www.tgh.org Open in urlscan Pro
20.49.104.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tgh.org/
Effective URL:
https://www.tgh.org/
Submission: On September 17 via api (September 17th 2022, 3:34:31 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 36 IPs in 10 countries across 50 domains to perform 130 HTTP transactions. The main IP is 20.49.104.24, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.tgh.org. The Cisco Umbrella rank of the primary domain is 816623.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 8th 2022. Valid for: a year.

This is the only time www.tgh.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	20.49.104.24 20.49.104.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.221.111.187 54.221.111.187	14618 (AMAZON-AES) (AMAZON-AES)
8	2600:1f18:236... 2600:1f18:2369:1010:b13c:6068:dc25:80ab	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:20:... 2606:4700:20::681a:cd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
2	143.204.215.85 143.204.215.85	16509 (AMAZON-02) (AMAZON-02)
1 30	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 2	18.157.92.103 18.157.92.103	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.15.115 18.66.15.115	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.31 99.86.4.31	16509 (AMAZON-02) (AMAZON-02)
1	108.128.203.219 108.128.203.219	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.212.110.18 52.212.110.18	16509 (AMAZON-02) (AMAZON-02)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.158.39.190 35.158.39.190	16509 (AMAZON-02) (AMAZON-02)
1 1	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.37.130 3.122.37.130	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:c896:a534:1957:1cac	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	193.108.153.18 193.108.153.18	34164 (AKAMAI-LON) (AKAMAI-LON)
1 1	108.138.25.178 108.138.25.178	16509 (AMAZON-02) (AMAZON-02)
1	52.49.35.210 52.49.35.210	16509 (AMAZON-02) (AMAZON-02)
1	54.237.50.216 54.237.50.216	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	44.206.163.254 44.206.163.254	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	18.134.84.25 18.134.84.25	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	52.2.16.173 52.2.16.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	35.157.107.208 35.157.107.208	16509 (AMAZON-02) (AMAZON-02)
1 1	3.126.61.30 3.126.61.30	16509 (AMAZON-02) (AMAZON-02)
1	34.235.183.60 34.235.183.60	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.135.226 45.79.135.226	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
130	36

41 20.49.104.24 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.tgh.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.111.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-111-187.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:2369:1010:b13c:6068:dc25:80ab (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cdn.odoro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
undefined.odoro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v2.odoro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cd5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.adasitecompliance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adasitecompliance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

10207215.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

script-app.mercuryhealthcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-85.fra53.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.92.103 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-115.vie50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.203.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-203-219.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.110.18 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-110-18.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.39.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-39-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.37.130 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-37-130.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:c896:a534:1957:1cac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.153.18 (Frankfurt am Main, Germany) 4 redirects

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.25.178 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-25-178.fra56.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.35.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-35-210.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.50.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-50-216.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.163.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-163-254.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.25 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-25.eu-west-2.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.16.173 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-16-173.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.107.208 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-208.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.61.30 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.183.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-183-60.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.135.226 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-14.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	tgh.org 1 redirects www.tgh.org — Cisco Umbrella Rank: 816623	5 MB
30	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 295	22 KB
9	doubleclick.net 7 redirects 10207215.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 178 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	4 KB
8	odoro.com cdn.odoro.com — Cisco Umbrella Rank: 660554 undefined.odoro.com — Cisco Umbrella Rank: 810060 v2.odoro.com — Cisco Umbrella Rank: 526773	342 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1729 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3504 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3495 tracking.crazyegg.com — Cisco Umbrella Rank: 3486	35 KB
4	stickyadstv.com 4 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 752	5 KB
4	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1244 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287 cms.analytics.yahoo.com — Cisco Umbrella Rank: 869	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	40 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	213 KB
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	3 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	1 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
3	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 128	17 KB
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 883 image6.pubmatic.com — Cisco Umbrella Rank: 648	391 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1084	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 153	546 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1209 lm.serving-sys.com — Cisco Umbrella Rank: 1924	778 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 563	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 637	998 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335 token.rubiconproject.com — Cisco Umbrella Rank: 667	653 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 513 usermatch.krxd.net — Cisco Umbrella Rank: 1103	358 B
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1689	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	1 KB
2	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 3923	1 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6718	42 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 480	7 KB
2	gstatic.com www.gstatic.com	22 KB
2	adasitecompliance.com 1 redirects www.adasitecompliance.com — Cisco Umbrella Rank: 109359 cdn.adasitecompliance.com — Cisco Umbrella Rank: 101559	25 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1037	168 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2363	344 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2969	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1198	324 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	304 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 947	634 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	265 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3608	532 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5575	419 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2064	123 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2623	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2486	877 B
1	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 1669	319 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5557	183 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 511	459 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 448	487 B
1	mercuryhealthcare.com script-app.mercuryhealthcare.com — Cisco Umbrella Rank: 53751	14 KB
1	ipredictive.com ad.ipredictive.com — Cisco Umbrella Rank: 5887	787 B
0	survata.com Failed px.surveywall-api.survata.com Failed
130	50

	Domain	Requested by
41	www.tgh.org	1 redirects www.tgh.org
30	s.amazon-adsystem.com	1 redirects www.tgh.org s.amazon-adsystem.com
6	v2.odoro.com	undefined.odoro.com
4	ads.stickyadstv.com	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tgh.org v2.odoro.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.googletagmanager.com	www.tgh.org www.googletagmanager.com
3	cm.g.doubleclick.net	3 redirects
3	ib.adnxs.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.tgh.org
3	www.googleadservices.com	1 redirects www.googletagmanager.com www.googleadservices.com
2	uipglob.semasio.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	www.google.de	www.tgh.org
2	adservice.google.com	www.tgh.org 10207215.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	sp.analytics.yahoo.com	www.tgh.org
2	tags.w55c.net	1 redirects www.tgh.org
2	solutions.invocacdn.com	www.tgh.org solutions.invocacdn.com
2	s.yimg.com	www.tgh.org s.yimg.com
2	10207215.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	match.adsrvr.org	s.amazon-adsystem.com
1	1f2e7.v.fwmrm.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	mwzeom.zeotap.com	1 redirects
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	ups.analytics.yahoo.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	adservice.google.de	adservice.google.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	undefined.odoro.com	cdn.odoro.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script-app.mercuryhealthcare.com	www.googletagmanager.com
1	cdn.adasitecompliance.com	www.tgh.org
1	www.adasitecompliance.com	1 redirects
1	cdn.odoro.com	www.tgh.org
1	ad.ipredictive.com	www.tgh.org
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
130	69

This site contains links to these domains. Also see Links.

Domain
mychart.tgh.org
78ca0751.flowpaper.com
www.fasttrackurgentcare.com
lsc-pagepro.mydigitalpublication.com
www.youtube.com
twitter.com
www.instagram.com
www.facebook.com
linkedin.com
adasitecompliancetools.com

Subject Issuer	Validity	Valid
www.tgh.org Go Daddy Secure Certificate Authority - G2	`2022-09-08` - `2023-09-08`	a year	crt.sh
*.ipredictive.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.odoro.com Amazon	`2022-03-15` - `2023-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
script-app.mercuryhealthcare.com Amazon	`2022-03-25` - `2023-04-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
invocacdn.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-07-26` - `2022-10-24`	3 months	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.tgh.org/
Frame ID: 4A336F94E8905DA48BC5C38784118B6B
Requests: 85 HTTP requests in this frame

Frame: https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F
Frame ID: 8B5DF4D3124DDF44D9CCF03E735EE776
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t
Frame ID: 257BE35636092284F9FCC1B172DDA1F8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F
Frame ID: 7D914A31560E31EA193D401F3AF8A127
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F
Frame ID: F40EE17E8164A507D17458896F343DAE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Frame ID: F061EC4DC1918884169C1D2B771F80A6
Requests: 40 HTTP requests in this frame

Frame: https://v2.odoro.com/widget/0.8/ga.html
Frame ID: 3DB45686F2D13BE4A01B22B2F1D78EF2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Hospital in Tampa | Tampa General Hospital

Page URL History Show full URLs

http://www.tgh.org/ HTTP 301
https://www.tgh.org/ Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

130
Requests

72 %
HTTPS

25 %
IPv6

50
Domains

69
Subdomains

36
IPs

10
Countries

5562 kB
Transfer

7640 kB
Size

65
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://mychart.tgh.org/mychart/Authentication/Login
Title: MyChart

Search URL Search Domain Scan URL

URL: https://mychart.tgh.org/mychart/Authentication/Login
Title: MyChart

Search URL Search Domain Scan URL

URL: https://78ca0751.flowpaper.com/TGH2021AnnualReportfinalflipbook/#page=1
Title: 2021 Annual Report

Search URL Search Domain Scan URL

URL: https://www.fasttrackurgentcare.com/
Title: TGH Urgent Care

Search URL Search Domain Scan URL

URL: https://lsc-pagepro.mydigitalpublication.com/publication/?i=749798
Title: Advances Magazine

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tampageneralhospital

Search URL Search Domain Scan URL

URL: https://twitter.com/TGHCares

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tghcares/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tampageneralhospital/

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/tampa-general-hospital

Search URL Search Domain Scan URL

URL: https://adasitecompliancetools.com/ap.asp?h=TGH

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tgh.org/ HTTP 301
https://www.tgh.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.adasitecompliance.com/img/APolicy.png HTTP 301
https://cdn.adasitecompliance.com/img/APolicy.png

Request Chain 44

https://10207215.fls.doubleclick.net/activityi;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F HTTP 302
https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F

Request Chain 53

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t

Request Chain 54

https://tags.w55c.net/rs?id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054 HTTP 302
https://tags.w55c.net/rs?sccid=8bd8ed55-e2fd-a764-7402-9b36006a72f1&scc=1&id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054

Request Chain 56

https://ad.doubleclick.net/activity;src=5308800;type=;cat=;gtm=2od9e0;auiddc=2058286238.1663428863;~oref=https%3A%2F%2Fwww.tgh.org%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=2058286238.1663428863;~oref=https%3A%2F%2Fwww.tgh.org%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=*;~oref=https%3A%2F%2Fwww.tgh.org%2F

Request Chain 63

https://www.googleadservices.com/pagead/conversion/946776036/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_-glY7jVMamZ-cAPhMKJwA4&sscte=1&crd=&eitems=ChAI8OCVmQYQ4sSFod_vuMcREh0ABSZ91bHB_iOneS5SrX40tcVjh2dHKM6gratXQw&pscrd=Ek9DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUkltQUtzMlprUmE2LXk1OEFFejRQOFB5amZuYUw2N2hhX0IxUXdxRWtpcklvSGlDY1BkSHdZGlpDaEVJOE9DVm1RWVF5cXlwbXJiM2hQZnNBUkl1QUJmMWYyX2FRWlpzVkxrQXpmRXZDblFVVGhkVU5IRGFERU9rV0h1bl9xbzhkaFAzMUltOU5BUWpYSmJLeXc HTTP 302
https://www.google.com/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUkltQUtzMlprUmE2LXk1OEFFejRQOFB5amZuYUw2N2hhX0IxUXdxRWtpcklvSGlDY1BkSHdZGlpDaEVJOE9DVm1RWVF5cXlwbXJiM2hQZnNBUkl1QUJmMWYyX2FRWlpzVkxrQXpmRXZDblFVVGhkVU5IRGFERU9rV0h1bl9xbzhkaFAzMUltOU5BUWpYSmJLeXc&is_vtc=1&ocp_id=_-glY7jVMamZ-cAPhMKJwA4&cid=CAQSKQCsnQUxuB1H7J1zKc8xIY_tQraNmXU9jbF3YJP-lCYertv7Pbrc-Dui&eitems=ChAI8OCVmQYQ4sSFod_vuMcREh0ABSZ91WNZd8TUCxNc5FyLldYs329bFCuTHiv8Yg&random=3160665360&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUkltQUtzMlprUmE2LXk1OEFFejRQOFB5amZuYUw2N2hhX0IxUXdxRWtpcklvSGlDY1BkSHdZGlpDaEVJOE9DVm1RWVF5cXlwbXJiM2hQZnNBUkl1QUJmMWYyX2FRWlpzVkxrQXpmRXZDblFVVGhkVU5IRGFERU9rV0h1bl9xbzhkaFAzMUltOU5BUWpYSmJLeXc&is_vtc=1&ocp_id=_-glY7jVMamZ-cAPhMKJwA4&cid=CAQSKQCsnQUxuB1H7J1zKc8xIY_tQraNmXU9jbF3YJP-lCYertv7Pbrc-Dui&eitems=ChAI8OCVmQYQ4sSFod_vuMcREh0ABSZ91WNZd8TUCxNc5FyLldYs329bFCuTHiv8Yg&random=3160665360&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 84

https://ib.adnxs.com/setuid/a9?entity=188&code=LqcRp60bSb6dky1QEvlivw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DLqcRp60bSb6dky1QEvlivw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LqcRp60bSb6dky1QEvlivw

Request Chain 85

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219723204277002286234&ex=neustar.biz

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=rIPStkKQT4agFYn6SpKbkg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=rIPStkKQT4agFYn6SpKbkg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YyXpAbCRPhLtYh8oVHnLjwAA

Request Chain 87

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=cff2c1f66d576a3f265268662f36f860

Request Chain 88

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 89

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=bmKS2egGQiaG8LM9n1VlJg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=bmKS2egGQiaG8LM9n1VlJg

Request Chain 90

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3cbac319-0c93-4d44-96fd-e6b9a020d2f6

Request Chain 93

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=7707ac4b-95c8-4346-4841-cd69ddf75b0a

Request Chain 94

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2929e872ef6d9e54796d5a3143f21dff&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 95

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 99

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10003f2a716b68028

Request Chain 100

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=27yCFda2R6a3acqihFnaog&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=27yCFda2R6a3acqihFnaog

Request Chain 101

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=KB7n-0lmT8CTDfZWJMb9Hg HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2929e872ef6d9e54796d5a3143f21dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0419_7144372574398016840&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MjkyOWU4NzJlZjZkOWU1NDc5NmQ1YTMxNDNmMjFkZmY=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB4u9I2Rr4YNHbDpvZwqXzo&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 102

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PVw6xVC1QYyYCcLWzmkzjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=PVw6xVC1QYyYCcLWzmkzjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=37917391044960111362440671536047501546

Request Chain 103

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=XDho-Kj7RPeAUhVl9a6mvQ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810398326393879822&gdpr=&gdpr_consent=

Request Chain 105

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5781460435712618554

Request Chain 106

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=35f1dcae-369e-11ed-be63-1ebee0f60506 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=35f1dc63-369e-11ed-be63-1ebee0f60506

Request Chain 107

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229852f7a5-c9b0-46ed-a7d6-af042df91ea3%22,%22Time%22:%2220220917T153425.573906%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9852f7a5-c9b0-46ed-a7d6-af042df91ea3

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENM1b467lMw8RoEarbpuROw&google_cver=1

Request Chain 110

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8c4855f891ec65a25574d07edce5d66b

Request Chain 112

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KnfeMeCldGqdMFwcLRylujc4ZFs4ZgIC

Request Chain 113

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=96A486F2482FEDF3

Request Chain 114

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2718344275211350972&ex=appnexus.com

Request Chain 116

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dj07481Ft5Km3JOInbQSmA&ex=rubiconproject.com&status=ok

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=xx5R7gofQcKVMyMYimYlsw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 119

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E2874F2D02E92563820FCC9202E0A917

Request Chain 120

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a4b792f1ed40aa4c84b2f985778be2298c4045f8e62dc51ddf66a059e388354c

Request Chain 122

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=292a8fb6-7713-4c13-a47f-fe63a431173a-tucta1f6e82

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.tgh.org/
Redirect Chain

http://www.tgh.org/
https://www.tgh.org/

66 KB
15 KB

382ms
192ms

Document
text/html

20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3e10b56f602e02750d7e7021943f844d6fd23679af714b6a5da8c02e81416b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 14783
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Sep 2022 15:34:22 GMT
Expires: -1
Pragma: no-cache
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Length: 143
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Sep 2022 15:34:21 GMT
Location: https://www.tgh.org/
Server: Microsoft-IIS/10.0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK global.css
www.tgh.org/assets/css/ 264 KB
37 KB 101ms
101ms Stylesheet
text/css 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/css/global.css?v=637872431645101712

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

93e8dd09e0170e4d544fdc09750d3c76b13c9855744f5259033706287783c5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 37385
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 04 May 2022 10:39:24 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "0568538a35fd81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: text/css
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK VisitorIdentification.js Show response
www.tgh.org/layouts/system/ 2 KB
2 KB 286ms
94ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/layouts/system/VisitorIdentification.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 910
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 13 Nov 2019 17:15:00 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "04243e1459ad51:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
787 B 1000ms
100ms Image
image/jpeg 54.221.111.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=57741&uuid=6751361c-fa41-49e1-8308-7f4ccdc7170c&rr=CACHE_BUSTER
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.111.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-111-187.compute-1.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
Content-Encoding: gzip
X-CI-RTID: 2c2f95b3-1c9b-4676-8f4d-f7d3a966d80c
Connection: keep-alive
Content-Length: 479
Content-Type: image/jpeg

GET
H/1.1 200
OK logo-white.svg
www.tgh.org/-/media/images/testing/ 7 KB
8 KB 109ms
108ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/testing/logo-white.svg?rev=e5382e53f4024a6f955ca54078bae973&mw=238&mh=76&hash=E51725999A2037D36FB07077F02F54DC

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

44579507228226e1bae37914346b73abe18d40eff08269045e4fa2dabb1d76e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="logo-white.svg"
Content-Length: 7541
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Mon, 29 Nov 2021 21:03:26 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 7f9d22954a75489abdb24ca35c2c009d
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 odoro-lib.js Show response
cdn.odoro.com/pp/ 5 KB
5 KB 917ms
103ms Script
application/javascript 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.odoro.com/pp/odoro-lib.js?client=tgh
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: ee60a4f7572223a6d95c353c81595cb2c3228f24d5db06435ac29dfe48561327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
last-modified: Sun, 24 Jan 2021 08:51:10 GMT
server: nginx
etag: "600d34fe-13fe"
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 5118

GET
H/1.1 200
OK tgh_2021_annualreport_cover.jpg
www.tgh.org/-/media/images/testing/teaser1/rsz_20200805_joe_kimmins_respiratory-2074-edit_2/ 225 KB
226 KB 349ms
154ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/testing/teaser1/rsz_20200805_joe_kimmins_respiratory-2074-edit_2/tgh_2021_annualreport_cover.jpg?rev=8abde114c3264887904ca626f8d5e508&mw=480&mh=342&hash=DD38BCFC57718829F2D194A87E155CEE

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c27b4f84615a2b76307a33b93b7cbdbd27ab66aeb0deb9fdcdc42be0c67978c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="tgh_2021_annualreport_cover.jpg"
Content-Length: 230447
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 12 Aug 2022 13:36:51 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 07d846d6156b4c65a59cfd6981b574d3
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK academic-medicine_teaching.jpg
www.tgh.org/-/media/images/testing/teaser2/ 43 KB
43 KB 379ms
167ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/testing/teaser2/academic-medicine_teaching.jpg?rev=59dc8d7e999140499ee4dbc28817a3fe&mw=480&mh=342&hash=8B79D7D54DE2E5D49C8164DAAE217E97

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

20325929c7299e5e8f933723fc665721c46f5507e242b0554dc649da23b754a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="Academic Medicine_Teaching.jpg"
Content-Length: 43701
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 13:54:47 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 3814b156473145bb99510e970b698801
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 6391060-hos_tampageneral_badge-hos-sp_custom_rankedspecialties_2022-23_cropped.png
www.tgh.org/-/media/images/us-news-2022-23/cropped-pngs-for-home-page/ 90 KB
91 KB 482ms
193ms Image
image/png 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/us-news-2022-23/cropped-pngs-for-home-page/6391060-hos_tampageneral_badge-hos-sp_custom_rankedspecialties_2022-23_cropped.png?rev=4d5f6ddcfe3440aa8f1d03c0725a073e

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

fc952ff7082b7aaa7309f5851fcf8ee6fd49dde54b21cdbf4560f9eb396e9ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="6391060-HOS_TampaGeneral_Badge-HOS-SP_Custom_RankedSpecialties_2022-23_cropped.png"
Content-Length: 92337
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Jul 2022 13:52:06 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 1292916c55974b05ad20ceb47c5d7418
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/png
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 6391060-hos_tampageneral_badge-hos-regional_custom_recognizedcare_2022-23_cropped.png
www.tgh.org/-/media/images/us-news-2022-23/cropped-pngs-for-home-page/ 93 KB
94 KB 484ms
167ms Image
image/png 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/us-news-2022-23/cropped-pngs-for-home-page/6391060-hos_tampageneral_badge-hos-regional_custom_recognizedcare_2022-23_cropped.png?rev=177bb8c621d0497abf58d0798f17263d

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

aa0ba115486e3067ec1076b42a7cda2c030af99bf6b5d76c7a4d68ccbd80cd9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="6391060-HOS_TampaGeneral_Badge-HOS-Regional_Custom_RecognizedCare_2022-23_cropped.png"
Content-Length: 95133
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Jul 2022 13:51:53 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 8eec5b30b9e74790a3c702735a47b8da
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/png
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK newsweek2022.png
www.tgh.org/-/media/images/homepage-badges/ 101 KB
102 KB 171ms
171ms Image
image/png 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/homepage-badges/newsweek2022.png?rev=6dfabab0dfd9444f96b95d7facee2c81

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

026f5cdabc5e8653dbdb3cbfe30868b84d6ccd7a1dc6b17eca7c90f1fff00a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="Newsweek2022.png"
Content-Length: 103532
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 18 May 2022 19:34:45 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 0ac52fb6e3cd4889b9a3362b12ec4a24
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/png
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 100top-2022-bone-rgb.jpg
www.tgh.org/-/media/images/about/accreditations-icons/ 83 KB
84 KB 165ms
164ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/about/accreditations-icons/100top-2022-bone-rgb.jpg?rev=eb510a3209684dfb98c87659a8ae62fe

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f4ff3db8c00027267135576687acd3c8ad6f50765ac11e9279ad6d57799918b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="100Top-2022-Bone-RGB.jpg"
Content-Length: 85090
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Thu, 04 Aug 2022 19:58:09 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: d88cc2504b824afb80c4721f5fab784b
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK us-news-article-image-2022.png
www.tgh.org/-/media/ 1 MB
1 MB 158ms
158ms Image
image/png 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/us-news-article-image-2022.png?rev=d2e936789ed14839b4507961843c30f4&mw=883&mh=632&hash=82586598325BE6061887DBC520E162FC

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

910689363b96d9b72242885eea95a050ccb447bf857b834a64f04f86fcbf029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="US News article image 2022.png"
Content-Length: 1186023
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Tue, 26 Jul 2022 19:32:04 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: c58d0bf03fed4dc6ba1c7a10e8129aad
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/png
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 20210506melaniepenman6497edit-1websized.jpg
www.tgh.org/-/media/ 106 KB
106 KB 142ms
142ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/20210506melaniepenman6497edit-1websized.jpg?rev=58d48680c21e4721bcf4a03a920e9b6c&mw=883&mh=632&hash=1DC042428AA0A486EDD3A10151E4270F

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ed783cd46a87b174658a5fa0917554c101c1d42f464feadc633a162425c1eb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="20210506MelaniePenman6497Edit 1websized.jpg"
Content-Length: 108038
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Jul 2022 15:46:16 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 8e1c7a0c98204e539c5268ae49ca1e72
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK merative-award-2.png
www.tgh.org/-/media/ 1 MB
1 MB 151ms
151ms Image
image/png 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/merative-award-2.png?rev=bec8f45b90d2475f929735867201c1bd&mw=883&mh=632&hash=CCA214665A117C39543948D903B376DC

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8f1eee37345bc8a32d2926ff07aae3e8198d94909739f8daa627e5475124e23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="Merative Award 2.png"
Content-Length: 1167316
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Tue, 26 Jul 2022 19:39:51 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 102e6067964149f0a944aae3cb7ab383
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/png
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK youtube.svg
www.tgh.org/assets/images/icons/ 1 KB
2 KB 93ms
93ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/youtube.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f952e9ae2812ec18357c05a2ddc3f6b53255330d8acc0a3c5b46ff0b45a9d16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 1358
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK twitter.svg
www.tgh.org/assets/images/icons/ 883 B
1 KB 103ms
98ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/twitter.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8f62202085023b2f1d67f3a6ed208f301e25b27c033143587ca444939d4f7a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 883
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK instagram.svg
www.tgh.org/assets/images/icons/ 1 KB
2 KB 95ms
94ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/instagram.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

433fb5d622ec33fb6fdbb495dbc55e9b6286be64cfa4449707b227bf8223b082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 1161
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK facebook.svg
www.tgh.org/assets/images/icons/ 600 B
1 KB 96ms
96ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/facebook.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1036991e7a4b344239d4e07964f89a2b3b29e05b34ab2b261ba8e8f8817b9a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 600
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK linkedin.svg
www.tgh.org/assets/images/icons/ 692 B
1 KB 93ms
93ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/linkedin.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

116c2c3b378a5e0c3bef38fa051d055e6f8687e8589382376a176b1f5df8cb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 692
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H2

200

APolicy.png
cdn.adasitecompliance.com/img/
Redirect Chain

https://www.adasitecompliance.com/img/APolicy.png
https://cdn.adasitecompliance.com/img/APolicy.png

24 KB
25 KB

39ms
19ms

Image
image/png

2606:4700:20::681a:cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adasitecompliance.com/img/APolicy.png
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: H2
Server: 2606:4700:20::681a:cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063010441bf969a0a99e2f716cc8dd048fea22828b198de51ef5f2e64586c8d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3431
cf-polished: status=not_needed
cf-ray: 74c2e7d99ee7927d-FRA
content-length: 24652
x-amz-id-2: rPVYo2svrfmcdbsvAZLT+xN76E2baECRRcl3AwDm/itprqH48vOoCAsPjY7DQKUDPwCgH5Sw+8Q=
last-modified: Thu, 13 May 2021 13:04:35 GMT
server: cloudflare
etag: "69421e4efcabc0a8562a90c8ed4d0cee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q%2F2aNfy4TfYDoASrBWQRFyKwmvneP9KhhJyrwpfu9qn16jaNg4eCjiVJPdoaFszia1FJIrWhHc2sUkGqzT4Dpt8%2B6S7jEZGHDbvTN6fMbaJ60ujjfVr6TiHgMVQXJJofCVQKN11kVCpShkl%2BNKgwNJ9cMM%2Bjlg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 86BKW82MRNRF3640
cache-control: max-age=14400
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png
cf-bgj: imgq:100,h2pri

Redirect headers

date: Sat, 17 Sep 2022 15:34:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1KXBd7R4ZLbTKKBmDfLwkvKHZb5yHMpd9Y9DclLWZt%2By0QK%2F9aDFIxOQX7j6GYVGpgLQjv9oTRqbqbPDp9XrshtUETFZ0hFE3hWhhM1jBXiTcMGj3bDnYWX2MfkPkjQx4a50hYR2Zs6%2Bob%2BHcfzWORWmdslcN4%3D"}],"group":"cf-nel","max_age":604800}
location: https://cdn.adasitecompliance.com/img/APolicy.png
cache-control: max-age=3600
cf-ray: 74c2e7d93e18927d-FRA
expires: Sat, 17 Sep 2022 16:34:22 GMT

GET
H/1.1 200
OK main.js Show response
www.tgh.org/assets/js/ 210 KB
62 KB 99ms
98ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/js/main.js?v=637866689940000000

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

790bc76f90160893117d9a8897633d373fd6d25972dbee7bee35571f1cd71eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 63185
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "02d88606a5ad81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
89 KB 85ms
47ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

687dfd22140850d085295a240d60a46a2d785f9d0c7e9c9cc8e323de614d24d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90148
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 15:34:22 GMT

GET
H/1.1 200
OK search.svg
www.tgh.org/assets/images/icons/ 683 B
1 KB 274ms
95ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/search.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7ba922fb5f1b68e91c962e865a7eeac69a3df618edb59daa9639521532e7e2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 683
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK Type%20Dynamic%20-%20Sailec.otf
www.tgh.org/assets/fonts/ 41 KB
42 KB 102ms
95ms Font
font/opentype 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/fonts/Type%20Dynamic%20-%20Sailec.otf

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ca39d1ddade45d77ea20667e74f8476fa8484ac738cbc7833df4e79d87ea46e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
Origin: https://www.tgh.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: font/opentype
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 42096
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK Type%20Dynamic%20-%20Sailec%20Bold.otf
www.tgh.org/assets/fonts/ 42 KB
43 KB 204ms
95ms Font
font/opentype 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/fonts/Type%20Dynamic%20-%20Sailec%20Bold.otf

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

60141afbe3a82cb1a913a8a04ea1fc70f33af0facb9e75a4decd510688976b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
Origin: https://www.tgh.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: font/opentype
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43364
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f0bf3eb7e3497e84005937f4eab83344a0805528cb5b1b04a67df5588ecca86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rsz_20191014_brand_campaign_2_day1_tgh-1777_3.jpg
www.tgh.org/-/media/images/testing/homepageherodesktop/ 408 KB
408 KB 272ms
135ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/testing/homepageherodesktop/rsz_20191014_brand_campaign_2_day1_tgh-1777_3.jpg?rev=846235c7606c4f4c8a9ddd5972e0c8fc&mw=1920&mh=1216&hash=4353C3C72A423B9F54795ABB86752A78

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

237b8a8affee6d614066701a078f4a053ef41bc87e9597eaf492a8974235fe52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="rsz_20191014_brand_campaign_2_day1_tgh-1777_3.jpg"
Content-Length: 417337
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 14:02:50 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: cf74650e8c954e7a82e04b03613a3b2b
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK bayshore_pavilion-4392.jpg
www.tgh.org/-/media/images/news-and-media/multimedia-files/ 501 KB
502 KB 182ms
182ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/news-and-media/multimedia-files/bayshore_pavilion-4392.jpg?rev=49b753e2ec4f4dd18f0e71b2763118c7&mw=1920&mh=910&hash=74DA7DE98A1DB0778BE437D805D725D4

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a2cb373180835b060ccb77b9c4f52905c2fc2c5d2da5f6212b68bf372ed52e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="Bayshore_Pavilion-4392.jpg"
Content-Length: 513132
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Mon, 27 Dec 2021 22:57:39 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: ce404ae86b3c464aaba06b89e7f6c56d
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK bg-shape-1.svg
www.tgh.org/assets/images/static/ 483 B
1 KB 112ms
112ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/static/bg-shape-1.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d668bab2b078f30652e4d55735387dbe68d887b856febe624ce9d0d9027a31da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 483
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK tghbeard7207896-1-2.jpg
www.tgh.org/-/media/images/ 58 KB
58 KB 171ms
170ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/tghbeard7207896-1-2.jpg?rev=c692ff95b0cc4f919c61648e2ae37100&mw=385&mh=460&hash=6C423FF895F4E3F03E4C91812DD36C5A

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

67cc036eb75fbc66a2f3cadcd5d93dad6d317378e99ba6278c0444791852343a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="tghbeard7207896 1 2.jpg"
Content-Length: 58948
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Tue, 21 Jun 2022 18:53:58 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: b4045405a6e94de6993228702a79d8e3
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK service-line-card-heart-and-vascular.jpg
www.tgh.org/-/media/images/home-page-swap-images/ 68 KB
68 KB 192ms
192ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/home-page-swap-images/service-line-card-heart-and-vascular.jpg?rev=0fa1414a3f8944c6a82453c22e38914c&mw=385&mh=460&hash=0678D8164BFDA38260B13208E9FF5728

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e9dd2494dd67f70261d2c0650798352e2d4fe67d464fd06d4ebf2206459b11bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="service-line-card-heart-and-vascular.jpg"
Content-Length: 69323
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 18:06:17 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 83d48f8332624e87abbc3628dd121ab3
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK service-line-card-orthopedics.jpg
www.tgh.org/-/media/images/home-page-swap-images/ 54 KB
54 KB 150ms
150ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/home-page-swap-images/service-line-card-orthopedics.jpg?rev=dea2c931bb504bc69861f0f7c5dcf987&mw=385&mh=460&hash=7253B6CA6802FDCEDC7F53264E340C03

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a793272784adddd598e05e0ce056d6e4562dfc34ac40f1d2d00517d91ca34c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="service-line-card-orthopedics.jpg"
Content-Length: 54812
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 18:06:20 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 1d8ccc8c00e24a469d83ff0414f9706d
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK service-line-card-transplant.jpg
www.tgh.org/-/media/images/home-page-swap-images/ 68 KB
69 KB 175ms
174ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/home-page-swap-images/service-line-card-transplant.jpg?rev=f3044087c71140258d5b7e9ecc5dde5c&mw=385&mh=460&hash=0088D78E5BBBC176ECDF66865A365E6E

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b86f3cc3520a4453c6b065f50a529f82389cb5a26d0b59a6b75fcf08eddfe862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="service-line-card-transplant.jpg"
Content-Length: 69781
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 18:06:23 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 16701acdc4e74118b885104d71a364a9
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK service-line-card-ent.jpg
www.tgh.org/-/media/images/home-page-swap-images/ 51 KB
51 KB 148ms
148ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/home-page-swap-images/service-line-card-ent.jpg?rev=9fd5e0d6f18346558c24e4974cb10974&mw=385&mh=460&hash=DD2F03E7A9FA142E3AEBBB2AB023F278

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a1f81f29abd12a44b4e50d0c376859a90d0d4df70d52f67f212e6828e8ea4d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="service-line-card-ent.jpg"
Content-Length: 51759
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Fri, 24 Sep 2021 18:06:13 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 96bdf354e98348d78cc1065e4787ff99
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK background1.jpg
www.tgh.org/-/media/images/testing/ 210 KB
211 KB 117ms
117ms Image
image/jpeg 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/-/media/images/testing/background1.jpg?rev=2288fb843f2144918f5c918a964c1ac5&mw=1920&mh=1080&hash=F4F2ACD404D9A635CBF985BCEA6007EB

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ed3f315448db72e76970f043dbc220d63511ae5bf7be80fe4702c81722954151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="background1.jpg"
Content-Length: 214903
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Tue, 16 Feb 2021 19:16:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: 1c32ba53ec0f400aa2447ffbff94a67b
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK phone.svg
www.tgh.org/assets/images/icons/ 851 B
1 KB 98ms
98ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/phone.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e51fe65d8b6e4ccf62a80205a0aa5dc2a09d84932435e5fb67f5a80ee40d0619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 851
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK Titling%20Gothic%20FB%20Compressed%20Regular.otf
www.tgh.org/assets/fonts/ 30 KB
31 KB 199ms
112ms Font
font/opentype 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/fonts/Titling%20Gothic%20FB%20Compressed%20Regular.otf

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b7361cb9920309c7c74f5695f7a9378fd7ac561fab17acf83ca01ba8de66e6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
Origin: https://www.tgh.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: font/opentype
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 31184
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK Titling%20Gothic%20FB%20Compressed%20Light.otf
www.tgh.org/assets/fonts/ 30 KB
31 KB 279ms
114ms Font
font/opentype 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/fonts/Titling%20Gothic%20FB%20Compressed%20Light.otf

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6dd84c773bc2d9b0388b3fb9840dbb4131f7c4a126b33c6c3906853b7afef314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
Origin: https://www.tgh.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: font/opentype
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 30844
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK 82.js Show response
www.tgh.org/assets/js/ 702 B
1 KB 93ms
93ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/js/82.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/js/main.js?v=637866689940000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

53f50884983d647d4cd07a1df1a1f5ef2b1319c8c85d0bbd3f1b6ea0e442bcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 568
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "02d88606a5ad81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 858.js Show response
www.tgh.org/assets/js/ 368 B
999 B 101ms
101ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/js/858.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/js/main.js?v=637866689940000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2962b03f7a7e18987702b02677cd9b2b8e33f5b2e8017dcc422b4360b1498ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 368
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "02d88606a5ad81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 647.js Show response
www.tgh.org/assets/js/ 2 KB
2 KB 97ms
96ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/js/647.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/js/main.js?v=637866689940000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b64cbd4aabc60449731517ef5a738daf52d8228e2aaf15be82a83230bf61528b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 1143
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "02d88606a5ad81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 3734.js Show response
script.crazyegg.com/pages/scripts/0025/ 6 KB
2 KB 580ms
22ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0025/3734.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605c2e4cca3e28a56da3e7e09f3497a1e8f91ab6a7b16b399a287942678ff347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 165520
cf-polished: origSize=5675
cf-ray: 74c2e7de1f3a9b39-FRA
ce-version: 11.4.4
last-modified: Thu, 15 Sep 2022 17:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 567ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1943
date: Sat, 17 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 17 Sep 2022 17:02:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 568ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 17 Sep 2022 16:15:28 GMT

GET
H3

200

activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%... Show response
10207215.fls.doubleclick.net/ Frame 8B5D
Redirect Chain

https://10207215.fls.doubleclick.net/activityi;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=htt...
https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh...

524 B
426 B

105ms
52ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

f37c63c24a0d6c93379eed00b03e0ef3e7acde45f28f4f5cf0f64b2e683d85c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tgh.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 15:34:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 15:34:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 580ms
57ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Sep 2022 15:34:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 80ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DFEEFAD8F534917915D31651AB6FC89 Ref B: FRAEDGE1114 Ref C: 2022-09-17T15:34:23Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sat, 17 Sep 2022 15:34:23 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5308800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc755f7e0a3d2a9d028cc3af39bd9bf2724a8912b2ed2593f2f5e7221229dd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42498
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 15:34:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28448451-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f9cb6d2c41d486c0a20038bc8625b20624748b9f5c3ef6948f69772ea23c6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42343
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 15:34:23 GMT

GET
H2 200 mhc-orbit-v1.0.min.js Show response
script-app.mercuryhealthcare.com/ 13 KB
14 KB 273ms
232ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script-app.mercuryhealthcare.com/mhc-orbit-v1.0.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ea2b378789aa960ae9fb3b9a4267c881657648b4bb82380776586d6cc83e0bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 00:40:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "f41b90cede2a01b0621a9c738e454db6"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
content-length: 13612
x-amz-cf-id: krARMjlpUTdUP4Q7CXrP5IA214djBWm7HBJJ-azApblozXrS8G8ZZQ==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 112ms
35ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 718
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 0F2TE7F2D5HYTPW4
x-amz-id-2: WockHl6xfHhY70zBtijveh6l2UGHeKjYA4EzzAxcag9oJjkePS2qIARIRrN47FyHR0m8jzVxd+U=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9207095

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35B7B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

676a0cc2de692241f9f489d532add600962f0c7ede91304baca24dbbf73f30e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42506
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Sep 2022 15:34:23 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 124 KB
40 KB 96ms
13ms Script
text/javascript 143.204.215.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: kkx8cmGgooMGeimwW4In93s6hIJC6Azb
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 21:07:42 GMT
server: AmazonS3
age: 880
etag: W/"1f44d59b4ca2d82abb2911699e1698a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Sat, 17 Sep 2022 15:19:43 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pvPa3CojhXXL4JGr8c6ndbUzxGgtq0s_0DaQam05-b_-EY1gcy6BhA==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 257B
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3...

1 KB
2 KB

121ms
120ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e28a20be283fae9f2674effbeb95cba944bb9e65028fc62f46f3b5e54f3aa24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.tgh.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1100
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 17 Sep 2022 15:34:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DAZ4KR31QVRXP3NH1SG1

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Sep 2022 15:34:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0ZMSXPRE8YZ8G9DMQTF4

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054
https://tags.w55c.net/rs?sccid=8bd8ed55-e2fd-a764-7402-9b36006a72f1&scc=1&id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054

42 B
593 B

8ms
8ms

Image
image/gif

18.157.92.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=8bd8ed55-e2fd-a764-7402-9b36006a72f1&scc=1&id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

HTTP/1.1

Server

18.157.92.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-92-103.eu-central-1.compute.amazonaws.com

Software

Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:23 GMT
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:23 GMT
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://tags.w55c.net/rs?sccid=8bd8ed55-e2fd-a764-7402-9b36006a72f1&scc=1&id=e18b667ca1364cdea3d161eae1e51a6b&t=homepage&gtmcb=47333054
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
633 B 230ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10095490&ec=tghhomepage

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 17 Sep 2022 15:34:24 GMT

GET
H3

200

dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=*;~oref=https%3A%2F%2Fwww.tgh.org%2F
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=5308800;type=;cat=;gtm=2od9e0;auiddc=2058286238.1663428863;~oref=https%3A%2F%2Fwww.tgh.org%2F?
https://ad.doubleclick.net/activity;dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=2058286238.1663428863;~oref=https%3A%2F%2Fwww.tgh.org%2F?
https://adservice.google.com/ddm/fls/z/dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=*;~oref=https%3A%2F%2Fwww.tgh.org%2F

42 B
63 B

86ms
54ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=*;~oref=https%3A%2F%2Fwww.tgh.org%2F

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/dc_pre=CL_KuLSTnPoCFUOUGAodHAEIHA;src=5308800;type=;cat=;gtm=2od9e0;auiddc=*;~oref=https%3A%2F%2Fwww.tgh.org%2F
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 11:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 11:22:27 GMT

GET
H2 200 www.tgh.org.json Show response
script.crazyegg.com/pages/data-scripts/0025/3734/site/ 4 KB
2 KB 72ms
55ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0025/3734/site/www.tgh.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/3734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2556294b6e6a699ccba847e850b150677d465acc1d3bdd680f2bc8a65436f897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163669
cf-ray: 74c2e7de5906916b-FRA
ce-version: 11.4.4
content-length: 1555
last-modified: Thu, 15 Sep 2022 18:06:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28448451-2&cid=1358754751.1663428864&jid=2145102547&gjid=480225810&_gid=2096478161.1663428864&_u=YGBAiEABBAAAAE~&z=1629148932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tgh.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Sep 2022 15:34:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.tgh.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 53ms
24ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1785662348&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tgh.org%2F&ul=en-us&de=UTF-8&dt=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GDACUABBAAAAG~&jid=1200685937&gjid=1906037839&cid=1358754751.1663428864&tid=UA-28448451-2&_gid=2096478161.1663428864&_r=1&gtm=2ou9e0&cd6=f38fff58-7c1f-4a3e-8740-f2c829095398&cd5=1358754751.1663428864&z=1789169415

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tgh.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tgh.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
15ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1785662348&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tgh.org%2F&ul=en-us&de=UTF-8&dt=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=2145102547&gjid=480225810&cid=1358754751.1663428864&tid=UA-28448451-2&_gid=2096478161.1663428864&gtm=2wg9e0N35B7B&z=1333722432

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 07:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30514
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/946776036/ 2 KB
1 KB 83ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/946776036/?random=1663428863749&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e19f2ed94010b8279da8f1e3a2b165369831db29d7127e689954b2abceb84658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/946776036/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD

80 B
565 B

286ms
238ms

XHR
application/json

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Sat, 17 Sep 2022 15:34:23 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=813844700&cl=rq2nCMSmgbUBEOTPusMD
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.tgh.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 2f6ad22e93ca0a50994ab7cdcb57f3ce.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 93 KB
30 KB 22ms
20ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/3734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d2f51cda00dda0dc64754328f6784ccf586247c5269f041fbf3dddeaae282e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 04 Sep 2022 15:37:41 GMT
server: cloudflare
age: 165774
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 74c2e7deb89b9b39-FRA
content-length: 30407

GET
H2 200 index.js Show response
undefined.odoro.com/widget/0.8/js/ 227 KB
79 KB 146ms
107ms Script
application/javascript 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Requested by: Host: cdn.odoro.com
URL: https://cdn.odoro.com/pp/odoro-lib.js?client=tgh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 5946ad5266b07835d794ec51559c145279bd3bdd5c6e169f2fa062f9e857c777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-38d41"
content-type: application/javascript

GET
H2 204 52012987.js Show response
bat.bing.com/p/action/ 0
118 B 217ms
217ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52012987.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAD2BB15F7684E4188EF512C9BEA0CE5 Ref B: FRAEDGE1114 Ref C: 2022-09-17T15:34:23Z
date: Sat, 17 Sep 2022 15:34:23 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52012987&tm=gtm002&Ver=2&mid=3c42ba8b-02c2-434c-9193-39430a471c3e&sid=34dd1740369e11ed91b89bba1a73ccfd&vid=34dd72f0369e11edbe618b37402d91a9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&p=https%3A%2F%2Fwww.tgh.org%2F&r=&lt=1318&evt=pageLoad&sv=1&rn=80617

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AC85BB97018445B8CBC22CBC207FC43 Ref B: FRAEDGE1114 Ref C: 2022-09-17T15:34:23Z
date: Sat, 17 Sep 2022 15:34:23 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.tgh.org.json Show response
script.crazyegg.com/pages/data-scripts/0025/3734/sampling/ 148 B
233 B 21ms
21ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0025/3734/sampling/www.tgh.org.json?t=462063
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9771b3e4dba511c1fa5096b3471dee9348fbba7a49df7bb697d4b0c68418f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163668
cf-ray: 74c2e7deea50916b-FRA
ce-version: 11.4.4
content-length: 139
last-modified: Thu, 15 Sep 2022 18:06:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H3

200

/
www.google.de/pagead/1p-conversion/946776036/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTyb...
https://www.google.com/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=16...
https://www.google.de/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=160...

42 B
64 B

98ms
52ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUkltQUtzMlprUmE2LXk1OEFFejRQOFB5amZuYUw2N2hhX0IxUXdxRWtpcklvSGlDY1BkSHdZGlpDaEVJOE9DVm1RWVF5cXlwbXJiM2hQZnNBUkl1QUJmMWYyX2FRWlpzVkxrQXpmRXZDblFVVGhkVU5IRGFERU9rV0h1bl9xbzhkaFAzMUltOU5BUWpYSmJLeXc&is_vtc=1&ocp_id=_-glY7jVMamZ-cAPhMKJwA4&cid=CAQSKQCsnQUxuB1H7J1zKc8xIY_tQraNmXU9jbF3YJP-lCYertv7Pbrc-Dui&eitems=ChAI8OCVmQYQ4sSFod_vuMcREh0ABSZ91WNZd8TUCxNc5FyLldYs329bFCuTHiv8Yg&random=3160665360&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/946776036/?random=736801854&cv=9&fst=1663428863749&num=1&rdp=1&value=1&label=L7LZCLr2qN8BEOTPusMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tgh.org%2F&tiba=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&auid=2058286238.1663428863&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUkltQUtzMlprUmE2LXk1OEFFejRQOFB5amZuYUw2N2hhX0IxUXdxRWtpcklvSGlDY1BkSHdZGlpDaEVJOE9DVm1RWVF5cXlwbXJiM2hQZnNBUkl1QUJmMWYyX2FRWlpzVkxrQXpmRXZDblFVVGhkVU5IRGFERU9rV0h1bl9xbzhkaFAzMUltOU5BUWpYSmJLeXc&is_vtc=1&ocp_id=_-glY7jVMamZ-cAPhMKJwA4&cid=CAQSKQCsnQUxuB1H7J1zKc8xIY_tQraNmXU9jbF3YJP-lCYertv7Pbrc-Dui&eitems=ChAI8OCVmQYQ4sSFod_vuMcREh0ABSZ91WNZd8TUCxNc5FyLldYs329bFCuTHiv8Yg&random=3160665360&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 249ms
19ms XHR
application/json 18.66.15.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-115.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 06:23:23 GMT
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age: 5649062
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-amz-cf-id: hE8_Fw7psqLpXSbHCnamux1dhOD9dQZyxRfpfeEWdvP1cRQoB4CwOQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 56ms
8ms XHR
application/json 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:33:15 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
age: 2260868
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: oI3nTOqaL5h7jXWYZIopDvg-ejwRkdiNqFCbHgZhqPEp9bM6ndC03A==

GET
BLOB 200
OK 4dda2d60-b971-40f3-afb6-9f97c6ea9b54
https://www.tgh.org/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tgh.org/4dda2d60-b971-40f3-afb6-9f97c6ea9b54
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1501/3932251777/ 7 KB
2 KB 15ms
15ms Script
text/javascript 143.204.215.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1501/3932251777/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 237df17fb25b386e5d10d2510580e65fb131238132702d67191b492340405ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: K707lajYGh7klLzzxTj5DdreuAdNiSBc
content-encoding: br
last-modified: Thu, 07 Jul 2022 19:20:58 GMT
server: AmazonS3
age: 228
etag: W/"9c458ec87b40d09ca670ed3be013baab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Sat, 17 Sep 2022 15:34:23 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: MnKq6-oTRJqOdb148GqwYB66ckL2feINFSy8EEP1gjG-dAQKxXfi5A==

GET
H2 200 10095490.json Show response
s.yimg.com/wi/config/ 46 B
685 B 97ms
33ms XHR
application/octet-stream 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095490.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

b6fcf6343abaadda203b3250e88f98d645ee0305c17627c236d9ba0aeecbe64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 07:57:51 GMT
x-content-type-options: nosniff
age: 27394
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 2ZBCRDAHD7NX5CR1
x-amz-id-2: 41WhkVaxYitFapYGRcQSBc/DXIzP1zoXkICxxLiS/JyUy0YgoYWa5tB71d/m8mFFenI0OEvgHgE=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 29 Jan 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 24 Dec 2021 03:50:07 GMT
server: ATS
etag: "b146fec136fad3366cb15ad5374e9360"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: nmTCdXboFcJi8xsgPolKMENXFzN7qTlJ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 36ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2017%20Sep%202022%2015%3A34%3A24%20GMT&n=0&b=Best%20Hospital%20in%20Tampa%20%7C%20Tampa%20General%20Hospital&.yp=10095490&f=https%3A%2F%2Fwww.tgh.org%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 17 Sep 2022 15:34:24 GMT

GET
H2 200 dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fww... Show response
adservice.google.com/ddm/fls/i/ Frame 7D91 523 B
869 B 95ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F

Requested by

Host: 10207215.fls.doubleclick.net
URL: https://10207215.fls.doubleclick.net/activityi;dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

271e1125274f18bb7663d48d638ed77dbc701158a8ef0e92295a1c64743780b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10207215.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 15:34:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clock Show response
tracking.crazyegg.com/ 24 B
131 B 137ms
41ms XHR
text/plain 108.128.203.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1663428864115
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.203.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-203-219.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 1e08dc9591de7b318e78c73f01827ec5ad17b3346c67672d155884c4d5d5315e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Sep 2022 15:34:24 GMT
cache-control: no-store
server: awselb/2.0
content-length: 24
content-type: text/plain

GET
H/1.1 200
OK chevron-right.svg
www.tgh.org/assets/images/icons/ 555 B
1 KB 94ms
94ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/chevron-right.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a9dc3735854a4abeb61dcc9f9b62de1fceb71ddd89d90407ee65c8a4abea7e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 555
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK close.svg
www.tgh.org/assets/images/icons/ 631 B
1 KB 95ms
95ms Image
image/svg+xml 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tgh.org/assets/images/icons/close.svg

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/css/global.css?v=637872431645101712

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1053dac06d3c64e35db73ae479f5ccd67adbbf4822668c34f9f217c5626c6d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/assets/css/global.css?v=637872431645101712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
ETag: "02d88606a5ad81:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: image/svg+xml
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 631
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab

GET
H/1.1 200
OK 465.js Show response
www.tgh.org/assets/js/ 20 KB
10 KB 140ms
140ms Script
application/x-javascript 20.49.104.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tgh.org/assets/js/465.js

Requested by

Host: www.tgh.org
URL: https://www.tgh.org/assets/js/main.js?v=637866689940000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

413f9f8e39de737197d132bf4303fac5ac523f16c0310cf2e4a7a8c54699fb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sat, 17 Sep 2022 15:34:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 9848
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:297af7d2-6b04-4cad-ba01-fbe486e3b5ab
Last-Modified: Wed, 27 Apr 2022 19:09:54 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "02d88606a5ad81:0"
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Content-Type: application/x-javascript
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fww... Show response
adservice.google.de/ddm/fls/i/ Frame F40E 194 B
870 B 92ms
56ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COLHprSTnPoCFQfPGQodZggFKA;src=10207215;type=pgvw;cat=gcmfl0;ord=3091346840377;gtm=2wg9e0;auiddc=2058286238.1663428863;u1=https%3A%2F%2Fwww.tgh.org%2F;u3=UA-28448451-2;~oref=https%3A%2F%2Fwww.tgh.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 15:34:24 GMT
expires: Sat, 17 Sep 2022 15:34:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame F061 6 KB
6 KB 105ms
104ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

70808936186188fb126dab5bb91b5579925503e16e434674561ca581bd989931

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D6d9baa28-fa04-6388-8bdb-834053af4859%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.tgh.org&ex-hargs=v%3D1.0%3Bc%3D3613675140501%3Bp%3D6D9BAA28-FA04-6388-8BDB-834053AF4859&cb=568754535822564540&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 5959
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 17 Sep 2022 15:34:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: MQMTJR44Y0X5XXE5KWYG

GET
BLOB 200
OK d00e7d64-095a-459a-92be-38284ffdad6e
https://www.tgh.org/ 266 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tgh.org/d00e7d64-095a-459a-92be-38284ffdad6e
Requested by: Host: www.tgh.org
URL: https://www.tgh.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bed9e23501489d972cca1280b7f64f90de9e289cdb8e136374b936e60d4675a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=LqcRp60bSb6dky1QEvlivw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DLqcRp60bSb6dky1QEvlivw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LqcRp60bSb6dky1QEvlivw

43 B
479 B

107ms
106ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LqcRp60bSb6dky1QEvlivw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Z175TMVK5Q5S3ADW7AFD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:24 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8d6cb841-df1c-4235-9226-c4f2dfd4290e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LqcRp60bSb6dky1QEvlivw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219723204277002286234&ex=neustar.biz

43 B
479 B

197ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219723204277002286234&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: NPR5YNRD1AE9RHK9KWHG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:24 GMT
server: AAWebServer
location: https://s.amazon-adsystem.com/ecm3?id=219723204277002286234&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=rIPStkKQT4agFYn6SpKbkg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=rIPStkKQT4agFYn6SpKbkg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YyXpAbCRPhLtYh8oVHnLjwAA

43 B
479 B

245ms
101ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YyXpAbCRPhLtYh8oVHnLjwAA

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 1BGG586FZ8FYQJJXY1QH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BM8H2jUsJzLZHF2%2BYNZfOTfhmc4Kz2h6Ir2zJqYKcLDH3IFvQgxi4l%2BVTNotz3OETcg0Dyuj0bgSfk0DNA4Qr4GTHCv1akpKUNFn%2BoXDum2aLJyJ6kIXpAE3%2FhzvjvzzdkZlAFuWoqFPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YyXpAbCRPhLtYh8oVHnLjwAA
cache-control: no-cache
cf-ray: 74c2e7e6ff6e9b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=cff2c1f66d576a3f265268662f36f860

43 B
479 B

198ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=cff2c1f66d576a3f265268662f36f860

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: RZPPEAAQD7X6KN9R0MK2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=cff2c1f66d576a3f265268662f36f860
Date: Sat, 17 Sep 2022 15:34:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

123ms
106ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 75SNA3MKX827P163KN0T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sat, 17 Sep 2022 15:34:25 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=bmKS2egGQiaG8LM9n1VlJg
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=bmKS2egGQiaG8LM9n1VlJg

43 B
479 B

109ms
106ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=bmKS2egGQiaG8LM9n1VlJg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 9VKGNKC1XFKAQA3H804X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=bmKS2egGQiaG8LM9n1VlJg
date: Sat, 17 Sep 2022 15:34:25 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3cbac319-0c93-4d44-96fd-e6b9a020d2f6

43 B
479 B

191ms
101ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3cbac319-0c93-4d44-96fd-e6b9a020d2f6

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: AWGC4JYASJ3GPCSBNX87
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Sat, 17 Sep 2022 15:34:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=3cbac319-0c93-4d44-96fd-e6b9a020d2f6

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame F061 43 B
183 B 772ms
100ms Image
image/gif 2600:1f18:612b:4216:c896:a534:1957:1cac
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame F061 0
123 B 706ms
34ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
via: http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=7707ac4b-95c8-4346-4841-cd69ddf75b0a

43 B
479 B

228ms
99ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=7707ac4b-95c8-4346-4841-cd69ddf75b0a

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: P9MVWRKPNYAS6CQFQWSX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Sep 2022 15:34:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=7707ac4b-95c8-4346-4841-cd69ddf75b0a
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 74c2e7e6af1a923d-FRA
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=2929e872ef6d9e54796d5a3143f21dff&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
479 B

105ms
100ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2929e872ef6d9e54796d5a3143f21dff&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: B3KXM1PAHCC9XXMBT7VR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2929e872ef6d9e54796d5a3143f21dff&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1663428864920083-600
Expires: Sat, 17 Sep 2022 15:34:25 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

229ms
102ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: BW2NQATJYAXDHNHM5HGA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Sep 2022 15:34:25 GMT
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P7
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=2TDQSQW5R535GW710DPZ:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: 2TDQSQW5R535GW710DPZ
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
vary: Content-Type,Accept-Encoding,User-Agent
x-robots-tag: noindex, nofollow
x-amz-cf-id: F1tOgghcGNvlmlmRmroXDNsVoRfM3socKToaFHFOpWiJCMqSsuoCog==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F061 0
338 B 150ms
33ms Image
text/plain 52.49.35.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=pAwGJpnKRAG9ww1Ik5SZVg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.35.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-35-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1663428865
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame F061 0
263 B 405ms
103ms Image
text/plain 54.237.50.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.50.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-50-216.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame F061 0
123 B 71ms
19ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=Ay5SeYC0QHWUETB7NCYtMQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-zxf6z
date: Sat, 17 Sep 2022 15:34:25 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10003f2a716b68028

43 B
479 B

108ms
106ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10003f2a716b68028

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 1VSAQ09X7TSHF7TT6B5C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Sep 2022 15:34:25 GMT
x-content-type-options: nosniff
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10003f2a716b68028
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=27yCFda2R6a3acqihFnaog&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=27yCFda2R6a3acqihFnaog

43 B
479 B

108ms
99ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=27yCFda2R6a3acqihFnaog

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: V3BW04Z62RDEY8K3WF1A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=27yCFda2R6a3acqihFnaog
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F061
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=KB7n-0lmT8CTDfZWJMb9Hg
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2929e872ef6d9e54796d5a3143f21dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0419_7144372574398016840&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MjkyOWU4NzJlZjZkOWU1NDc5NmQ1YTMxNDNmMjFkZmY=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB4u9I2Rr4YNHbDpvZwqXzo&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
265 B

122ms
34ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1663428865620070-531
Expires: Sat, 17 Sep 2022 15:34:25 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PVw6xVC1QYyYCcLWzmkzjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=PVw6xVC1QYyYCcLWzmkzjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=37917391044960111362440671536047501546

43 B
479 B

100ms
99ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=37917391044960111362440671536047501546

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: DNFWF2NXKF0Y4VNQ297K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-1-v040-0572b8c24.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dC5sj1xOSKU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=37917391044960111362440671536047501546
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=XDho-Kj7RPeAUhVl9a6mvQ
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810398326393879822&gdpr=&gdpr_consent=

43 B
479 B

102ms
101ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810398326393879822&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Z1THXTKW01V0ZHQMMTC9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810398326393879822&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame F061 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5781460435712618554

43 B
479 B

108ms
102ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5781460435712618554

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: T1S9AY8RGAYJFJMZT5A1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5781460435712618554
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=35f1dcae-369e-11ed-be63-1ebee0f60506
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=35f1dc63-369e-11ed-be63-1ebee0f60506

43 B
479 B

112ms
109ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=35f1dc63-369e-11ed-be63-1ebee0f60506

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 2PDS67DMM5WAQ4VADR0R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Sep 2022 15:34:25 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=35f1dc63-369e-11ed-be63-1ebee0f60506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229852f7a5-c9b0-46ed-a7d6-af042df91ea3%22,%22Time%22:%2220220917T153425.573906%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9852f7a5-c9b0-46ed-a7d6-af042df91ea3

43 B
479 B

102ms
101ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9852f7a5-c9b0-46ed-a7d6-af042df91ea3

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: W56JVGG9YM0PA9P8EWJN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9852f7a5-c9b0-46ed-a7d6-af042df91ea3
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENM1b467lMw8RoEarbpuROw&google_cver=1

43 B
479 B

102ms
100ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENM1b467lMw8RoEarbpuROw&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: ARS57NNV7SQ62ZBCV0QS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENM1b467lMw8RoEarbpuROw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame F061 20 B
20 B 343ms
98ms Image
text/plain 34.235.183.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.183.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-183-60.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
x-age: 0
content-length: 20
content-type: text/plain; charset=utf-8
x-served-by: usermatch-a009-ash-prod.krxd.net
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8c4855f891ec65a25574d07edce5d66b

43 B
479 B

107ms
107ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8c4855f891ec65a25574d07edce5d66b

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: D7K97N0J8EXRW10H48K4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8c4855f891ec65a25574d07edce5d66b
date: Sat, 17 Sep 2022 15:34:25 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: R36kE0PHC4cdo7WqFJyMIaX9WcVGbnJ7AVmX2LBWNqrroQXM7vbfZA==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F061 43 B
304 B 72ms
24ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KnfeMeCldGqdMFwcLRylujc4ZFs4ZgIC

43 B
479 B

107ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KnfeMeCldGqdMFwcLRylujc4ZFs4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 5K3B1GEEDJWAPD99WP53
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfKP1LszPrxmR7SYPVdsaI0NhidFdKNad6VqzjtEnK4p8CTQc%2BIYZeJF0dFZc1N6vstQ8Sas6cmjTA21FL4v3o8Y7mwHWHWq0%2BZ%2FT813oW98Jow4BAqsXZcAT7TJnei9mOcGLP9V7lw3IA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KnfeMeCldGqdMFwcLRylujc4ZFs4ZgIC
cache-control: no-cache
cf-ray: 74c2e7ea992c9073-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=96A486F2482FEDF3

43 B
479 B

127ms
113ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=96A486F2482FEDF3

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: CR4X40MWR5NZJYGPKVDC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:27 GMT
frontend-id: 9
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=96A486F2482FEDF3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=2718344275211350972&ex=appnexus.com

43 B
479 B

109ms
107ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2718344275211350972&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Z771C0RSXJPNMFPW438C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 34d4750e-1765-4f50-99de-8a1c159e603b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=2718344275211350972&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame F061 0
225 B 129ms
17ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=UVCgdqa8QN6R3yhHD0LIog&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=dj07481Ft5Km3JOInbQSmA&ex=rubiconproject.com&status=ok

43 B
479 B

102ms
100ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dj07481Ft5Km3JOInbQSmA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: C93TV4T7F2X06QQ5DY18
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=dj07481Ft5Km3JOInbQSmA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=xx5R7gofQcKVMyMYimYlsw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

109ms
104ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: X6ZA2VKT8BXVG3NVY26Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame F061 0
324 B 186ms
9ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E2874F2D02E92563820FCC9202E0A917

43 B
479 B

110ms
104ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E2874F2D02E92563820FCC9202E0A917

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:26 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 3FYADBVKP6HN0W8SPX6C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Sep 2022 15:34:26 GMT
Server: openresty/1.15.8.2
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E2874F2D02E92563820FCC9202E0A917
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sat, 17 Sep 2022 15:34:25 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a4b792f1ed40aa4c84b2f985778be2298c4045f8e62dc51ddf66a059e388354c

43 B
479 B

110ms
109ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a4b792f1ed40aa4c84b2f985778be2298c4045f8e62dc51ddf66a059e388354c

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: JQK39N0DRSHXERKVAMQM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Sep 2022 15:34:25 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a4b792f1ed40aa4c84b2f985778be2298c4045f8e62dc51ddf66a059e388354c
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F061 0
166 B 139ms
18ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=pAwGJpnKRAG9ww1Ik5SZVg&dmt=3&ex-pl-n-g-hmt=xx5R7gofQcKVMyMYimYlsw&ep=mfS4I4Lxm4iN8M-0MyueFT1yd1BrJAd16XJoS6FnQ5RYv7KpRdwv9csv45YXwcOp-Dk0BZJQw_1-ArGZoOHj1RMd1sWbsLKRXPDtQe6a_DFu3Vje3l_83s1Pxocex6O_TeNEmSr8MnyXTFLJktBkzcwy2tJW4ZB0Ks0d8pvH8PX7hxAI9aMMHhn412aKCi1JNhdvahwW6Th1epItk3FOFPUbbTxdzCCXMUhiVY7b7CkWdPbhORL6hUNEx3goT5UrcGu5Y5FG0-6BKLD678eJe7cZsZ7Lic7fqJ6I2lc9C0be3gNDeeZemsfnwsx8IVaYzmNCXyP3cI1gngmJkG8mw5DCdb8HPvNxd4BU7z36_Lj90GwtcNVkPJWfFzPpevTpgGxo6XNgdI9fNE50TX3ez0hVvXrd6gwtd8CDQ7ifjtXMQ5Kwjr_fMBVMRY8D15NbYSEChzwmmtxaeoZ1qo3N5kEs4XlYy0PAFHl5vgyMGG12Gq4L_ETibyusw4r9BgTp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F061
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=292a8fb6-7713-4c13-a47f-fe63a431173a-tucta1f6e82

43 B
479 B

101ms
100ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=292a8fb6-7713-4c13-a47f-fe63a431173a-tucta1f6e82

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Sep 2022 15:34:26 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: CVKN26SS8ED1JP7ZWY2R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=292a8fb6-7713-4c13-a47f-fe63a431173a-tucta1f6e82
date: Sat, 17 Sep 2022 15:34:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13605

GET
H2 200 ga.html Show response
v2.odoro.com/widget/0.8/ Frame 3DB4 729 B
498 B 148ms
104ms Document
text/html 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/ga.html
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 71cccdb5c74a8a428bb92b74ffb48ff2dd611c2f69585538d2d286b3d31743e2

Request headers

Referer: https://www.tgh.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 17 Sep 2022 15:34:24 GMT
etag: W/"6315770e-2d9"
server: nginx

GET
H2 200 index.css
v2.odoro.com/widget/0.8/css/ 17 KB
2 KB 148ms
105ms Stylesheet
text/css 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/css/index.css
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: acac6f4c0a86883eee6c08ea669c8f5725e69784bfbc55ac8768d0030ba2ad09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-45f7"
content-type: text/css

GET
H2 200 entry-chat.js Show response
v2.odoro.com/widget/0.8/js/ 571 KB
168 KB 107ms
106ms Script
application/javascript 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/js/entry-chat.js
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cb7adf7a8641a8158c4fa55e0984dc46a050457b0917063e85ee4ceb1994b186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-8ea14"
content-type: application/javascript

GET
H2 200 entry-chat.css
v2.odoro.com/widget/0.8/css/ 398 KB
74 KB 104ms
104ms Stylesheet
text/css 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/css/entry-chat.css
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 08cb9bf807da13b8c244f653d2cf9f11ac7e6c1380e5632b098a92a3fc120835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:24 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-637d8"
content-type: text/css

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3DB4 49 KB
20 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: v2.odoro.com
URL: https://v2.odoro.com/widget/0.8/ga.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v2.odoro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1945
date: Sat, 17 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 17 Sep 2022 17:02:00 GMT

GET
H2 200 providerslist.js Show response
v2.odoro.com/widget/0.8/js/ 46 KB
11 KB 104ms
103ms Script
application/javascript 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/js/providerslist.js
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 1917b557230e5ceada91c5ede5532923cfab86aad9ee422716df39a282226bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-b8d6"
content-type: application/javascript

GET
H2 200 providerslist.css
v2.odoro.com/widget/0.8/css/ 51 KB
4 KB 103ms
102ms Stylesheet
text/css 2600:1f18:2369:1010:b13c:6068:dc25:80ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.odoro.com/widget/0.8/css/providerslist.css
Requested by: Host: undefined.odoro.com
URL: https://undefined.odoro.com/widget/0.8/js/index.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2369:1010:b13c:6068:dc25:80ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 4512661e70eaa193bccff1f700f1caa919e50a86adb8fc6a40913082094d0bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tgh.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 15:34:25 GMT
content-encoding: gzip
server: nginx
etag: W/"6315770e-cd34"
content-type: text/css

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.tgh.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: 1d4ec94bf992d1a883d1c563d6fdc44e66d362b370ccefcd6355558bf89d2438
www.tgh.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lxfxz5xjcue1rlwjpovgo4u4
www.tgh.org/	1970-01-20 15:39:48	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 2783b420790843d290cef904767df1f1\|False
.tgh.org/	1970-01-20 08:13:24	Name: _gcl_au Value: 1.1.2058286238.1663428863
.tgh.org/	1970-01-20 15:39:48	Name: _ga Value: GA1.2.1358754751.1663428864
.tgh.org/	1970-01-20 06:05:15	Name: _gid Value: GA1.2.2096478161.1663428864
.tgh.org/	1970-01-20 06:03:48	Name: _dc_gtm_UA-28448451-2 Value: 1
.tgh.org/	1970-01-20 06:03:48	Name: _gat_gtag_UA_28448451_2 Value: 1
.bing.com/	1970-01-20 15:25:24	Name: MUID Value: 2B1AD50D20F16047062AC72F218061A4
.tgh.org/	1970-01-20 06:05:15	Name: _uetsid Value: 34dd1740369e11ed91b89bba1a73ccfd
.tgh.org/	1970-01-20 15:25:24	Name: _uetvid Value: 34dd72f0369e11edbe618b37402d91a9
.tgh.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.ipredictive.com/	1970-01-20 07:30:12	Name: ci_rtc Value: _uts=1663428863
.tgh.org/	1970-01-20 15:39:48	Name: invoca_session Value: %7B%22ttl%22%3A%222022-10-17T15%3A34%3A23.978Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.w55c.net/	1970-01-20 15:33:12	Name: wfivefivec Value: Mqnah6UL1OzzPO2
.yahoo.com/	1970-01-20 14:49:46	Name: A3 Value: d=AQABBADpJWMCEF-bwYofAhTKER0nsvKUEl8FEgEBAQE6J2MvYwAAAAAA_eMAAA&S=AQAAAl0FB6c2Qt6yilswBo6oJLM
.amazon-adsystem.com/	1970-01-20 10:46:03	Name: ad-id Value: Axq3giaZIErvk1S9wXpKn8Q
.amazon-adsystem.com/	1970-01-20 15:39:48	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 15:25:24	Name: IDE Value: AHWqTUl28W2oQkpkJ6A65WG4yeqBIKFKK_1CfOsDJQoIQBQ9vBJhPKQx4dnG5ZSolPc
.tgh.org/	1969-12-31 23:59:59	Name: cebsp Value: 1
.tgh.org/	1970-01-20 14:49:24	Name: _ce.s Value: v~b169b317348c8cce46fb93d9f68f6c6638691515~vpv~0~v11.rlc~1663428864257
.adnxs.com/	1970-01-20 08:13:24	Name: uuid2 Value: 2718344275211350972
.adnxs.com/	1970-01-20 08:13:24	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2Hb6EKrmw!@wnfH8KHJO4W`i=Cf>k6R3f?.AX>q24'uZ3`V6^0fXr_Xb.BpV?@OI!AXTO:4=sB!7>?p8UGhf
.agkn.com/	1970-01-20 14:49:24	Name: ab Value: 0001%3AD6Ck8dz2Yn%2B459qDQisvkXXDugctw%2FID
.myvisualiq.net/	1970-01-20 15:39:48	Name: tuuid Value: 3cbac319-0c93-4d44-96fd-e6b9a020d2f6
.myvisualiq.net/	1970-01-20 15:39:48	Name: c Value: 1663428865
.myvisualiq.net/	1970-01-20 15:39:48	Name: tuuid_lu Value: 1663428865
.bidswitch.net/	1970-01-20 14:49:24	Name: tuuid Value: eaa70202-0043-4f12-8b4c-2cc44a7cc82c
.bidswitch.net/	1970-01-20 14:49:24	Name: c Value: 1663428865
.bidswitch.net/	1970-01-20 14:49:24	Name: tuuid_lu Value: 1663428865
.analytics.yahoo.com/	1970-01-20 14:49:24	Name: IDSYNC Value: 195g~277r
ads.stickyadstv.com/	1970-01-20 06:47:00	Name: UID Value: 2929e872ef6d9e54796d5a3143f21dff
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 64e3b03f5937534ebbd0ef1af6b2a99
.casalemedia.com/	1970-01-20 14:49:24	Name: CMID Value: YyXpAbCRPhLtYh8oVHnLjwAA
.casalemedia.com/	1970-01-20 08:13:24	Name: CMPS Value: 5180
.casalemedia.com/	1970-01-20 08:13:24	Name: CMPRO Value: 5180
.zeotap.com/	1970-01-20 14:49:24	Name: zc Value: 7707ac4b-95c8-4346-4841-cd69ddf75b0a
.krxd.net/	1970-01-20 10:23:00	Name: _kuid_ Value: PFaoL0G6
.ads.stickyadstv.com/	1970-01-20 06:23:58	Name: uid-bp-30833 Value: KB7n-0lmT8CTDfZWJMb9Hg
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: updated Value: 1
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 64e3b03f5937534ebbd0ef1af6b2a99
.ads.stickyadstv.com/	1970-01-20 06:47:00	Name: UID Value: 2929e872ef6d9e54796d5a3143f21dff
ads.stickyadstv.com/	1970-01-20 06:23:58	Name: uid-bp-30833 Value: KB7n-0lmT8CTDfZWJMb9Hg
.mookie1.com/	1970-01-20 15:32:36	Name: id Value: 10810398326393879822
.mookie1.com/	1970-01-20 15:32:36	Name: mdata Value: 1\|10810398326393879822\|1663428865387
.mookie1.com/	1970-01-20 15:32:36	Name: ov Value: 304a9857d64a014247dd8ae2e148f863
.adform.net/	1970-01-20 06:47:00	Name: C Value: 1
.adform.net/	1970-01-20 07:30:12	Name: uid Value: 5781460435712618554
ads.samba.tv/	1970-01-20 15:32:36	Name: sambapxid Value: 10003f2a716b68028
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1663428865_1
.serving-sys.com/	1970-01-20 08:13:24	Name: u2 Value: 9852f7a5-c9b0-46ed-a7d6-af042df91ea34IQ060
.spotxchange.com/	1970-01-20 06:44:08	Name: audience Value: 35f1dc63-369e-11ed-be63-1ebee0f60506
.fwmrm.net/	1970-01-20 10:23:00	Name: _uid Value: "l0419_7144372574398016840"
.ads.stickyadstv.com/	1970-01-20 07:30:12	Name: uid-bp-36033 Value: l0419_7144372574398016840
.ads.stickyadstv.com/	1970-01-20 07:30:12	Name: MRM_UID Value: l0419_7144372574398016840
ads.stickyadstv.com/	1970-01-20 07:30:12	Name: uid-bp-36033 Value: l0419_7144372574398016840
ads.stickyadstv.com/	1970-01-20 07:30:12	Name: MRM_UID Value: l0419_7144372574398016840
.casalemedia.com/	1970-01-20 08:13:24	Name: CMTS Value: 5162
.demdex.net/	1970-01-20 10:23:00	Name: demdex Value: 37917391044960111362440671536047501546
ads.stickyadstv.com/	1970-01-20 07:30:12	Name: uid-bp-159 Value: CAESEB4u9I2Rr4YNHbDpvZwqXzo
.ads.stickyadstv.com/	1970-01-20 07:30:12	Name: uid-bp-159 Value: CAESEB4u9I2Rr4YNHbDpvZwqXzo
.semasio.net/	1970-01-20 14:49:24	Name: SEUNCY Value: 96A486F2482FEDF3
.dpm.demdex.net/	1970-01-20 10:23:00	Name: dpm Value: 37917391044960111362440671536047501546
.ispot.tv/	1970-01-20 15:39:48	Name: pt Value: v2:a4b792f1ed40aa4c84b2f985778be2298c4045f8e62dc51ddf66a059e388354c\|b2bff5fda56e4045175511b4c65558b67749e3b4ea3478391018d7273a97fb69
.ninthdecimal.com/	1970-01-20 10:23:00	Name: ndat Value: LU+H4mMl6QKSzA+CF6ngAg==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://www.tgh.org/ Message: The resource https://v2.odoro.com/widget/0.8/css/providerslist.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.tgh.org/ Message: The resource https://v2.odoro.com/widget/0.8/js/providerslist.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10207215.fls.doubleclick.net
1f2e7.v.fwmrm.net
aa.agkn.com
ad.doubleclick.net
ad.ipredictive.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amazon.partners.tremorhub.com
assets-tracking.crazyegg.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.adasitecompliance.com
cdn.odoro.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
odr.mookie1.com
pagestates-tracking.crazyegg.com
pi.ispot.tv
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
s.yimg.com
sb.scorecardresearch.com
script-app.mercuryhealthcare.com
script.crazyegg.com
solutions.invocacdn.com
sp.analytics.yahoo.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
tags.w55c.net
token.rubiconproject.com
tracking.crazyegg.com
uipglob.semasio.net
undefined.odoro.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
v2.odoro.com
www.adasitecompliance.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.imdb.com
www.tgh.org
x.bidswitch.net
px.surveywall-api.survata.com
104.18.18.126
104.96.159.57
108.128.203.219
108.138.25.178
13.32.121.17
141.226.228.48
142.250.184.194
142.250.184.198
142.250.185.134
142.250.185.66
143.204.215.85
15.197.193.217
151.101.66.132
18.134.84.25
18.156.0.31
18.157.92.103
18.198.69.109
18.66.15.115
185.64.190.80
185.89.211.116
185.94.180.125
188.65.124.66
193.108.153.18
198.47.127.19
20.49.104.24
212.82.100.181
212.82.100.182
2600:1f18:2369:1010:b13c:6068:dc25:80ab
2600:1f18:612b:4216:c896:a534:1957:1cac
2606:4700:10::ac43:db6
2606:4700:20::681a:cd5
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9c
3.122.37.130
3.126.61.30
34.235.183.60
34.98.64.218
34.98.67.61
35.157.107.208
35.158.39.190
37.157.3.30
44.206.163.254
45.79.135.226
52.2.16.173
52.212.110.18
52.46.143.56
52.49.35.210
54.221.111.187
54.237.50.216
65.9.66.123
69.173.144.138
69.173.144.139
77.243.60.138
99.86.4.31
026f5cdabc5e8653dbdb3cbfe30868b84d6ccd7a1dc6b17eca7c90f1fff00a5c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
063010441bf969a0a99e2f716cc8dd048fea22828b198de51ef5f2e64586c8d3
08cb9bf807da13b8c244f653d2cf9f11ac7e6c1380e5632b098a92a3fc120835
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1036991e7a4b344239d4e07964f89a2b3b29e05b34ab2b261ba8e8f8817b9a9d
1053dac06d3c64e35db73ae479f5ccd67adbbf4822668c34f9f217c5626c6d92
116c2c3b378a5e0c3bef38fa051d055e6f8687e8589382376a176b1f5df8cb3a
1917b557230e5ceada91c5ede5532923cfab86aad9ee422716df39a282226bc4
1e08dc9591de7b318e78c73f01827ec5ad17b3346c67672d155884c4d5d5315e
20325929c7299e5e8f933723fc665721c46f5507e242b0554dc649da23b754a1
237b8a8affee6d614066701a078f4a053ef41bc87e9597eaf492a8974235fe52
237df17fb25b386e5d10d2510580e65fb131238132702d67191b492340405ed4
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2556294b6e6a699ccba847e850b150677d465acc1d3bdd680f2bc8a65436f897
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
271e1125274f18bb7663d48d638ed77dbc701158a8ef0e92295a1c64743780b0
2962b03f7a7e18987702b02677cd9b2b8e33f5b2e8017dcc422b4360b1498ae7
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3e10b56f602e02750d7e7021943f844d6fd23679af714b6a5da8c02e81416b17
3ea2b378789aa960ae9fb3b9a4267c881657648b4bb82380776586d6cc83e0bf
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
413f9f8e39de737197d132bf4303fac5ac523f16c0310cf2e4a7a8c54699fb89
433fb5d622ec33fb6fdbb495dbc55e9b6286be64cfa4449707b227bf8223b082
44579507228226e1bae37914346b73abe18d40eff08269045e4fa2dabb1d76e6
4512661e70eaa193bccff1f700f1caa919e50a86adb8fc6a40913082094d0bc1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9cb6d2c41d486c0a20038bc8625b20624748b9f5c3ef6948f69772ea23c6f4
53f50884983d647d4cd07a1df1a1f5ef2b1319c8c85d0bbd3f1b6ea0e442bcc1
5946ad5266b07835d794ec51559c145279bd3bdd5c6e169f2fa062f9e857c777
5bed9e23501489d972cca1280b7f64f90de9e289cdb8e136374b936e60d4675a
60141afbe3a82cb1a913a8a04ea1fc70f33af0facb9e75a4decd510688976b4a
605c2e4cca3e28a56da3e7e09f3497a1e8f91ab6a7b16b399a287942678ff347
676a0cc2de692241f9f489d532add600962f0c7ede91304baca24dbbf73f30e6
67cc036eb75fbc66a2f3cadcd5d93dad6d317378e99ba6278c0444791852343a
687dfd22140850d085295a240d60a46a2d785f9d0c7e9c9cc8e323de614d24d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd84c773bc2d9b0388b3fb9840dbb4131f7c4a126b33c6c3906853b7afef314
70808936186188fb126dab5bb91b5579925503e16e434674561ca581bd989931
71cccdb5c74a8a428bb92b74ffb48ff2dd611c2f69585538d2d286b3d31743e2
790bc76f90160893117d9a8897633d373fd6d25972dbee7bee35571f1cd71eae
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7ba922fb5f1b68e91c962e865a7eeac69a3df618edb59daa9639521532e7e2b2
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0bf3eb7e3497e84005937f4eab83344a0805528cb5b1b04a67df5588ecca86
8f1eee37345bc8a32d2926ff07aae3e8198d94909739f8daa627e5475124e23e
8f62202085023b2f1d67f3a6ed208f301e25b27c033143587ca444939d4f7a23
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
910689363b96d9b72242885eea95a050ccb447bf857b834a64f04f86fcbf029f
93e8dd09e0170e4d544fdc09750d3c76b13c9855744f5259033706287783c5bc
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f81f29abd12a44b4e50d0c376859a90d0d4df70d52f67f212e6828e8ea4d4b
a2cb373180835b060ccb77b9c4f52905c2fc2c5d2da5f6212b68bf372ed52e5d
a793272784adddd598e05e0ce056d6e4562dfc34ac40f1d2d00517d91ca34c64
a9dc3735854a4abeb61dcc9f9b62de1fceb71ddd89d90407ee65c8a4abea7e8b
aa0ba115486e3067ec1076b42a7cda2c030af99bf6b5d76c7a4d68ccbd80cd9c
acac6f4c0a86883eee6c08ea669c8f5725e69784bfbc55ac8768d0030ba2ad09
b3d2f51cda00dda0dc64754328f6784ccf586247c5269f041fbf3dddeaae282e
b64cbd4aabc60449731517ef5a738daf52d8228e2aaf15be82a83230bf61528b
b6fcf6343abaadda203b3250e88f98d645ee0305c17627c236d9ba0aeecbe64a
b7361cb9920309c7c74f5695f7a9378fd7ac561fab17acf83ca01ba8de66e6b4
b86f3cc3520a4453c6b065f50a529f82389cb5a26d0b59a6b75fcf08eddfe862
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27b4f84615a2b76307a33b93b7cbdbd27ab66aeb0deb9fdcdc42be0c67978c8
ca39d1ddade45d77ea20667e74f8476fa8484ac738cbc7833df4e79d87ea46e0
cb7adf7a8641a8158c4fa55e0984dc46a050457b0917063e85ee4ceb1994b186
d668bab2b078f30652e4d55735387dbe68d887b856febe624ce9d0d9027a31da
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
e19f2ed94010b8279da8f1e3a2b165369831db29d7127e689954b2abceb84658
e28a20be283fae9f2674effbeb95cba944bb9e65028fc62f46f3b5e54f3aa24c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51fe65d8b6e4ccf62a80205a0aa5dc2a09d84932435e5fb67f5a80ee40d0619
e9771b3e4dba511c1fa5096b3471dee9348fbba7a49df7bb697d4b0c68418f7d
e9dd2494dd67f70261d2c0650798352e2d4fe67d464fd06d4ebf2206459b11bc
ed3f315448db72e76970f043dbc220d63511ae5bf7be80fe4702c81722954151
ed783cd46a87b174658a5fa0917554c101c1d42f464feadc633a162425c1eb00
ee60a4f7572223a6d95c353c81595cb2c3228f24d5db06435ac29dfe48561327
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37c63c24a0d6c93379eed00b03e0ef3e7acde45f28f4f5cf0f64b2e683d85c9
f4ff3db8c00027267135576687acd3c8ad6f50765ac11e9279ad6d57799918b6
f952e9ae2812ec18357c05a2ddc3f6b53255330d8acc0a3c5b46ff0b45a9d16a
fc755f7e0a3d2a9d028cc3af39bd9bf2724a8912b2ed2593f2f5e7221229dd7a
fc952ff7082b7aaa7309f5851fcf8ee6fd49dde54b21cdbf4560f9eb396e9ca6
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.tgh.org Open in urlscan Pro 20.49.104.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

72 %HTTPS

25 %IPv6

50 Domains

69 Subdomains

36 IPs

10 Countries

5562 kBTransfer

7640 kBSize

65 Cookies

11 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tgh.org Open in urlscan Pro
20.49.104.24 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

72 %
HTTPS

25 %
IPv6

50
Domains

69
Subdomains

36
IPs

10
Countries

5562 kB
Transfer

7640 kB
Size

65
Cookies

130 HTTP transactions
1 data transactions