccd1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
content-length: 190
x-amz-cf-id: qpzoYaJrZgl086DdzFgW5QqgmmYRadFgy8TTg9ZkR53p-nlq85kVGQ==

GET
H2 200 tag Show response
btloader.com/ 49 KB
12 KB 86ms
30ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceefb7f24ad304b648086c357ddb865b5485fb6ea69b6a329a5947e2a92b590d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2886
content-length: 12012
last-modified: Fri, 05 Aug 2022 11:39:15 GMT
server: cloudflare
etag: "ee3e1bc673748b8dedbcb714f43d5db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vvrf0UE%2BLxiwxolnOA%2FjvTtwKCRqoTqiciZf9Vg2h9lb78Bpj5ynbYeAPGy7DkJRsIyLzvln4kPdz2LbOSN96ox8Pj%2Bc5mBE2FMWa9lEVAr%2BSNAyjBMQPeKsWxGey%2BskFRWv4rR0YoqnXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 735f8af4cdb89162-FRA

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24

5 B
231 B

156ms
146ms

Script
text/html

2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 735f8af79ede5c7a-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Fri, 05 Aug 2022 12:30:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WJONAM&ncv=24
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 735f8af4da425c7a-FRA

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

5 B
144 B

155ms
147ms

Script
text/html

2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 735f8af79ee45c7a-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Fri, 05 Aug 2022 12:30:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 735f8af4da435c7a-FRA

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 252ms
251ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C6EA) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 80097
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:20 GMT
server: ECS (sgb/C6EA)
etag: W/"e26f-17880ae7579"
x-frame-options: SAMEORIGIN
x-varnish: 1887136919 1887136914
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:12 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 23ms
22ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 07:54:42 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 29765
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 6G6Ky6QBXe7XRDZ3tLsoXCb7Y--T_IQd23wjuU31xqvKZ_b47_0zdA==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
944 B 85ms
27ms Image
image/gif 2a06:98c1:3123:a000::d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3123:a000::d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Fri, 05 Aug 2022 12:30:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2036399
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Hd%2B5WlD%2FpBGaFhYMmzmpMGFE6ltpCLueXYyBznK%2FwU%2BKIcKpH1KdgvagdZgHxYTYQT7JbPK5TP6z1XDDBLTDMbRXNc5OgJ0%2BJfA2pK3clddbthY%2BDBXdr5dacgRdFYaqE%2BVmhPyfjuhMqp30A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 735f8af55a71bba3-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 81ms
20ms Image
image/x-icon 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: wjon.com
URL: https://wjon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Aug 2022 14:28:05 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 87ms
29ms Image
image/gif 2a06:98c1:3123:a000::d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9720969486189668
Requested by: Host: wjon.com
URL: https://wjon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3123:a000::d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Fri, 05 Aug 2022 12:30:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2036399
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G7y26wNqy3xPKhn7II9G1xBF2nguhN99tYVxMYlHwgYTMfQWuYBJ4x%2FvyjkHVEgRrReIhPboBuk%2BpZFsP2SspgahJ3tuag0lYuVM0DxVBU4eF62trCpaT1TAynIpGfCNX3ydaktyp9KRM79GA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 735f8af55a72bba3-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 193ms
133ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=uUUFGDQ0&w=5668590788280320&o=5642230212591616&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwjon.com%2F&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Aug 2022 12:30:13 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AD0C 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5293
date: Fri, 05 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 05 Aug 2022 13:02:00 GMT

GET
H/1.1 200
OK horz_w211.png
cdn-scorestream-com.s3.amazonaws.com/cdn/images/logos/ Frame AD0C 3 KB
4 KB 211ms
211ms Image
image/png 52.218.238.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/images/logos/horz_w211.png
Requested by: Host: cdn-scorestream-com.s3.amazonaws.com
URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/vert.css?v=59
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.238.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed3e9452a59d26291945591545d9e6adf7e30bf7e2c7c38b444fb0f5ee81038c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/vert.css?v=59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:14 GMT
Last-Modified: Thu, 15 Jun 2017 16:35:16 GMT
Server: AmazonS3
x-amz-request-id: 3J41CHM2RX1Y5S3V
ETag: "ad41e7efdad57b77b099b4dee74261ed"
Content-Type: image/png
Cache-Control: max-age=2678400, no-transform, public
Accept-Ranges: bytes
Content-Length: 3482
x-amz-id-2: ktcbU+n3jBX7bKk2nU+oKazbDqQ0boSHTK1SGAh6EpkelymDf1qI63iHxx9RJtWdEL6MmgPC72M=

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame AD0C 44 KB
44 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300,800,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scorestream.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 307188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 23:10:25 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ Frame AD0C 55 KB
56 KB 50ms
27ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://scorestream.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 617
age: 13989175
cdn-cachedat: 2021-06-08 21:22:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 53b26d1fd90b6f9da9bea5557ae0b2ff
accept-ranges: bytes
cf-ray: 735f8af8f9e56955-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK horz_w226_v2.png
cdn-scorestream-com.s3.amazonaws.com/cdn/images/logos/ Frame AD0C 4 KB
4 KB 204ms
203ms Image
image/png 52.218.238.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/images/logos/horz_w226_v2.png
Requested by: Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.238.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa51772615cc94de5168787c8520d14b65c84a58f9716362b65a38fdcea40160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:14 GMT
Last-Modified: Thu, 15 Jun 2017 16:35:17 GMT
Server: AmazonS3
x-amz-request-id: 3J41T29WTJ8VYVWA
ETag: "a2e72401b31a3da10c4d58232f7fadb0"
Content-Type: image/png
Cache-Control: max-age=2678400, no-transform, public
Accept-Ranges: bytes
Content-Length: 3635
x-amz-id-2: yxAczjw4KPCOqt5rEFKrz36pHswWivXHGNicET+xIZ55vKAdACWRAvlzNmMZMqOEWVeFE83tG08=

GET
H/1.1 200
OK bothPlatformsNavBar.png
cdn-scorestream-com.s3.amazonaws.com/cdn/images/appStoreBadges/ Frame AD0C 1 KB
2 KB 406ms
208ms Image
image/png 52.218.238.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-scorestream-com.s3.amazonaws.com/cdn/images/appStoreBadges/bothPlatformsNavBar.png
Requested by: Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.238.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5f94a0052b94f267147776b1e5c569f5c22ce564b3cff54b56a6ea4404b7116b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Last-Modified: Thu, 19 Jan 2017 21:10:27 GMT
Server: AmazonS3
x-amz-request-id: 15NSVXGRGP1H0S7W
ETag: "3b78d8a93eaaa45329f4acac9a19c9cf"
Content-Type: image/png
Cache-Control: max-age=2678400, no-transform, public
Accept-Ranges: bytes
Content-Length: 1310
x-amz-id-2: oFfNLip9AxHIahyYk1yxZfDGAUjNgC+K/Gptdk+y+0bBF/W5ryFLhTCoVL5Zwn9I7CntOt2F/1Q=

POST
H2 200 api Show response
scorestream.com/ Frame AD0C 215 KB
24 KB 208ms
207ms XHR
application/json 54.69.95.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scorestream.com/api
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.95.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-95-91.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 2fadd621ebc70165aad8bf9eacf717db31243108ca6083804f22485566b1162d

Request headers

Accept: */*
Referer: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=23138
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:14 GMT
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type

GET
H3 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 3863 0
20 B 40ms
39ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=3584600378431041&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4fb5304c29c44%26domain%3Dwjon.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwjon.com%252Ffc277d07c985f8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2F1240WJON&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:14 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: f/r04dsLjHDumm/UNMlaPZsgCPWTmE/r/SZuzENFdh4vkdee78JYSlLvPjNISNpSWrEd4cwPOsDnG5eba+xJQg==
x-xss-protection: 0

GET
H/1.1 200
OK userWidgetLogo120818-18207-19msgqu.jtzp.jpg
s3-us-west-2.amazonaws.com/scorestream-gamepost-pictures/ Frame AD0C 19 KB
20 KB 845ms
216ms Image
image/jpeg 52.92.177.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/scorestream-gamepost-pictures/userWidgetLogo120818-18207-19msgqu.jtzp.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.177.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0b209ba44b0c66a91594f70d08631271cd73a1bf6b1742fca73fdb70adbc39fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scorestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:16 GMT
Last-Modified: Fri, 18 Sep 2020 21:55:42 GMT
Server: AmazonS3
x-amz-request-id: QEHGFG8573VCSZTS
ETag: "cfae3ed73eb7b980eed241121958fedd"
x-amz-version-id: XXc_gbujaO8HxzaZFjzq8QG4yyu_sf2W
Cache-Control: max-age=2678400, no-transform, public
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 19567
x-amz-id-2: n1Hgsi0ikxQbN+j/4fj7RsuMXdg+PluHLd/x2HZxLUxu6WK3McqOYboGrjb2stH0VgXEW5hLagc=

GET
H2 204 /
onetag-sys.com/usync/ Frame 58F0 0
0 20ms
19ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1659702612252

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A7A5 3 KB
2 KB 20ms
19ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 5751 37 B
140 B 115ms
22ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 05 Aug 2022 12:30:15 GMT

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame D9A7 9 KB
3 KB 110ms
19ms Document
text/html 2600:9000:223c:fe00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fe00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78345
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 14:44:31 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: Bd6QOUtqCNjDxvwbbnFiPL3YTE45uvhiRZGihwKUCaq8Xn71sfCkRg==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame CAFC 3 KB
1 KB 110ms
20ms Document
text/html 18.66.97.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15919
content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 08:04:57 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Mon, 01 Aug 2022 16:28:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-id: TzfVmTe8q3BVUjwA-R_5cbtzpT0qabwkEMKcwmXoeHCboNtCntDcLA==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame E8E5 9 KB
3 KB 108ms
20ms Document
text/html 2600:9000:223c:fe00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fe00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78345
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 14:44:31 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: zcc4cncPGbOL_7lnuXpLwfznOPW9n0jAbeYtc4YfSg2OyDXpxqzpUA==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9D51 15 KB
6 KB 152ms
31ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame E659 0
0 19ms
19ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1659702612254

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8605 21 KB
8 KB 122ms
61ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

190ea442c5e8271cac9eb863ab648bda12ade080cf920a97df864cd813aeee56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7834
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
expires: Sun, 07 Aug 2022 12:30:15 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 9A68 0
80 B 70ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame ACBB 0
0 22ms
19ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1659702611871

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 4F05 3 KB
1 KB 97ms
21ms Document
text/html 18.66.97.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15919
content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 08:04:57 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Mon, 01 Aug 2022 16:28:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-id: p_lHo8a89_8BC9In_C0isi6beiOKYBjZtZPJqpRmuWYdYhOPfuMUow==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 24AA 3 KB
2 KB 33ms
33ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 4EC5 37 B
139 B 94ms
23ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 05 Aug 2022 12:30:15 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame F839 3 KB
2 KB 50ms
19ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A7EB 15 KB
6 KB 136ms
32ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 026D 0
91 B 56ms
28ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 18CD 9 KB
3 KB 90ms
24ms Document
text/html 2600:9000:223c:fe00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fe00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78345
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 14:44:31 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: XYkhu-CusvtbFHaQp_MR0CNwW7cJTkatKqnGzwnOFtkTn2W5EpeNLg==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 7A2C 3 KB
1 KB 85ms
22ms Document
text/html 18.66.97.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15919
content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 08:04:57 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Mon, 01 Aug 2022 16:28:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-id: fKEgOivZjR4n9yrRdUCh5PgE3BClfgYV_5VfSauunR0_sx8eQtzhpw==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 281A 37 B
139 B 85ms
23ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 05 Aug 2022 12:30:15 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2624 281 B
554 B 79ms
23ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4C66 21 KB
8 KB 102ms
63ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

190ea442c5e8271cac9eb863ab648bda12ade080cf920a97df864cd813aeee56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7834
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
expires: Sun, 07 Aug 2022 12:30:15 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4433 15 KB
6 KB 126ms
32ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame DD8B 0
80 B 45ms
29ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 80ms
24ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame D658 54 B
623 B 101ms
44ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b0239e9694c-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMvrWpWK15mwISGxOXdPnGUYMRwOa6gGXSRamqgTaLkya6nLqw57jwKYUV1HQYZ%2FxWrs5jw6ybSXbe8DT%2BC2f000Fqwb1W0%2B9m%2BQBAhopSP66Ajglvvyoq7gk9BYJXPMFHqCP4QjXAsWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame A0B5 54 B
332 B 90ms
47ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b0239ed694c-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA6SLCPM%2FTw8q3uDHMY1GsUJwicK71VXD2T0v4SgbKk3HCZDw8i1WIMLwQD5Oqh1zRquLKI01XAeRXi4FfOJUasBOM6SFMIb9p0qX0xx9uIMOsJaE7O2saEXx0LedTvIa3lRTkjf2mY0FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame CEF6 54 B
336 B 67ms
46ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdO6cAPdO6cAAXADAENCbCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgE-sIWACAUIRgRAhxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxQCgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKDRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwjon.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b0239f0694c-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx6dZNGet5NYE9i1PrF6JcYoEVdT6I%2BuYzTyVf0arctWVRfDr1taX3nD%2FnP32EnzTRW0x1J9eZgT9j%2BOQyGn2HsyjLcsWBJL%2F1R6QawyiioivKEUM3aqnYT3TqKOAvRUlXB3G85FjDomSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2624 31 KB
10 KB 21ms
21ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54435
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sat, 06 Aug 2022 03:37:30 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 562A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
2 KB

136ms
44ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6cbcfef45addeafb8293b78f9b1028c503dbf97fc28bac84a5d75394adedd6

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b040e2368fd-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
dropped-udsids: 39|230|241|45|40|156|8|88
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iL%2B35Vpg93GuX%2FpD%2BlZG7zVjcWaCXDPCFbHvYuQjU71A%2F0HbAqrz9Fv%2F%2B5CmcCxLktAA2e%2FxuRUn7MX3gQhoJvt1hQ9N31cS7NCkpXJa2wri6yJFWqNqZ3vNe%2Bcm0RoTnP43"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b033cc692b4-FRA
content-type: text/html; charset=iso-8859-1
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbPeKUiXLjwYlMXLtas3e8tHn6t9I7sEu9QjvHtQV0GgbwTDbzix6Om9uTgr49aqBh6zSgeW02ZGZHtaDV1IpukiwKRUS%2FuPcZJiYuOH1ThHtDW8upFckSpfMY9oDcbu2beTdjGGARR%2FCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BC0A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

40ms
22ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Aug 2022 12:30:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame D9A7 43 B
689 B 33ms
29ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3d9d30b8-c170-4463-9228-a470dcb2198c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D9A7 43 B
120 B 62ms
30ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame D9A7
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

0
154 B

553ms
107ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D9A7 70 B
264 B 51ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D9A7 0
239 B 122ms
21ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET undertone
cs.admanmedia.com/sync/ Frame D9A7 0
0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame D9A7 0
42 B 288ms
29ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D9A7 0
191 B 146ms
37ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame D9A7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

0
316 B

553ms
107ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame E8E5 43 B
689 B 29ms
27ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6b35f466-a415-4c81-b652-46fc8a215042
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E8E5 43 B
131 B 57ms
27ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame E8E5
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

0
154 B

557ms
110ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E8E5 70 B
264 B 48ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E8E5 0
239 B 118ms
19ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET undertone
cs.admanmedia.com/sync/ Frame E8E5 0
0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame E8E5 0
39 B 286ms
30ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame E8E5 0
191 B 143ms
36ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame E8E5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

0
316 B

564ms
115ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 29FE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

154ms
70ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedeac5d401afbafcb52370b2e92521ee3799c0342dd6cce5d34ffeb95efc07f

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b040e2568fd-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
dropped-udsids: 45|241|39|230|206|41|3|26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us%2BbgxKyfcuppPvQzQNLt6qq1r7IBrWbZaKvWprMXPtOzL8eGC0zAMnGi45BATtxUfnxwkD%2FrU7v0fG%2FEiJK9Mb0rVtPO5mXy2pmqVMdY2AbQZ2Uu%2FZOq2Hc0TPTkh6R8X85"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b033cc292b4-FRA
content-type: text/html; charset=iso-8859-1
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pw9qYykMGnmGpU%2Fu5JCUIFB6qvOgu0qgIIC5YK8v0nb1IhbQVBML3%2ByDwqrbOAzx3UtFR67znmrPWgryMcUtX3lqqz4yPwzSBxGddpt8dQ%2Be4kuLIT%2FNtjn98c7LGiJXYiRVcmBKP4hdFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D3B0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

68ms
25ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Aug 2022 12:30:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EFCE 15 KB
6 KB 35ms
32ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CAFC 63 B
391 B 148ms
48ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 678d6d44d37a7618256c7caac6e9b76a1562c28888dbe745c940771a23140fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 04 Sep 2022 12:30:15 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CAFC 0
277 B 128ms
35ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Aug 2022 12:30:15 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame CAFC 0
55 B 121ms
22ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame CAFC
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5144588521038049639

35 B
99 B

110ms
108ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5144588521038049639
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5144588521038049639
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame CAFC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

35 B
218 B

107ms
106ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

cf-ray: 735f8b040e2868fd-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJsWUQfOuw6ayd6LjCWedcAw0Z5PUfVi7rPqkXt5%2BJHehSG86S5ugAhx%2FbR5JMqGm0Db2w%2F8yPl2pu7UWjISOpY%2FoPyRN9oeVDRIqkRfN%2FR%2F3CVjB1fkBpkMXER7iSw57ssk"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame CAFC 43 B
134 B 125ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cirjk8bnsv1c901ah1jusmrpjdlm89lo

GET
H2

200

usersync
x.serverbid.com/ Frame CAFC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900

35 B
269 B

120ms
106ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff7fb166-bda9-4164-a5ec-33ae02124c5a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame CAFC 0
500 B 463ms
107ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-106
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame CAFC
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

111ms
106ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4F05 0
277 B 118ms
29ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Aug 2022 12:30:15 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame 4F05 0
22 B 116ms
22ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 4F05
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5133329521968729524

35 B
99 B

111ms
108ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5133329521968729524
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5133329521968729524
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame 4F05
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

35 B
218 B

106ms
106ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

cf-ray: 735f8b040e2f68fd-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BNxoES27EM%2B1yMNxyfj%2Fhl4U7Ito%2FixOIb%2FV0Z3%2FJWUQqntEpde9sqPWSbDbjbduVHAjkVgQiUnQHAlNRlR5fuOvjStOr28CMHD82HBbS2orRSbDOdCovqTzjQnq0J5wz%2Fy"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 4F05 43 B
135 B 119ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1vio3v9qtrcbr9bmr6052gfss4enahj9

GET
H2

200

usersync
x.serverbid.com/ Frame 4F05
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900

35 B
218 B

118ms
107ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d2b819c4-d6b3-4e4f-9334-0e4098103d4c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6643121936650634900
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 4F05 0
498 B 478ms
114ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-7-18
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 4F05
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

112ms
107ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6FA4 15 KB
6 KB 48ms
32ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 4F05 63 B
391 B 138ms
45ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 678d6d44d37a7618256c7caac6e9b76a1562c28888dbe745c940771a23140fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 04 Sep 2022 12:30:15 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 7A2C 0
277 B 127ms
42ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Aug 2022 12:30:15 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame 7A2C 0
22 B 113ms
23ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 7A2C
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921453647263

35 B
99 B

106ms
105ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921453647263
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921453647263
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame 7A2C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137

35 B
218 B

141ms
137ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

cf-ray: 735f8b040e2c68fd-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZlVo5wHsUZ3b5GnECTT3XmL6bg4uEdtgk5eWJk%2BRaVwMvFFueXFkB02LYtgC2cqiUw1Bz3bZ%2Bob82CCZkJr6NhBP1J%2FFHZ98E5QwAJwk3Fn1wYKk3h2hzAGDJHySwGW8YHB"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yu0NV.zxI1A4OYIsexNHqgAA%261137
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 7A2C 43 B
351 B 115ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: iheh8sla5gscb6pa938t2nn9vnf7g5vn

GET
H2

200

usersync
x.serverbid.com/ Frame 7A2C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1753257751898190963

35 B
218 B

131ms
127ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1753257751898190963
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4de8c069-b387-47fb-b72e-f090b8d3ed67
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1753257751898190963
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 7A2C 0
500 B 796ms
343ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-120
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 7A2C
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

111ms
107ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9788 15 KB
6 KB 48ms
36ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144246
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 12:30:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 07 Aug 2022 04:34:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 7A2C 63 B
392 B 132ms
44ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 678d6d44d37a7618256c7caac6e9b76a1562c28888dbe745c940771a23140fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 04 Sep 2022 12:30:15 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 18CD 43 B
689 B 109ms
31ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2dd67a18-2e2a-4d9e-bc44-b36ff3f09566
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 18CD 43 B
120 B 39ms
29ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 18CD
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A

0
154 B

564ms
116ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-8j0y0UxE2uHtWiZd_wlv6sth_7SsdKaD~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 18CD 70 B
264 B 57ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 18CD 0
239 B 104ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET undertone
cs.admanmedia.com/sync/ Frame 18CD 0
0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 18CD 0
39 B 265ms
31ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 18CD 0
191 B 122ms
37ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:14 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 18CD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A

0
316 B

557ms
110ms

Image
text/plain

34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame C475
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

111ms
48ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359d0a439fab493d307477eeb37b8b9c2d5db3a2dd2f3dd0c7fe4e9441fb69ef

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b040e2768fd-FRA
content-encoding: br
content-type: text/html
date: Fri, 05 Aug 2022 12:30:15 GMT
dropped-udsids: 230|241|45|39|17|47|123|51
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxv7ZQwW1KLR1CeA1m35ID%2FivPEicNqJvVeqfHcSCEcUDXjT%2FWHaU4oZHRa6X8SvrM%2B1OnWvWpz7%2BcWyWKu2SVDLHMnn2b54EmcuNzi04q3k6EU%2Bo8VLy6S7NTdLtPyYqsf3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735f8b034cd792b4-FRA
content-type: text/html; charset=iso-8859-1
date: Fri, 05 Aug 2022 12:30:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF6O0BWjjL8dw4XGLB8vU9DH7lu62PClUNozlS4Zyreq5G4qfFKyXMmDtXZrHjx%2BvYDczmSOG%2BavjH3a03sd32btxq0kMRPey%2Fevmpxzb0%2FBwhy%2BLIYUhNgGZponiYNsGneHVY5I84dZog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DC5F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

71ms
21ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Aug 2022 12:30:15 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Aug 2022 12:30:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9D51 0
42 B 227ms
30ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35498015&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BC0A 31 KB
10 KB 28ms
21ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54435
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sat, 06 Aug 2022 03:37:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D3B0 31 KB
10 KB 22ms
21ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54435
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sat, 06 Aug 2022 03:37:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DC5F 31 KB
10 KB 23ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54435
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sat, 06 Aug 2022 03:37:30 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 562A 70 B
264 B 47ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 562A 170 B
232 B 46ms
29ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 562A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB&dcc=t

43 B
645 B

116ms
114ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AYK8QR4Z3Y581QH84NPQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PRKH37SC3SNTS9DYC6QN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 562A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG0GcT3oMcps0fSxkxIzqws&google_cver=1&gdpr=1

43 B
1 KB

183ms
53ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG0GcT3oMcps0fSxkxIzqws&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b065b429019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdP%2BhgD%2BXmH0hSA5LrJK5%2FRx%2FyufWPts7n%2F1FIVfAxItB4Chr5rh2j71iOxmvqbbV2lIku4paT7szsMBfcv%2FiszR4h0wVv4K0om%2FPqnCjhP3EOF5MMTfbpSok%2BfPaaDWNf%2Fk0IeVD1ytVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG0GcT3oMcps0fSxkxIzqws&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 562A 35 B
380 B 505ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Fri, 05 Aug 2022 12:29:18 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 562A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7ee3f595-e755-45bb-b1a8-c0a0e178c0da&expiration=1691238616

43 B
1 KB

51ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7ee3f595-e755-45bb-b1a8-c0a0e178c0da&expiration=1691238616
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b071c239019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5B3Ca0b7m242yUawVvMWtXbVDECasUzgNz6E7QBMUgo9LX5I9q4e6qJGADIf67ZID9GQd%2Fg4aFVdL53KSSNyy%2BHMpJrw7YpwcWCPo1uASLRmvw6KnI2YqG1%2F4a2XT70ea3ju3Ubqdf0xA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7ee3f595-e755-45bb-b1a8-c0a0e178c0da&expiration=1691238616
date: Fri, 05 Aug 2022 12:30:16 GMT
server: Kestrel
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 562A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yu0NVwAEL8gl2ABC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yu0NVwAEL8gl2ABC&gdpr=1&_test=Yu0NVwAEL8gl2ABC

43 B
1 KB

144ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yu0NVwAEL8gl2ABC&gdpr=1&_test=Yu0NVwAEL8gl2ABC
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b065b3c9019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6i9%2BVPPS08Ly5H4PxZ9e6UTVQb0Xc5PIH%2BO%2Fk3rlm29ASK6482YNlqjIZNGNW7IpODESL6mHeMkFqe1%2FrFkHCdOJ7yKPJREnZoztkDB7Z3hFAj3GFMlBv6IUFIjRIP6T1nxRsWne27nng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1659702616.943488,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yu0NVwAEL8gl2ABC&gdpr=1&_test=Yu0NVwAEL8gl2ABC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame 562A 0
304 B 610ms
109ms Image
text/plain 34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yu0NV2gzPQZX1tZqMlHmWQAABJwAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C475 170 B
317 B 45ms
29ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C475
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB&dcc=t

43 B
645 B

126ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XTYQBAQMY47ZDQY9DRGX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8HZY3GMAVE1K13N3M3TD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C475
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIa8xG-zBtVoazvqVj4mKLU&google_cver=1&gdpr=1

43 B
1 KB

167ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIa8xG-zBtVoazvqVj4mKLU&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b065b3e9019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ2FMmWUr0bMFoIfhsnabjl4dZRqZn%2BzDFWMWyExJJxzhgsxJd0BxlcVPTDFrpUF9VifQgc8jGNRxyGjMJBYVoLYpMEVulh7I%2BVMl2JbcgJnOMPktWPsnwMdI9yeuWiRzLxaNDMJsTRuuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIa8xG-zBtVoazvqVj4mKLU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C475 70 B
264 B 49ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C475
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
570 B

49ms
49ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4j1cRhjpO6fY%2B1WTt66vqIAplvUtV9cEarAYiY%2FrhnXQSaQ266IPUHpQBKLk8ar3ckx%2FE1GzqTyuTf5BV%2FywsV5fPcJvZe6S9w3DgWxsdhLCtBANddhcbOC4hbGbHe74gO47CMIn7celg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 735f8b07acc99019-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C475
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0poQH0mK1OjWt15&gdpr=1

43 B
1 KB

155ms
49ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0poQH0mK1OjWt15&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b065b409019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYUU5xe%2B79kEP1MMeyk2p%2BE9Hzwl3EF9OQ1U6tNbs%2BZSLIO7fsTUHkcZVVWvIPalzUp%2BJTMbjMJpgwcaFN3vhFRE1abVP4LYSkTxIE1oAZYQvDtZ3rVuPlz6AYxD5odP2hbkIjQpKrBksA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0poQH0mK1OjWt15&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C475
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=7tlpDHmISh9jACsiLbDWOFQTr7c

43 B
1 KB

39ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=7tlpDHmISh9jACsiLbDWOFQTr7c
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b07acd69019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkoCNCyRAh8ful2cCOE9bggUkQ6EVFsIcIUBNdmibfFRzNHDCCc005lDEmTc6g1dVFS5C4fqgZdqDM%2BpJIeGeRNAkGZBUBTepuxAM0ECwfjdjdoDIB%2FBNXJikTCgsBGXMuNXAqZ0GUAC9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=7tlpDHmISh9jACsiLbDWOFQTr7c
Date: Fri, 05 Aug 2022 12:30:16 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C475 43 B
220 B 123ms
21ms Image
image/gif 3.67.157.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 12:30:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame C475 0
304 B 609ms
109ms Image
text/plain 34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yu0NV-zxI1A4OYIsexNHqgAABHEAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 4752
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

111ms
110ms

Document
text/html

52.45.92.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.92.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-92-187.compute-1.amazonaws.com
Software: /
Resource Hash: 5033d7f95f921b08c1cade3104684629ffda09c08e622e5ad170b07e8937a4c2

Request headers

Referer: https://r.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 12:30:16 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Fri, 05 Aug 2022 12:30:16 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 12:30:16 GMT
location: /um/cs&eq_cc=1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 29FE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yu0NV1xmbWdnrCPnUSBblQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE6aQWmf83Lu0LlVF8iKfU&google_cver=1&gdpr=1

43 B
1 KB

178ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE6aQWmf83Lu0LlVF8iKfU&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b065b389019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evR4yCYfATpIEI2nPl4DLMQEyqcBycWEHyY6zfI%2Fg5tmKF1CirB1afElelSxRnR%2FnYQPAuoXUNH%2ByrfFyHgO83eFLP3tvZ1DIOaddUwYtHGlRqokVlmCTzBbTwsef4d4ToowLVXdOL3kOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFE6aQWmf83Lu0LlVF8iKfU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 29FE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&dcc=t

43 B
645 B

205ms
111ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ND40SBS30JAC3Y8H24E9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1M1TMKV0QJPYFZJENBYC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 29FE 70 B
264 B 48ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 29FE 170 B
232 B 30ms
27ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 29FE 0
15 B 27ms
24ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 29FE 43 B
408 B 139ms
26ms Image
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:15 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 29FE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e2e62ed-0d58-4500-a90a-223da220a886&gdpr=1&gdpr_consent=

43 B
1 KB

46ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e2e62ed-0d58-4500-a90a-223da220a886&gdpr=1&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b0a381a9019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcAxqmcRLi54ze4lqqrIhJbeN50sgjxZxU7ivHxKMBq%2F0vKUbBHIYMAQemKxNdzDTjiiedUn4qSi912hpr2Am9zDh7g4qehk6DooXFCPQsroFce%2FyegpTOsE2DmjTNEr0aLVlh1n2XjAgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

Date: Fri, 05 Aug 2022 12:30:16 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x3 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e2e62ed-0d58-4500-a90a-223da220a886&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 Aug 2022 12:30:15 GMT

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 29FE 0
99 B 293ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yu0NV1xmbWdnrCPnUSBblQAA%261115
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26834

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame 29FE 0
304 B 603ms
114ms Image
text/plain 34.239.52.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.52.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-52-148.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:15 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2624
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L9UFiWuLRraZtUCMX1Kcxg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L9UFiWuLRraZtUCMX1Kcxg

43 B
556 B

115ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L9UFiWuLRraZtUCMX1Kcxg

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YH3KXEKKB1NZT53JSZDD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L9UFiWuLRraZtUCMX1Kcxg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2624 70 B
264 B 49ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 2624
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6GG2Z96-Z-BCMF&sigv=1&esig=2~c12c3732bf3e2a780559aa775231984802121a22

0
194 B

109ms
31ms

Image
text/plain

2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6GG2Z96-Z-BCMF&sigv=1&esig=2~c12c3732bf3e2a780559aa775231984802121a22

Protocol

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6GG2Z96-Z-BCMF&sigv=1&esig=2~c12c3732bf3e2a780559aa775231984802121a22
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2624
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZHRzJaOTYtWi1CQ01G

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZHRzJaOTYtWi1CQ01G

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZHRzJaOTYtWi1CQ01G
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2624
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/c9sXWOs_RnDK9otjBN9ZiA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525010351123024120

0
239 B

22ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525010351123024120
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Fri, 05 Aug 2022 12:30:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525010351123024120
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 2624 0
98 B 85ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2624
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDF9MWGwEHaExyC6uC4mXOU&google_cver=1

0
239 B

22ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDF9MWGwEHaExyC6uC4mXOU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDF9MWGwEHaExyC6uC4mXOU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2624
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SAahAfEHT-GAp3CiB6CUcw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SAahAfEHT-GAp3CiB6CUcw

43 B
556 B

193ms
193ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SAahAfEHT-GAp3CiB6CUcw

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 12:30:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HPTCRVV20E28FXK4YV32
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SAahAfEHT-GAp3CiB6CUcw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame BC0A 0
239 B 23ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L6GG2Z96-Z-BCMF
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame 4752 43 B
1 KB 51ms
51ms Image
image/gif 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1919eb18-60cf-427a-8aac-eacc236bfe44&expiration=1667651416
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 735f8b07dd1c9019-FRA
pragma: no-cache
date: Fri, 05 Aug 2022 12:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZidmWpeJ3P5O3Y784mQXroBuNC7ZcP82m%2FYOXw7RJ%2BL05VpVSzqK3H3ppv975IrP8TMKWC18L2D6rMIAeYvYpduXd8WGUrtFN%2BABEWsxtTaTsKSm%2FJsiTkaJFD0KxpzeDfxp%2F9gGstBWLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 chunk-8.aa30ea23474098c92d4e.1658519812594.js Show response
wjon.com/public/dist/chunks/ 3 KB
1 KB 23ms
22ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-8.aa30ea23474098c92d4e.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

ebce7a586680316fa9d8b927bdf5ce540bb4216d1738d4c1e29826a90a6737bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72098
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1191
last-modified: Mon, 25 Jul 2022 16:26:28 GMT
server: ECS (frb/67D3)
etag: W/"cdd-182362e6e60"
x-frame-options: SAMEORIGIN
x-varnish: 592349445 592017773
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:15 GMT

GET
H2 200 chunk-12.5cbcb0e7e2dc86471b44.1658519812594.js Show response
wjon.com/public/dist/chunks/ 28 KB
7 KB 23ms
23ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-12.5cbcb0e7e2dc86471b44.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) / Express

Resource Hash

5d815661b93d14e07db0b6de7b3c1dfce725b291f818d8eebbf7676199d8281e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 72102
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7335
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67C0)
etag: W/"70c2-182362e6273"
x-frame-options: SAMEORIGIN
x-varnish: 592349446 592016676
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:15 GMT

GET
H2 200 chunk-2.158fab88e994fe9c9286.1658519812594.js Show response
wjon.com/public/dist/chunks/ 573 B
647 B 22ms
22ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/public/dist/chunks/chunk-2.158fab88e994fe9c9286.1658519812594.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) / Express

Resource Hash

0ad4967818564418a70bfa2d7b0e2b64e4efc7a3d15ce414bcdf69a4a2c55373

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 05 Aug 2022 12:30:16 GMT
via: 1.1 varnish
age: 70817
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 573
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6763)
etag: W/"23d-182362e60b6"
x-frame-options: SAMEORIGIN
x-varnish: 592349456
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 12:30:15 GMT

POST
H2 200 cogitoergosum Show response
wjon.com/rest/high/api/ 22 B
89 B 114ms
113ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://wjon.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wjon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Aug 2022 12:30:16 GMT
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Fri, 05 Aug 2022 12:30:15 GMT

GET
H2 200 site-logo.png
townsquare.media/site/67/files/2019/08/ 15 KB
15 KB 252ms
252ms Image
image/png 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/67/files/2019/08/site-logo.png

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (sgb/C726) / Express

Resource Hash

82a39bbbf41bf1d7f6bcfa9f93f6de901033261cd43ee71c92e64c06e6724318

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 05 Aug 2022 12:30:16 GMT
via: 1.1 varnish
age: 13996726
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15134
last-modified: Tue, 27 Aug 2019 20:16:45 GMT
server: ECS (sgb/C726)
x-frame-options: SAMEORIGIN
x-varnish: 1747920516 1730796684
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Fri, 05 Aug 2022 12:30:15 GMT

GET
H3 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 0247 0
20 B 42ms
40ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=3584600378431041&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa67c0500ea62%26domain%3Dwjon.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwjon.com%252Ffc277d07c985f8%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwjon.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wjon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 12:30:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: Z/TAjRBRs22zhrlaBpAu8XU7IADcNNN7E21mKNI3TAIfS5ok96f2SK96X4m5TLqeN9l0jt6vRwaXQAG9KeIRJQ==
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-1802391-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1807960714

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-19109753-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=883623372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-1802430-4&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=220682841

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-28825804-2&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1974847844

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-45260060-1&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1456065266

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-45260060-8&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=618011471

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=535353080&t=event&_s=3&dl=https%3A%2F%2Fwjon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AM%201240%20WJON%20%E2%80%93%20News%2C%20Talk%2C%20Sports%20%E2%80%93%20St.%20Cloud%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=1536035086.1659702610&tid=UA-180756957-12&_gid=1066345384.1659702610&_av=2.4.1&_au=20&did=i5iSjo&z=1394667668

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wjon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61753
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wjon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:01:08 GMT
x-content-type-options: nosniff
age: 332948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:01:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wjon.com/	1969-12-31 23:59:59	Name: gdpr-source Value: DE
wjon.com/	1970-01-20 07:11:18	Name: abgroup Value: A
wjon.com/	1970-01-20 05:44:54	Name: connect.sid Value: s%3Ai0PFuRQi3VE4dSeRc6GAZKPZ4dUctxDo.uwsdMhweQu5waA3%2Bu2pW%2BKkyRNfgl9GZegIHXmn%2FgiY
cdn.production.townsquareblogs.com/	1970-01-20 13:47:18	Name: aleph Value: ea719a4b-bc45-5d2e-9430-99947128b911
.wjon.com/	1970-01-20 14:37:42	Name: _ga Value: GA1.2.1536035086.1659702610
.wjon.com/	1970-01-20 05:03:09	Name: _gid Value: GA1.2.1066345384.1659702610
wjon.com/	1970-01-20 14:37:42	Name: aleph Value: ea719a4b-bc45-5d2e-9430-99947128b911
.wjon.com/	1970-01-20 07:11:18	Name: _fbp Value: fb.1.1659702610559.1347986343
.wjon.com/	1970-01-20 14:23:18	Name: cmp-data Value: . . 9592f87a-2290-4d20-95c4-ec74ff320f2d
.kargo.com/	1970-01-20 13:47:18	Name: ktcid Value: ad583550-0252-03f3-1556-dcc5fae1d151
wjon.com/	1970-01-20 05:01:44	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJGcmksIDA1IEF1ZyAyMDIyIDEyOjMwOjExIEdNVCJ9
.wjon.com/	1970-01-20 05:01:42	Name: _gat_primary Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA191097531 Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA18024304 Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA288258042 Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA452600601 Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA452600608 Value: 1
.gumgum.com/	1970-01-20 13:47:18	Name: cs Value: true
.gumgum.com/	1970-01-20 05:44:54	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm9EfYZ9BEyiD_XECvZ8GR4aLpC30BnuQ0QhYHi90-VlZrHkfUHR2j_c
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA18075695712 Value: 1
.rubiconproject.com/	1970-01-20 13:47:18	Name: khaos Value: L6GG2Z96-Z-BCMF
.rubiconproject.com/	1970-01-20 13:47:18	Name: audit Value: 1\|naVuGyos1qpPiNw1wXFTwObASkO6QPb7E03ikE5KqM3qan9zV6B01ECsaZvJn+uqZF/4iebODYQmGweUluV0NySjr84+DQZcpmvllXEtYN4=
wjon.com/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
.wjon.com/	1970-01-20 05:01:42	Name: _gat_UA1150030077 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: a8AfsXXjOr0
.go.sonobi.com/	1970-01-20 05:01:42	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s8535\|Yu0K3
.serverbid.com/	1970-01-20 05:23:18	Name: CONSUMABLEID Value: ba383e757d8f433bb83e757d8fb33b9d
.wjon.com/	1970-01-20 13:47:18	Name: _hjSessionUser_1749163 Value: eyJpZCI6IjljZGUyYzZkLTUwYjItNTAzZi05Y2ZhLTU3MTdlZDM2YzIzMSIsImNyZWF0ZWQiOjE2NTk3MDI2MTI5MDAsImV4aXN0aW5nIjpmYWxzZX0=
.wjon.com/	1970-01-20 05:01:44	Name: _hjFirstSeen Value: 1
wjon.com/	1970-01-20 05:01:42	Name: _hjIncludedInSessionSample Value: 1
.wjon.com/	1970-01-20 05:01:44	Name: _hjSession_1749163 Value: eyJpZCI6ImY3ZDEwODM1LTY5NmMtNDM3NS04YTNiLWQyYzM0ODYxMmZiMCIsImNyZWF0ZWQiOjE2NTk3MDI2MTMwMTEsImluU2FtcGxlIjp0cnVlfQ==
wjon.com/	1970-01-20 05:01:42	Name: _hjIncludedInPageviewSample Value: 1
.wjon.com/	1970-01-20 05:01:44	Name: _hjAbsoluteSessionInProgress Value: 1
.id5-sync.com/	1970-01-20 05:01:42	Name: cf Value:
.id5-sync.com/	1970-01-20 05:01:42	Name: cip Value:
.id5-sync.com/	1970-01-20 05:01:42	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:01:42	Name: car Value:
.id5-sync.com/	1970-01-20 05:01:42	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:01:42	Name: callback Value:
.ads.pubmatic.com/	1970-01-20 05:03:09	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 07:11:18	Name: CMPS Value: 1190
.yahoo.com/	1970-01-20 13:47:40	Name: A3 Value: d=AQABBFcN7WICEI3u41nN69uaaNaBjhsXDMkFEgEBAQFe7mL2YgAAAAAA_eMAAA&S=AQAAArF31PiUf9IP3V8D_R5oN-0
.adnxs.com/	1970-01-20 07:11:18	Name: uuid2 Value: 1753257751898190963
.analytics.yahoo.com/	1970-01-20 13:47:18	Name: IDSYNC Value: 18z9~26f0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQxNTYzMTcyMxbiM9Q1C8txLosqNiw0NDQBAPJ32JclAAAA
.rfihub.com/	1970-01-20 14:23:18	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQxNTYzMTcyMxbiM9Q1C8txLosqNiw0NDQBAPJ32JclAAAA
.rfihub.com/	1970-01-20 14:23:18	Name: eud Value: H4sIAAAAAAAA_-sS5zU0M7U0NzAyMzQ1szQHAP6TZS8QAAAA
.casalemedia.com/	1970-01-20 13:47:18	Name: CMID Value: Yu0NV1xmbWdnrCPnUSBblQAA
.casalemedia.com/	1970-01-20 07:11:18	Name: CMPRO Value: 1115
.w55c.net/	1970-01-20 14:31:57	Name: wfivefivec Value: 0poQH0mK1OjWt15
.doubleclick.net/	1970-01-20 14:23:18	Name: IDE Value: AHWqTUm4MdGLE7DPd7OYToVidyAZ_ONFL_ImBsWZIWxqdTBqdgPPmLGcDNG7Z9AqxbQ
.everesttech.net/	1970-01-20 13:47:18	Name: everest_g_v2 Value: g_surferid~Yu0NVwAEL8gl2ABC
.w55c.net/	1970-01-20 05:44:54	Name: matchcasale Value: 5
.casalemedia.com/	1970-01-20 05:03:09	Name: CMST Value: Yu0NV2LtDVgA
.eqads.com/	1970-01-20 07:14:11	Name: EQUser Value: UID=1919eb18-60cf-427a-8aac-eacc236bfe44
beacon.lynx.cognitivlabs.com/	1970-01-20 13:47:18	Name: UID Value: 7ee3f595-e755-45bb-b1a8-c0a0e178c0da
beacon.lynx.cognitivlabs.com/	1970-01-20 13:47:18	Name: ss Value: 1chZAukD13pAcptJXMSU7G%2FdJVagJHXvCcfqcHY%2F1%2BR9mKzbHVcduAg3weaIpmmLR9LYOmPs5ZaAIRmoBsYMfw%3D%3D
.undertone.com/	1970-01-20 13:47:39	Name: UID_EXT_56 Value: y-DVpV9LhE2uGaDB5EtFEClHHVCH9n9XZN4rUSMDw-~A
sync.srv.stackadapt.com/	1970-01-20 13:47:18	Name: sa-user-id Value: s%3A0-eed9690c-7988-4a1f-6300-2b222db0d638.VO0wBpJvx0OM%2B%2BtWl3Y%2BgS%2B%2FrR6CULPxxYocCqCwKfA
.srv.stackadapt.com/	1970-01-20 13:47:18	Name: sa-user-id-v2 Value: s%3A7tlpDHmISh9jACsiLbDWOFQTr7c.RoWSCpw2q8FIiqB8ANoEBXYznbcVjujRkRdRIcb2798
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85120\|Yu0NT
.undertone.com/	1970-01-20 13:47:39	Name: UID_EXT_57 Value: Yu0NV1xmbWdnrCPnUSBblQAABFsAAAIB
.amazon-adsystem.com/	1970-01-20 14:37:42	Name: ad-privacy Value: 0
wjon.com/	1970-01-20 05:03:09	Name: usprivacy Value: 1---
wjon.com/	1970-01-20 05:44:54	Name: newsletter-overlay-notspam Value: completed-newsletter
.mathtag.com/	1970-01-20 14:27:37	Name: uuid Value: 7e2e62ed-0d58-4500-a90a-223da220a886
.casalemedia.com/	1970-01-20 07:11:18	Name: CMTS Value: 1214
.casalemedia.com/	1970-01-20 13:47:18	Name: CMRUM3 Value: f162ed0d5705a0&2d62ed0d5805a0CAESEFE6aQWmf83Lu0LlVF8iKfU&e662ed0d572760&2962ed0d5705a0&ce62ed0d5705a0&0362ed0d5827607e2e62ed-0d58-4500-a90a-223da220a886&2762ed0d570b40&2862ed0d5827601919eb18-60cf-427a-8aac-eacc236bfe44&1a62ed0d5705a0&5862ed0d582760Yu0NVwAEL8gl2ABC&2f62ed0d5827600poQH0mK1OjWt15&7b62ed0d5827607tlpDHmISh9jACsiLbDWOFQTr7c&0862ed0d5827607ee3f595-e755-45bb-b1a8-c0a0e178c0da
.amazon-adsystem.com/	1970-01-20 10:45:52	Name: ad-id Value: A9NkjdNTP0HriZMXwfAZX-I

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
btloader.com
bttrack.com
c.amazon-adsystem.com
cdn-scorestream-com.s3.amazonaws.com
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.admanmedia.com
cs.emxdgt.com
dbejeqv8nk3po.cloudfront.net.
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
in.hotjar.com
js-sec.indexww.com
krk.kargo.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
r.casalemedia.com
rtb.openx.net
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
scorestream.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.hotjar.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vars.hotjar.com
vc.hotjar.io
wjon.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.bidswitch.net
x.serverbid.com
cs.admanmedia.com
103.229.206.241
104.103.86.63
104.18.18.126
104.18.19.126
104.244.42.136
13.32.110.7
13.32.121.54
13.32.99.105
130.211.23.194
141.226.228.48
141.95.98.64
142.250.185.230
142.250.185.98
15.197.193.217
151.101.1.44
151.101.194.49
159.89.246.130
173.231.180.197
18.193.198.179
18.194.25.184
18.66.112.19
18.66.112.92
18.66.139.84
18.66.23.213
18.66.97.29
185.64.189.112
185.64.190.78
185.64.190.79
185.89.211.12
192.132.33.46
192.229.144.129
192.229.233.217
192.229.233.218
193.0.160.128
2.18.235.93
2.20.73.51
2.21.184.200
216.52.2.30
23.205.235.133
23.35.236.247
23.75.240.210
2600:9000:223c:fe00:1f:2473:9080:93a1
2600:9000:2240:4a00:0:b015:b300:21
2602:803:c003:200::61
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:78b
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700::6812:b4f
2a00:1288:f03d:1fa::2000
2a00:1450:4001:802::200d
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9a
2a00:1450:400e:80f::200a
2a02:fa8:8806:12::1400
2a02:fa8:8806:12::1460
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f207:c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a05:d018:d29:3605:358d:1e8a:10d4:e287
2a06:98c1:3123:a000::d
3.120.106.63
3.121.8.16
3.126.56.137
3.67.157.21
3.71.169.66
34.107.148.139
34.120.133.55
34.239.52.148
34.241.55.221
34.95.69.49
35.186.253.211
35.244.159.8
35.244.174.68
51.89.9.253
52.218.238.35
52.222.236.74
52.45.92.187
52.46.155.104
52.54.46.88
52.92.177.184
52.94.222.140
54.211.243.57
54.69.95.91
54.74.193.12
66.155.71.25
69.166.1.10
69.166.1.15
69.173.144.138
69.173.144.165
70.42.32.255
76.223.111.18
92.123.21.200
00a0619da444e9e5f8aa71988acf2457f543807cd9afc52d89418906ea14f2a7
01223964fea2b7a74d6818a44c00c1ce4fb57ba04206ac6ab89666761ec462ad
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c57c1fa6f8e1339edeb5e8a763182f3ea2c866903f5cf8fa51f11ea21c5ed5
0a95e4a214bf3548fcd9c882015ccba496f5dc5983aa22e94a382a5359a27c6d
0aa01841adb60bd01d0c2a8fa5901e9f0fab2e99aa7633648dbd3233c9a33fe2
0ad4967818564418a70bfa2d7b0e2b64e4efc7a3d15ce414bcdf69a4a2c55373
0b209ba44b0c66a91594f70d08631271cd73a1bf6b1742fca73fdb70adbc39fb
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
104d9312b0ab49ab36365302d0dbc3db5dc9f5a24d8d4494bc4dd3f27b343714
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
137c8b2e482309d0973779ba70b248d1e177ad1bb97623b60f7642343610295e
13fd31d11f6fc66eef2968cca54dba808cbb4ce9afd8069fbbfd22f903934957
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
15c7d86ae9e86d3fe31ec984acb046d6413c2df53ac83775bc840da9d743afb1
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
190ea442c5e8271cac9eb863ab648bda12ade080cf920a97df864cd813aeee56
1a129929706092981e0fa0aed0ced2406e79818d9f3dedd2da40322d4bc3accf
1d8d2a71a482a4a6dd43542b54f54433cb3e6c80060c0fd5c5b030a81ae0764d
1fbd59c274441ecdcbab333b35533ddf3b9639157872845a712984fc17db6a24
1fe2a6d02c36144cda53b82687f6b7a50f7b2c8cac068575d9aadd43fe140a29
214722e9b5d40af75baf12a7a8f5c41640aeddad28e2fa0be05f1d4c00cf1882
2185b597a9c8794e258668699236ee2da1d47b817829c75daf6748bf7b98bf87
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23f06c0643529bc819ea2e3551488291076ca18aefaf2e1e637e6d003b79aeb6
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
27c16bcf28a10023178e260f7158baad9af17c90594d48874d63442d0c480a6f
2819cabffa3543dd98ce4506e5f93cfee2ddeb97d7125dfbad735b927ef402f2
289c9d622dd04e4ac1f0fa56de652fbed9afcf73fdf6bd2a68d3daf023ab23ca
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2d746beced6cff4b4689a5fd5df52f5e588e9ec7f3bb9c6ee41d54ea62543b6d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e612ea96f2322f5c13c38dd2cfab4269fa97c19e69a7797a21040bb772b6481
2fadd621ebc70165aad8bf9eacf717db31243108ca6083804f22485566b1162d
331d6c254831ba29998957f1caf9672307ad0ea4c8c804aed6928b598920a76d
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
341202151390a19c9fb07fc82bde7f6fcd2dc14dde42bfb6eb28ffaa57058ed4
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
359d0a439fab493d307477eeb37b8b9c2d5db3a2dd2f3dd0c7fe4e9441fb69ef
38443763f148404855985829991c01d7b563216cc67dced08480166971d20852
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3a2b7372498399542e2aa84d0c7d0e60d30960b53c59509900442be7cb1355e5
3a3bf40d3b366fae0cfadcef7591f8b8d3fdfc41c2d272c3e5e1c8d7af23e183
3ade3e99ac3b3033225a6773d3567496177f17f6c3bfd9815d537f546c205069
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
3b6cbcfef45addeafb8293b78f9b1028c503dbf97fc28bac84a5d75394adedd6
3dab1ac8e930ffc0d41fb71d0094ff377c18778318ea914afd4ec5ba02a2da33
3e69f9c2675ff3ee0eb3f023045d9075323d97fbfa682c13cc718de5eaaac5ec
3f87eace9cdf7d7263d025dbde727d623f69e45fd0aca94dc5b9eeb3c48d74af
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4042700cc9763ca5901dbea176831ec886f5cf27d0e2a06b634fe6a4c57aac52
43eb05e3593d9c1eb46e863b433b9a6e7c0168237468825f236abb3da988e5c5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47
47d9e5cf1d996e7224b32c84276f88388c8925c39e672ebec5ddfe35ab0d7113
49d510f483c7574786a60ca57a3efaa3d6ee32159fc83560d974495f27dac16b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b72f044ea2c71c1d4bed65a50f93f6b25c91151beb20543f7784c446288e7fc
4bdbacb20d7045060152083ce016f7f49c0f582682b7c1b1a22c67ed5819bed8
4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5033d7f95f921b08c1cade3104684629ffda09c08e622e5ad170b07e8937a4c2
52c03eb3c0aa8aceddb68de6fda2feed979cd960337ec0678cdeb6a5b1fa1f94
53a37f4272f74fe430cb0ea41f8f166ae841f9ec18da1ef740f00c850162c201
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d0924ee7352e8b719b1ea6b3285527a10f7e19b5952a4af2a4edfe27d55e1d
56c52f5aa7efe1208d91b55ebb58e6f1267ab781cb8f6afaa3c7790d9c453226
596f85f51fc5353f72dd5f98c5bf7b1ef9fbb54b3c3608762f821795d0808bc5
5ae3bec9fa243546aff382802930045bb9c0316b0594dd633358864e9fd265c7
5c8cfcb7a6160dbd01532bca31557b3d5c8c0fb4f79cb7b6a493c90df429de9c
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d815661b93d14e07db0b6de7b3c1dfce725b291f818d8eebbf7676199d8281e
5e519439f613586c5cdd80c298dd87bb3c935d2df7249fbf5d23877ba77ba1bb
5f94a0052b94f267147776b1e5c569f5c22ce564b3cff54b56a6ea4404b7116b
6027da330cb84ffac323d4c9935b7adf2d8656ba769d78a5d112c1a2469f15c2
6138dbae4ed7a6b83648a06459c2d00917e7d8f4b06ecbced62b92c4777a0e34
624d3a281fa38ee504358a0f40533c198d5c8a5c6b921fc9044960d032c94914
62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d
66147a24f7c599deddc3049b8ba82ebac44ae95bcf58b2c03fe9084caa4171eb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66c6de2eb0b4f00bbfc845f84e130d7e8c5e2ad3bc2339e3260a72c2b1126678
6735d4c3dd77eec9f4f3c38859e3e60bf43a349ccdc190563d74b363ca2bb1a6
678d6d44d37a7618256c7caac6e9b76a1562c28888dbe745c940771a23140fc4
6808b52575ee5670dc4baccd0a6f6f5e25f02352b7d985af0329b9db21bd536e
69f9231c708fd46243dc77fa9e4df7a10b0adfa746abbb2c08e62b37ccfc4cde
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
6c0f61b807391beed1e5cfd5c87828f90c4cdc9c8429b85fe3b7202c1309dda9
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6d07cd25dd670e4a471aae42095f46ed3e2f346e3ea6a05945f39c3fded8db9d
70624b7d9196481f82130a808cd76b93ad9bb6a53dc67332b7e341b86126ba4d
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71
73d6cabc4d1aaf1e303e4333cc4b6f52d9f648ddf58153736c935315409be618
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
78dfbec7dcc7e9b064d139555fd1d11c7b568d6d8676db07bfe6f686c0f26599
78ffb0193d423881099abcf555be62a57c351f18fe58d0d4ea7c77ec3a035cd9
7b5511237fcf94bad2aca9c53a0da15e1795be9377fac8dc44f06afd51113322
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7c5d8c04878544e99f062ad3aa1a16b4bb61529ebc917a3c362a9cbaa8e61701
7e221278f830690a97288800fa8740a3022cb1c142f0ad7e8a1f93705fb92a7a
7eaacc902b520030e3b0934b8a4e4cc9d3a05170d42bd34ac5d40bdbbd02177d
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
7fb3f5fe2907f964e353cf11e45ea686ba5bc37d157f00ff7781d317d223292d
82a39bbbf41bf1d7f6bcfa9f93f6de901033261cd43ee71c92e64c06e6724318
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833943685394d1e8072ee4d6a517c70d7984c98ad19030ed2a32df17d755e953
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8524e0b2fc8a168bf8e36692f9566e88be8f4f797da69e408ed2cc5c844be1d5
8538ced40c5158724d63081885ce0b412df9b2bb7309b9c5b4f219496cbbbece
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
88144b35c1a7f718614b813d0b4445097021a4146bb319c60973587baee3dd58
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bea18979f51229647b58a6c0c5a3971fb41d73157c1a494f36cd8ae477ed346
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8faa8d2bb4b6858fff3a38ebe4cfa92015a0dc304323f13f7896043046dc3392
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
909a0c461a47bd72d08284ac8616c5b627702a42a643c2d30cbfe5af6c58d5cd
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9336158216c03f2d50049876b1fdf388fc53261579a1dccd48d72b2b3c8041eb
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485
a0cdb4c842213259d49174c4c3c459db9fc6e1e63bf0f923c4479f96559e9acf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cc951bbf1cff8818110958a4bcad1f7c3e5d66062e34fd4df8a6d92c023e62
a383ecd625c00c3b5051fd8eb6ad8ab4aa40503f4ebc2267338b11931d17875b
a3e69c4fea43c6927c8ce075e98a06ba435de4c441530a774ec51c7c07cfb134
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
aa0b417c78ec3adfb1f1c0c1fc70dda4ffbfebb35841e50edd55d5b1280dfdc7
aa51772615cc94de5168787c8520d14b65c84a58f9716362b65a38fdcea40160
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac35d7842f09558aa2344daecb63c97ce37427b3de11cecfd64881f2f0271e23
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b01f4bcb4a73433cc805e774f38b19ef6c6c52b551ac1fe857dd8a9d5795385e
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41f9649af86dfc713c5ecf2f1796a00a06d995d018c657c8112e79910801f4a
b4cd3b055ba32e94b5f05141b4bf92c0da37a117f3c7458e5446c1fdfccda098
b5bd11545de6ded7576a6bbf64d62a4e819d45416bb0dc20b714fd399f2b6033
b5f98699f7656749c3d530f4dfe7089caeeb905005663bd4a8724f86ba8ef2b6
b76b1799684ce87e0459eccd835231c4e73d5a06b76159737c97df3850d775c3
b89064eda1428624b37cb985d66122350bec24e637e0f92b65d2941c3213e564
b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b95aeee5e4dd932224233e8312e3ff66b3fb42d4393d7db7c821cf819dc779b7
b9cb9134004236cb1c1ab66f145cbe06187d1743e3c716f6a472eae40ade9b89
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf330099e4e402d3c58c5f17bf5d7d883818ba338e01648756614e5037fcc9e6
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36e2cbe5880bff429a31bcdc12857fe11c3c61ceb1235092a44f45e9e050194
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773
c67bf4df9ba03a46ddb9c00560b633602cec438362154d4cb081adc94dc1e5c8
c7bca65ec9bb39b8b07a36b2db5809ed8d2c226d92fa061f3304b61ac7599518
c8721c104444b6a3330eb7a9d04e6954044dbf82debe16e2a6999fca9d4c22ea
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cb67a9aa66913dcc03b2623a7bed8c028ce285db30d97a52188a17f50da350a3
ccc5ce3dda14e5a957397b0ff40d24b9ea61ed15b6570b4259e5db55733414b9
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce3d3481cf65d3f3dde8454f7e67ee233cb619a671f43f63dd982ed08fdfd4c5
cedeac5d401afbafcb52370b2e92521ee3799c0342dd6cce5d34ffeb95efc07f
ceefb7f24ad304b648086c357ddb865b5485fb6ea69b6a329a5947e2a92b590d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01a432795fc449091f3e7f9e028fd0ec4932b67421b61ac9c91ee1578067048
d25244db9dc268beeb125b8deb6048471478d65ca733d1cdfab896fd303783a2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d5457ef0281e46aabe87ec20247ec3dfa69d89b926d33fd5893a119277b3c0e7
d6020f55c70d41680170e607cdbf6dbb626a46bb7f23a5134998d5675d65a846
d6f327e8f217c193d4139ec967dd138dde3958395b06a4e4cd8e346faa27dedc
d835d583daf956b92e41bcf421fed751423c51cf65c7fb17f0d39a458b81e638
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da28f77bb4e8d508bcc47d95d9319ec1d4d91884f5a4b9b7f4dd80b721251181
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daf8c6b41adfd0c3f6bdca0d65d774519a1f5102546503e3e780358bf785b64c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db5977ed25a210e8c5b358febc00d828443173567e530ffeac3320cc10742e96
db7c1c7200604815efaf52334c9ddb64373e3ab22e3779eefca47b76b20f827e
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
dd9329ddc3b3b5a00a3b5bd6a7faef6646a0439bfe673c399b583c58a17b2ad1
de3a482364d3cef9991d8d09b4a9eb8f03993d715da05ed58a8cc01dc46af481
dffc773d0a05621a7f2b1de866855df7faac5ecc3637e565ab1b16a7bc056324
e04996bce115cd63369e3d421e8e6eedf08bac25392d0d30203a9ff1069b7785
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dbf29d5bf5c976b5652a505617a6867d0e1c240d7824fb5ffd48585ea5e31c
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e47a4128beb7ab9fba3b2b9d82e7f340daeeede0fdf0c4d702a95a0607f9eb54
e4943cba9f9e0e72e7d970255db80b9337332b86e2b8b4a70b76b20eaa778809
e6d7a3551d20da4e39ea31123baccf88da01f4225afec7fd9031964c44992352
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46
ebcb3cd75b0c14332ba361ee41b3ed95c49d2b8fdc3b78a067d4dbcfa436167b
ebce7a586680316fa9d8b927bdf5ce540bb4216d1738d4c1e29826a90a6737bc
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec88c0928715c9c3309d5b9ed982b5c733ec50d78c242beae4275383f0f66875
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed3e9452a59d26291945591545d9e6adf7e30bf7e2c7c38b444fb0f5ee81038c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68f1402e8b4c134ed2fd2b1e37ea0537244c929d5a679279eb81d5a6908ff6
f0daa37303ae9cf4bfbbdc1e84b61f4b4775255b4ad06676165282b2cfc2d31d
f164cab4e087e773f8ed0723294ee7bee19681cdb2edc46500d24e52339ca227
f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fba1bd6312e410489a59cb22593f0afb5c6499610611ebdd844b987d898b256d
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

wjon.com Open in urlscan Pro 192.229.233.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

398 Requests

89 %HTTPS

29 %IPv6

71 Domains

112 Subdomains

92 IPs

10 Countries

4355 kBTransfer

11463 kBSize

70 Cookies

9 Outgoing links

Page URL History

Redirected requests

398 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wjon.com Open in urlscan Pro
192.229.233.217 Public Scan

Screenshot
Live screenshot

Full Image

398
Requests

89 %
HTTPS

29 %
IPv6

71
Domains

112
Subdomains

92
IPs

10
Countries

4355 kB
Transfer

11463 kB
Size

70
Cookies

398 HTTP transactions
2 data transactions