urlscan.io logo urlscan.io
SecurityTrails logo

www.weather-us.com Open in urlscan Pro
2606:4700:3033::ac43:cdb1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://weather-us.com/
Effective URL: https://www.weather-us.com/
Submission Tags: tranco_l324
Submission: On November 08 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 10 countries across 119 domains to perform 412 HTTP transactions. The main IP is 2606:4700:3033::ac43:cdb1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.weather-us.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 24th 2021. Valid for: a year.
This is the only time www.weather-us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 40 2606:4700:303... 13335 (CLOUDFLAR...)
34 142.251.40.226 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 65.8.197.2 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
1 3 2620:116:800b... 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 46.105.202.126 16276 (OVH)
1 2600:9000:210... 16509 (AMAZON-02)
2 51.89.21.10 16276 (OVH)
1 17 52.46.130.91 16509 (AMAZON-02)
1 23 54.84.77.52 14618 (AMAZON-AES)
21 22 35.211.178.172 19527 (GOOGLE-2)
4 24 184.29.133.6 16625 (AKAMAI-AS)
4 10 35.169.48.117 14618 (AMAZON-AES)
2 2 162.55.6.211 24940 (HETZNER-AS)
5 184.29.132.212 16625 (AKAMAI-AS)
3 3 108.168.159.145 36351 (SOFTLAYER)
2 18.208.71.32 14618 (AMAZON-AES)
12 14 68.67.179.77 29990 (ASN-APPNEX)
3 4 63.251.86.50 32475 (SINGLEHOP...)
3 11 52.223.22.214 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
15 15 15.197.193.217 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 4 44.193.191.16 14618 (AMAZON-AES)
6 6 64.202.112.159 22075 (AS-OUTBRAIN)
3 3 184.50.205.90 16625 (AKAMAI-AS)
6 6 199.127.204.142 26120 (RHYTHMONE)
3 9 198.148.27.139 19189 (PULSEPOINT)
3 4 70.42.32.95 22075 (AS-OUTBRAIN)
20 40 142.251.32.98 15169 (GOOGLE)
4 6 34.98.64.218 15169 (GOOGLE)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 54.175.176.13 14618 (AMAZON-AES)
2 2 129.159.70.95 31898 (ORACLE-BM...)
2 3 38.91.45.7 398989 (DEEPINTENT)
2 2 3.95.114.14 14618 (AMAZON-AES)
1 199.187.193.181 47043 (SMARTADSE...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
3 23.92.190.74 10913 (INTERNAP-BLK)
7 9 104.65.247.96 16625 (AKAMAI-AS)
1 5 34.204.64.181 14618 (AMAZON-AES)
1 1 35.211.118.13 15169 (GOOGLE)
4 4 107.178.246.49 15169 (GOOGLE)
1 3 104.36.115.113 62713 (AS-PUBMATIC)
1 7 2607:f8b0:400... 15169 (GOOGLE)
3 3 23.50.66.244 16625 (AKAMAI-AS)
6 23.192.31.127 16625 (AKAMAI-AS)
7 7 74.121.140.14 30419 (MEDIAMATH...)
5 5 151.101.130.49 54113 (FASTLY)
8 8 67.202.105.23 32748 (STEADFAST)
1 2 67.202.105.33 32748 (STEADFAST)
2 3 23.23.88.115 14618 (AMAZON-AES)
1 1 124.146.215.44 2514 (INFOSPHER...)
5 5 199.38.167.129 54312 (ROCKETFUEL)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
11 2607:f8b0:400... 15169 (GOOGLE)
9 9 2606:ae80:145... 25751 (VALUECLICK)
1 1 50.16.141.46 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
2 3 185.167.164.39 198622 (ADFORM)
1 21 104.36.115.109 62713 (AS-PUBMATIC)
2 4 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 107.20.192.231 14618 (AMAZON-AES)
1 54.211.161.228 14618 (AMAZON-AES)
4 8.28.7.84 62713 (AS-PUBMATIC)
2 11 8.28.7.83 62713 (AS-PUBMATIC)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 1 44.195.153.149 14618 (AMAZON-AES)
5 34.117.239.71 15169 (GOOGLE)
3 4 3.218.90.66 14618 (AMAZON-AES)
7 13 69.173.151.100 26667 (RUBICONPR...)
1 2001:4998:14:... 14777 (YAHOO)
3 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
1 1 52.4.244.165 14618 (AMAZON-AES)
1 1 81.222.128.215 20597 (ELTEL-AS)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.206.96.27 ()
1 4 2620:100:a001::c ()
2 74.119.119.139 ()
4 99.84.114.16 ()
1 198.148.27.134 ()
1 34.107.148.139 ()
1 23.50.75.217 ()
1 74.119.119.129 ()
1 54.89.57.117 ()
5 5 147.75.38.124 ()
2 51.222.39.186 ()
5 2607:f8b0:400... ()
3 2607:f8b0:400... ()
1 3 184.29.133.72 ()
2 2620:100:a001::4 ()
1 2606:4700:303... ()
17 23.208.216.24 ()
1 74.119.119.149 ()
3 3 35.190.90.30 ()
1 2 54.219.152.118 ()
2 2 34.225.172.55 ()
6 6 34.194.25.101 14618 (AMAZON-AES)
1 2 192.35.249.120 ()
1 3 2a04:4e42:600... ()
1 2600:1f18:612... ()
1 35.190.113.31 ()
2 2 149.56.26.32 ()
3 3 51.79.83.225 ()
2 2 18.204.86.180 ()
1 2606:ae80:145... ()
1 8.2.111.121 ()
1 1 162.254.186.187 ()
1 2 172.98.26.125 ()
2 2 54.84.15.237 ()
1 2600:1f18:444... ()
1 35.212.101.174 ()
2 2 2620:109:c002... ()
1 2 104.18.100.194 ()
2 2 35.211.233.246 ()
1 2620:1ec:c11:... ()
5 5 34.200.88.28 ()
1 1 3.128.164.252 ()
1 2606:4700:20:... ()
2 2 74.119.119.150 ()
2 2 35.207.24.140 ()
1 1 199.187.193.193 ()
2 2 173.231.178.81 ()
1 2 2606:4700::68... ()
1 151.101.65.44 ()
1 1 172.105.232.22 ()
1 1 195.5.165.20 ()
1 38.27.122.158 ()
1 2 2606:4700:10:... ()
2 2 35.201.96.126 ()
1 8.28.7.109 ()
1 2 3.215.189.212 ()
1 54.210.14.23 ()
2 2 207.198.113.176 ()
1 2 38.67.14.233 ()
1 1 18.210.218.247 ()
1 1 45.35.192.162 ()
1 1 34.98.107.212 ()
412 97
40    2606:4700:3033::ac43:cdb1 (United States)

ASN13335 (CLOUDFLARENET, US)
weather-us.com
www.weather-us.com
34    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads4.g.doubleclick.net
2    2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
4    65.8.197.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-197-2.bos50.r.cloudfront.net
c.amazon-adsystem.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:2105:e000:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.ezoic.net
3    2620:116:800b:21:559e:e8a8:8a19:7f11 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
2    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    2600:9000:2105:bc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    51.89.21.10 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com
id5-sync.com
17    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
23    54.84.77.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-77-52.compute-1.amazonaws.com
rtb.gumgum.com
g2.gumgum.com
22    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
24    184.29.133.6 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-6.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
10    35.169.48.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-48-117.compute-1.amazonaws.com
match.sharethrough.com
2    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
5    184.29.132.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    108.168.159.145 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 91.9f.a86c.ip4.static.sl-reverse.com
um.simpli.fi
2    18.208.71.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-71-32.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
14    68.67.179.77 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
6    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
40    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
6    2600:1f18:4e9:5a07:7acd:b606:a0b6:34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-176-13.compute-1.amazonaws.com
sync.ipredictive.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    3.95.114.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-114-14.compute-1.amazonaws.com
ad.360yield.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    23.92.190.74 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
9    104.65.247.96 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-247-96.deploy.static.akamaitechnologies.com
px.owneriq.net
5    34.204.64.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-64-181.compute-1.amazonaws.com
ads.yieldmo.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    23.50.66.244 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-66-244.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
8    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
3    23.23.88.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-88-115.compute-1.amazonaws.com
cs.emxdgt.com
e1.emxdgt.com
1    124.146.215.44 (Toshima, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
5    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
11    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2606:ae80:1450:15::1720 (United States)

ASN25751 (VALUECLICK, US)
casale-match.dotomi.com
33across-match.dotomi.com
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
1    50.16.141.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-141-46.compute-1.amazonaws.com
nep.advangelists.com
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
21    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    107.20.192.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-192-231.compute-1.amazonaws.com
usermatch.krxd.net
1    54.211.161.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-161-228.compute-1.amazonaws.com
beacon.krxd.net
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
11    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    44.195.153.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-153-149.compute-1.amazonaws.com
cms-xch.33across.com
5    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
4    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
13    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
1    2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
3    2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
3    2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    52.4.244.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-244-165.compute-1.amazonaws.com
sync.extend.tv
1    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.206.96.27 (None, )

ASN- ()
pixel.adsafeprotected.com
4    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
2    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
4    99.84.114.16 (None, )

ASN- ()
pb-server.ezoic.com
1    198.148.27.134 (None, )

ASN- ()
bid.contextweb.com
1    34.107.148.139 (None, )

ASN- ()
prebid.media.net
1    23.50.75.217 (None, )

ASN- ()
htlb.casalemedia.com
1    74.119.119.129 (None, )

ASN- ()
bidder.criteo.com
1    54.89.57.117 (None, )

ASN- ()
tlx.3lift.com
5    147.75.38.124 (None, )

ASN- ()
prebid.a-mo.net
2    51.222.39.186 (None, )

ASN- ()
onetag-sys.com
5    2607:f8b0:4006:80d::2001 (None, )

ASN- ()
cdn.ampproject.org
3    2607:f8b0:4006:80c::2003 (None, )

ASN- ()
fonts.gstatic.com
3    184.29.133.72 (None, )

ASN- ()
sync.teads.tv
2    2620:100:a001::4 (None, )

ASN- ()
static.criteo.net
1    2606:4700:3031::6815:29fd (None, )

ASN- ()
id.a-mx.com
17    23.208.216.24 (None, )

ASN- ()
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
1    74.119.119.149 (None, )

ASN- ()
csm.va.us.criteo.net
3    35.190.90.30 (None, )

ASN- ()
odr.mookie1.com
2    54.219.152.118 (None, )

ASN- ()
aa.agkn.com
2    34.225.172.55 (None, )

ASN- ()
pixel.advertising.com
6    34.194.25.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-25-101.compute-1.amazonaws.com
match.prod.bidr.io
2    192.35.249.120 (None, )

ASN- ()
sync.search.spotxchange.com
3    2a04:4e42:600::300 (None, )

ASN- ()
trc.taboola.com
1    2600:1f18:612b:4200:9a2f:8341:7f9b:9de (None, )

ASN- ()
partners.tremorhub.com
1    35.190.113.31 (None, )

ASN- ()
atemda.com
2    149.56.26.32 (None, )

ASN- ()
red.erne.co
3    51.79.83.225 (None, )

ASN- ()
pixel.onaudience.com
2    18.204.86.180 (None, )

ASN- ()
sync.crwdcntrl.net
1    2606:ae80:1450:16::2100 (None, )

ASN- ()
match.sync.ad.cpe.dotomi.com
1    8.2.111.121 (None, )

ASN- ()
sync.colossusssp.com
1    162.254.186.187 (None, )

ASN- ()
demand.trafficroots.com
2    172.98.26.125 (None, )

ASN- ()
ads.us.e-planning.net
2    54.84.15.237 (None, )

ASN- ()
i.liadm.com
1    2600:1f18:444a:4680:5b76:7408:bdd4:1592 (None, )

ASN- ()
i6.liadm.com
1    35.212.101.174 (None, )

ASN- ()
cs.chocolateplatform.com
2    2620:109:c002::6cae:a0e (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
2    35.211.233.246 (None, )

ASN- ()
a.sportradarserving.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
5    34.200.88.28 (None, )

ASN- ()
pm.w55c.net
1    3.128.164.252 (None, )

ASN- ()
sync.adotmob.com
1    2606:4700:20::681a:bd1 (None, )

ASN- ()
ad4m.at
2    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
2    35.207.24.140 (None, )

ASN- ()
rtb.mfadsrvr.com
1    199.187.193.193 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    173.231.178.81 (None, )

ASN- ()
cm.adgrx.com
2    2606:4700::6812:d05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    151.101.65.44 (None, )

ASN- ()
match.taboola.com
1    172.105.232.22 (None, )

ASN- ()
gocm.c.appier.net
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    38.27.122.158 (None, )

ASN- ()
match.bnmla.com
2    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    8.28.7.109 (None, )

ASN- ()
aud.pubmatic.com
2    3.215.189.212 (None, )

ASN- ()
io.narrative.io
1    54.210.14.23 (None, )

ASN- ()
rtb.adentifi.com
2    207.198.113.176 (None, )

ASN- ()
pixel-sync.sitescout.com
2    38.67.14.233 (None, )

ASN- ()
pmp.mxptint.net
1    18.210.218.247 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    45.35.192.162 (None, )

ASN- ()
sync.resetdigital.co
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
67 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
272 KB
45 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
53 KB
40 weather-us.com
weather-us.com
www.weather-us.com
182 KB
36 googlesyndication.com
pagead2.googlesyndication.com
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
tpc.googlesyndication.com
178 KB
23 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
29 KB
23 bidswitch.net
x.bidswitch.net
r.bidswitch.net
10 KB
23 gumgum.com
rtb.gumgum.com
g2.gumgum.com
8 KB
22 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
40 KB
21 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
56 KB
18 media.net
prebid.media.net
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
45 KB
18 google.com
www.google.com
adservice.google.com
4 KB
15 adsrvr.org
match.adsrvr.org
8 KB
14 33across.com
ssc-cms.33across.com
cms-xch.33across.com
cms-xch-chicago.33across.com
5 KB
14 adnxs.com
ib.adnxs.com
secure.adnxs.com
13 KB
12 3lift.com
eb2.3lift.com
tlx.3lift.com
5 KB
11 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
6 KB
10 dotomi.com
casale-match.dotomi.com
33across-match.dotomi.com
pulsepoint-match.dotomi.com
match.sync.ad.cpe.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
3 KB
10 contextweb.com
bh.contextweb.com
bid.contextweb.com
10 KB
10 sharethrough.com
match.sharethrough.com
2 KB
9 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
8 KB
9 owneriq.net
px.owneriq.net
6 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
5 KB
7 yieldmo.com
sync-amz.ads.yieldmo.com
ads.yieldmo.com
sync-pp.ads.yieldmo.com
4 KB
6 bidr.io
match.prod.bidr.io
2 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
77 KB
6 openx.net
us-u.openx.net
1 KB
6 zemanta.com
b1sync.zemanta.com
4 KB
5 w55c.net
pm.w55c.net
4 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 a-mo.net
prebid.a-mo.net
2 KB
5 rfihub.com
p.rfihub.com
a.rfihub.com
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
4 taboola.com
trc.taboola.com
match.taboola.com
759 B
4 ezoic.com
pb-server.ezoic.com
2 KB
4 rlcdn.com
idsync.rlcdn.com
id.rlcdn.com
1 KB
4 tapad.com
pixel.tapad.com
2 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 1rx.io
sync.1rx.io
3 KB
4 stackadapt.com
sync.srv.stackadapt.com
2 KB
3 liadm.com
i.liadm.com
i6.liadm.com
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 mookie1.com
odr.mookie1.com
2 KB
3 criteo.net
static.criteo.net
csm.va.us.criteo.net
52 KB
3 teads.tv
sync.teads.tv
809 B
3 googletagservices.com
www.googletagservices.com
111 KB
3 googleapis.com
fonts.googleapis.com
3 KB
3 turn.com
ad.turn.com
1 KB
3 adform.net
c1.adform.net
1 KB
3 emxdgt.com
cs.emxdgt.com
e1.emxdgt.com
827 B
3 deepintent.com
match.deepintent.com
925 B
3 bluekai.com
stags.bluekai.com
3 KB
3 simpli.fi
um.simpli.fi
1 KB
3 id5-sync.com
cdn.id5-sync.com
id5-sync.com
12 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
3 cloudflare.com
cdnjs.cloudflare.com
92 KB
2 mxptint.net
pmp.mxptint.net
967 B
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 narrative.io
io.narrative.io
643 B
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
889 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adgrx.com
cm.adgrx.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
799 B
2 sportradarserving.com
a.sportradarserving.com
942 B
2 adsymptotic.com
p.adsymptotic.com
552 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 e-planning.net
ads.us.e-planning.net
326 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 erne.co
red.erne.co
580 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 advertising.com
pixel.advertising.com
701 B
2 agkn.com
aa.agkn.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 onetag-sys.com
onetag-sys.com
2 KB
2 2mdn.net
s0.2mdn.net
78 KB
2 e-volution.ai
rtb2-useast.e-volution.ai
944 B
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
507 B
2 pippio.com
pippio.com
854 B
2 creativecdn.com
creativecdn.com
695 B
2 tynt.com
de.tynt.com
3 KB
2 acuityplatform.com
ums.acuityplatform.com
1 KB
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
831 B
2 360yield.com
ad.360yield.com
616 B
2 technoratimedia.com
sync.technoratimedia.com
1 KB
2 ipredictive.com
sync.ipredictive.com
950 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 admedo.com
pool.admedo.com
717 B
2 loopme.me
csync.loopme.me
413 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 ezodn.com
go.ezodn.com
89 KB
1 playground.xyz
ads.playground.xyz
485 B
1 resetdigital.co
sync.resetdigital.co
485 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
414 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bnmla.com
match.bnmla.com
114 B
1 iprom.net
core.iprom.net
523 B
1 appier.net
gocm.c.appier.net
395 B
1 ad4m.at
ad4m.at
1 adotmob.com
sync.adotmob.com
706 B
1 bing.com
c.bing.com
666 B
1 chocolateplatform.com
cs.chocolateplatform.com
90 B
1 trafficroots.com
demand.trafficroots.com
674 B
1 colossusssp.com
sync.colossusssp.com
202 B
1 atemda.com
atemda.com
1 KB
1 tremorhub.com
partners.tremorhub.com
183 B
1 a-mx.com
id.a-mx.com
737 B
1 adsafeprotected.com
fw.adsafeprotected.com Failed
pixel.adsafeprotected.com
14 KB
1 adkernel.com
dsp.adkernel.com
477 B
1 adriver.ru
ssp.adriver.ru
339 B
1 extend.tv
sync.extend.tv
607 B
1 blismedia.com
tr.blismedia.com
141 B
1 advangelists.com
nep.advangelists.com
232 B
1 socdm.com
tg.socdm.com
830 B
1 quantcount.com
rules.quantcount.com
429 B
1 ezoic.net
go.ezoic.net
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 jsdelivr.net
cdn.jsdelivr.net
3 KB
412 119
Domain Requested by
40 cm.g.doubleclick.net 20 redirects ap.lijit.com
rtb.gumgum.com
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
googleads.g.doubleclick.net
eb2.3lift.com
38 www.weather-us.com www.weather-us.com
static.cloudflareinsights.com
22 x.bidswitch.net 21 redirects bh.contextweb.com
21 simage2.pubmatic.com 1 redirects ads.pubmatic.com
21 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
de.tynt.com
eus.rubiconproject.com
18 securepubads.g.doubleclick.net www.weather-us.com
securepubads.g.doubleclick.net
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.weather-us.com
17 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
rtb.gumgum.com
ap.lijit.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
ads.pubmatic.com
bh.contextweb.com
eb2.3lift.com
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 match.adsrvr.org 15 redirects
14 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
12 contextual.media.net go.ezodn.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
11 image2.pubmatic.com 2 redirects ads.pubmatic.com
11 adservice.google.com securepubads.g.doubleclick.net
11 eb2.3lift.com 3 redirects go.ezodn.com
bh.contextweb.com
eb2.3lift.com
10 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
bh.contextweb.com
9 px.owneriq.net 7 redirects ap.lijit.com
bh.contextweb.com
9 bh.contextweb.com 3 redirects go.ezodn.com
bh.contextweb.com
9 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
bh.contextweb.com
8 ssc-cms.33across.com 8 redirects
7 pixel.rubiconproject.com 2 redirects rtb.gumgum.com
bh.contextweb.com
7 sync.mathtag.com 7 redirects
7 www.google.com 1 redirects tpc.googlesyndication.com
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
www.weather-us.com
6 match.prod.bidr.io 6 redirects
6 googleads.g.doubleclick.net 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
www.weather-us.com
6 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
de.tynt.com
contextual.media.net
6 pr-bh.ybp.yahoo.com 3 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
6 us-u.openx.net 4 redirects googleads.g.doubleclick.net
bh.contextweb.com
6 b1sync.zemanta.com 6 redirects
5 pm.w55c.net 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 prebid.a-mo.net 5 redirects
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 cms-xch-chicago.33across.com de.tynt.com
eus.rubiconproject.com
5 sync-tm.everesttech.net 5 redirects
5 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
5 secure.adnxs.com 5 redirects
5 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
de.tynt.com
contextual.media.net
4 pb-server.ezoic.com go.ezodn.com
onetag-sys.com
4 gum.criteo.com 1 redirects static.criteo.net
contextual.media.net
4 ups.analytics.yahoo.com 3 redirects bh.contextweb.com
4 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 p.rfihub.com 4 redirects
4 pixel.tapad.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 sync.1rx.io 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 ap.lijit.com 3 redirects s.amazon-adsystem.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 c.amazon-adsystem.com www.weather-us.com
c.amazon-adsystem.com
3 pixel.onaudience.com 3 redirects
3 trc.taboola.com 1 redirects bh.contextweb.com
3 odr.mookie1.com 3 redirects
3 sync.teads.tv 1 redirects googleads.g.doubleclick.net
bh.contextweb.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
3 www.googletagservices.com 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
3 fonts.googleapis.com 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 ad.turn.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
bh.contextweb.com
3 secure-assets.rubiconproject.com 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ce.lijit.com ap.lijit.com
3 match.deepintent.com 2 redirects rtb.gumgum.com
3 stags.bluekai.com 3 redirects
3 um.simpli.fi 3 redirects
3 cdnjs.cloudflare.com www.weather-us.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 cm.adgrx.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 i.liadm.com 2 redirects
2 ads.us.e-planning.net 1 redirects bh.contextweb.com
2 sync.crwdcntrl.net 2 redirects
2 red.erne.co 2 redirects
2 sync.search.spotxchange.com 1 redirects bh.contextweb.com
2 pixel.advertising.com 2 redirects
2 aa.agkn.com 1 redirects ads.pubmatic.com
2 pulsepoint-match.dotomi.com 2 redirects
2 js-sec.indexww.com go.ezodn.com
ssum-sec.casalemedia.com
2 static.criteo.net go.ezodn.com
static.criteo.net
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 onetag-sys.com go.ezodn.com
2 g2.gumgum.com go.ezodn.com
2 mug.criteo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 s0.2mdn.net 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
2 rtb2-useast.e-volution.ai 2 redirects
2 id.rlcdn.com rtb.gumgum.com
contextual.media.net
2 33across-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 de.tynt.com 1 redirects rtb.gumgum.com
2 ums.acuityplatform.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 pool.admedo.com 2 redirects
2 csync.loopme.me 2 redirects
2 id5-sync.com cdn.id5-sync.com
go.ezodn.com
2 pixel.quantserve.com 1 redirects www.weather-us.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 go.ezodn.com www.weather-us.com
2 weather-us.com 2 redirects
1 ads.playground.xyz 1 redirects
1 sync.resetdigital.co 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 pubmatic-match.dotomi.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 core.iprom.net 1 redirects
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 hbx.media.net contextual.media.net
1 ad4m.at ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 c.bing.com eb2.3lift.com
1 cs.chocolateplatform.com bh.contextweb.com
1 e1.emxdgt.com bh.contextweb.com
1 i6.liadm.com bh.contextweb.com
1 demand.trafficroots.com 1 redirects
1 sync.colossusssp.com bh.contextweb.com
1 match.sync.ad.cpe.dotomi.com bh.contextweb.com
1 atemda.com bh.contextweb.com
1 partners.tremorhub.com bh.contextweb.com
1 csm.va.us.criteo.net gum.criteo.com
1 id.a-mx.com go.ezodn.com
1 a.rfihub.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 tlx.3lift.com go.ezodn.com
1 bidder.criteo.com go.ezodn.com
1 htlb.casalemedia.com go.ezodn.com
1 prebid.media.net go.ezodn.com
1 bid.contextweb.com go.ezodn.com
1 pixel.adsafeprotected.com 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 ssp.adriver.ru 1 redirects
1 sync.extend.tv 1 redirects
1 tr.blismedia.com 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
1 ads.yahoo.com rtb.gumgum.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 cms-xch.33across.com 1 redirects
1 beacon.krxd.net ads.pubmatic.com
1 usermatch.krxd.net 1 redirects
1 nep.advangelists.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 r.bidswitch.net 1 redirects
1 ssbsync.smartadserver.com rtb.gumgum.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com www.weather-us.com
1 secure.quantserve.com www.weather-us.com
1 go.ezoic.net www.weather-us.com
1 static.cloudflareinsights.com www.weather-us.com
1 www.googletagmanager.com www.weather-us.com
1 cdn.jsdelivr.net www.weather-us.com
0 fw.adsafeprotected.com Failed 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
412 180
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-24 -
2022-09-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.ezoic.net
Amazon		 2021-02-15 -
2022-03-16		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
cdn.id5-sync.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-19 -
2022-05-20		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.va.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-08-27 -
2021-11-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2		 2019-12-13 -
2022-01-12		 2 years crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
chocolateplatform.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh

This page contains 73 frames:

Primary Page: https://www.weather-us.com/
Frame ID: 386AA5A0297AF3618CF0CCC15D35598A
Requests: 108 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
Frame ID: 408ABF3CD4F44467776DD07C92C8329C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 8FDFB610990AECDA796C98CCEE84AA57
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 221DD0CBD7F577D26A853A9210D93A34
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=99c6a788-b1f4-4cbd-ac73-0be497015616
Frame ID: E69D857272B37C395DC83E403EA977D1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: AA5189BD2FDE624336C8A6993FE71E2D
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 02178A03E8E4556BD895E4DCB29E45A8
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=b6d67017-e46d-4825-a911-4ee8976060ef
Frame ID: 9DDD3F23E21A05E67412B8BAFFF7BD2F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 36869D2F367730F2516A6A3627631A7E
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7EDEAC6C997F4AECA88DCAAAA501CD64&ex=simpli.fi&status=ok
Frame ID: B5D64EC358EC6EA5150B17CE86F3B465
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 15C23994A4EAC4FFBED44B9C93E983A2
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2785380007497343404&ex=appnexus.com
Frame ID: 1000D3731B3976F382591EFBAF7874F9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 97FF62E4DE810CEA4FFE82E594BA5C8A
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=13858035297628960634
Frame ID: 784ADC9E14359B0D420A3D74D3EA0CA9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 01DB2FDE69EA28ABB9CFC8053CED99AB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&t=1638932069
Frame ID: 128742DFD9F84AE0133C10C9CE282B4F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F8E3BAE99C471771D97F9AF8822D451F
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=8b666188-9165-4600-960d-59187982b791&gdpr=&gdpr_consent=
Frame ID: A311F04AA3E9D6DEC6E8208B314CC726
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YYiRZQAAApSoXQAz&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
Frame ID: FEF355AAB002F46EA0EB08AE7B9F0285
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=&google_tc=
Frame ID: 11A7439C66701401985EDD8FFC712506
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Frame ID: 49DF041DE659108423252145DB1C49D3
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&i=2785380007497343404brt66581636340069510964b9
Frame ID: 163618B431182A4E7FF3C6632E2F196F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YYiRZcCo8YwAAC3mQWEAAAAA
Frame ID: 6C4E461C49596DA27BAC22FA1D07972F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1791377135581920455
Frame ID: 7493C6B59C0906DC48DB98EEEAF7E0AD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=UZ1J5wYKCKHKQGHSpdLF&pi=gumgum&tc=1
Frame ID: 14C4D4F9C44E239FD7BCF857E90E1659
Requests: 1 HTTP requests in this frame

Frame: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25075687300197B8997DAB951B152B65
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Frame ID: B7929531EB7A9F0B5A16979551A56EB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYiRZQAAApSoXQAz&gdpr=0&gdpr_consent=
Frame ID: 5472DCC7D189CBB5395B04EE58C5C4C9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&ex=pubmatic.com
Frame ID: 0931AB17D7E85F84BF9F1C3233DB18C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 20F0AB2897C1F64D0B0800A33B858648
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 12114C1741418D2279DB788DEFEAFD55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FFBF3CB81896BCE6571D72DD567B8B98
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 978F764B47E6570B3B4D41BBADC6EA66
Requests: 2 HTTP requests in this frame

Frame: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA42E5FED6E9CED5EF5B0F13A24239D5
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A91CBAD47C679B58442CD871C7B6378F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2808F7A87153056B13A2621563D970C1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7831B4E7D8DFF65120F2B0B384BBC24
Requests: 9 HTTP requests in this frame

Frame: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5224B22148BD3311DF26CDF35D0A8371
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Frame ID: EB0826C3E7171168D01057D7B66AC347
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8374E831687A2905663B007240A0AD79
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: F04AE8DE429BD1F4A7F343988EBD20BD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 8286839129231A792864F841CBD798D0
Requests: 15 HTTP requests in this frame

Frame: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9406454A003EAD23ED7F193B549F1A14
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Frame ID: C352DC4E98C6F365ACA7A4260280CB0B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40DAFB9648B8E546FD09B3C89619957A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 40330AA4FEF9E48C2C160E1EEF3E7D17
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.weather-us.com
Frame ID: 099A93B3F1D9A26D082ACB1AC88F8DA1
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1636340075190&us_privacy=1---
Frame ID: 40D2C4DC660EEE0AECE3DCB7FD540ADE
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 71F87BEC0103BAB349755D0F53635A2C
Requests: 28 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E3CC4C9560B3F4D7C91C90FBBEB3DE1A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 62EFE5D41A415EB0ADA388C3AEC89B5C
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 349FEBAF03487ACDB3E3CD5D21007178
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B7B2242FA1E968FE34277FC4A888098F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 1789A46F7899CFB4FF32191253E75BC6
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=rkt&refUrl=&vid=63400784222793416786145265000V10&ovsid=1791377135581920455
Frame ID: DE6052F0B83C15E807C4FE1837AD8A41
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Frame ID: 596328E8190E60DE2207463E602F455A
Requests: 21 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw
Frame ID: 8489C2B5E69F24076F954CB132012D47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 94B5F6F9255F79B75114F76A46B297C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_b0f40b6ac50d41d7a4512
Frame ID: 611FA6519DB07747470F896981A6D7BA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36b9db44-403f-11ec-92aa-d6b6d5b7e420
Frame ID: 10B303B6BDFBB856178E8CB5506949F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I1gAOuxz1MJUNU5&gdpr=0&gdpr_consent=
Frame ID: 99C305A4C671492B049D6E93BB6BB939
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ExN5eqXJQahMzRs4rtIrOVdlX8w
Frame ID: 9E23B961CEC5A345ABBE9F5753E072DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Frame ID: 0B59CFA5337CF677C4471B1DB8438C9D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 97BE589394FE1666E02F241ACEE3CCE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6896264691444520069
Frame ID: 5045896218FE25A8D87891D293C7AEBC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=620839977313
Frame ID: F5199787F343C82A03CAFAC0F94E2173
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e789761-8fd9-481f-b3df-852672ae507c-tuct88216ee&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: BAEDC7EA0E87E294DF286AE8F65A3EF4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RouH9UuEC5WrV6Rvb5GIYQ
Frame ID: 3F3A03EB11A00D91794DA801D067DCB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:255667754110789
Frame ID: D400EEA123CAA8B12F082A63813A19E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 2A00BCBB7F9FB51D5AA02A81AAFEE8D6
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 2F43B0DCF7EBFE48E82AC258D4E09151
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
Frame ID: 0627E2AADCB2D5ED49E6EB9F2B973B55
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=pba&refUrl=&vid=63400784222793416786145265000V10&ovsid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Frame ID: 2B05BAC3E45FC253FC9134377E924434
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Weather Atlas | New York, USA weather forecast and Climate information

Page URL History Show full URLs

  1. http://weather-us.com/ HTTP 301
    https://weather-us.com/ HTTP 301
    https://www.weather-us.com/ Page URL

Page Statistics

412
Requests

68 %
HTTPS

25 %
IPv6

119
Domains

180
Subdomains

97
IPs

10
Countries

1612 kB
Transfer

3951 kB
Size

144
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://weather-us.com/ HTTP 301
    https://weather-us.com/ HTTP 301
    https://www.weather-us.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
Request Chain 41
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=99c6a788-b1f4-4cbd-ac73-0be497015616
Request Chain 42
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 44
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bdevice_id%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=b6d67017-e46d-4825-a911-4ee8976060ef
Request Chain 46
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7EDEAC6C997F4AECA88DCAAAA501CD64&ex=simpli.fi&status=ok
Request Chain 48
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2785380007497343404&ex=appnexus.com
Request Chain 49
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 50
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=13858035297628960634
Request Chain 53
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&gdpr=0&gdpr_consent=
Request Chain 54
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
Request Chain 55
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=2785380007497343404
Request Chain 56
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
Request Chain 57
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=2785380007497343404
Request Chain 58
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=34fb4add-557d-4046-a194-9ac38e1ad026&user_group=1&ssp=gumgum2&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=99c6a788-b1f4-4cbd-ac73-0be497015616
Request Chain 59
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-b659012f-22b0-448e-4e12-6a4bc59b8791$ip$87.101.95.204
Request Chain 60
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWUWTJXGJTHGSSSNBVTGU3BLEYEIVLRGU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWUWTJXGJTHGSSSNBVTGU3BLEYEIVLRGU HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=mKM72fsJRhk3SaY0DUq5
Request Chain 61
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4073075717 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-bded5dca-ff8f-429d-b414-24662c4e43c9-005 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Request Chain 62
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=pv0i1gefhpDT&ev=1&pid=558355
Request Chain 63
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&obuid=ENC(RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=outbrain&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616&google_hm=OTljNmE3ODgtYjFmNC00Y2JkLWFjNzMtMGJlNDk3MDE1NjE2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMbNmV3TeJF78-VMNy8AnZI&google_cver=1&ssp=outbrain&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 64
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=17aa4037-1816-49da-9b2e-caf6ead44345
Request Chain 66
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=31405679-403f-11ec-87b2-63f22605595d
Request Chain 67
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://rtb.gumgum.com/usersync?b=snc&i=851E40D473E44DD399FF4BFBE8E09D55
Request Chain 69
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=ed2029f1-53ff-4c45-9263-0bac84caeb2e
Request Chain 73
  • https://ums.acuityplatform.com/tum?umid=27&uid=9e86f09c58a336b2de16f41b&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=620839977313
Request Chain 74
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6896264691944097024&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 75
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=oxxSsH4fKVcB&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 76
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=2785380007497343404&gdpr=0&gdpr_consent=
Request Chain 77
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OWU4NmYwOWM1OGEzMzZiMmRlMTZmNDFi&gdpr=0
Request Chain 79
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=2785380007497343404&pn_id=an
Request Chain 80
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=99c6a788-b1f4-4cbd-ac73-0be497015616&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dyieldmo%26bsw_param%3D99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=99c6a788-b1f4-4cbd-ac73-0be497015616&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dyieldmo%26bsw_param%3D99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=12785609-8d33-4da7-a7a9-3660d41c8a0f%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dyieldmo%2526bsw_param%253D99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&ttd_puid=12785609-8d33-4da7-a7a9-3660d41c8a0f%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dyieldmo%26bsw_param%3D99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=yieldmo&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://ads.yieldmo.com/sync?userid=99c6a788-b1f4-4cbd-ac73-0be497015616&pn_id=bsw&extinit=
Request Chain 81
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Request Chain 82
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=ExN5eqXJQahMzRs4rtIrOVdlX8w
Request Chain 83
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=5mWlCotForN0&ev=1&pn_id=pp&pid=561118
Request Chain 87
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&t=1638932069
Request Chain 88
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 89
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=8b666188-9165-4600-960d-59187982b791&gdpr=&gdpr_consent=
Request Chain 90
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YYiRZQAAApSoXQAz&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=&google_tc=
Request Chain 92
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Request Chain 93
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2785380007497343404&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ= HTTP 302
  • https://rtb.gumgum.com/usersync?b=emx&i=2785380007497343404brt66581636340069510964b9
Request Chain 94
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YYiRZcCo8YwAAC3mQWEAAAAA
Request Chain 95
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1791377135581920455
Request Chain 96
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=UZ1J5wYKCKHKQGHSpdLF&pi=gumgum&tc=1
Request Chain 98
  • https://id5-sync.com/i/457/8.gif?id5id=ID5*gox7FWwGx8_VFcdfsyRaDRfAihKHodWLkcg2UhG1jLAAAJW3TJbHOk_qYLKy1YeW&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/457/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/2/7/2.gif?puid=2785380007497343404&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOtMLxlQ3R8QVr4GxXzwS8SF9l49FJDAAIyXG66g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/3/6/3.gif?puid=8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&ttl=%%TTL%% HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAKq0-3sf5iKpASRoX6F-F4&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAKq0-3sf5iKpASRoX6F-F4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2785380007497343404&opid=apx&ops=&utidl=tech:goo:CAESEAKq0-3sf5iKpASRoX6F-F4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22319410907&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOtMLxlQ3R8QVr4GxXzwS8SF9l49FJDAAIyXG66g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F457%2F916%2F3%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/457/916/3/6.gif?puid=ed2029f1-53ff-4c45-9263-0bac84caeb2e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4X07DESMAABMq88SAvw HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F796%2F1%2F8.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/796/1/8.gif?puid=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Request Chain 99
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYiRZdANBuf1s7HSHga2JgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENs0ok4d71ambkVACUK0Uzo&google_cver=1
Request Chain 100
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&expiration=1638932069&gdpr=0&gdpr_consent=
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ0zH-B3PR5Dp1xrL0WPBMU&google_cver=1
Request Chain 103
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6896264691444520069&uid=Q6896264691444520069&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6896264691444520069
Request Chain 104
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377135581920455
Request Chain 105
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=79223c6dfdd8120b&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGaE9i-ZOb1QMnPkeaAAAAAAA&expiration=1636426469&is_secure=true
Request Chain 106
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-acc16193-471c-4596-9da9-73c8bf8722e7
Request Chain 111
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Request Chain 112
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYiRZQAAApSoXQAz&gdpr=0&gdpr_consent=
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 115
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQ5MjkxRTRDLThEMzEtNDM4Mi1BNjBELTRBQTZENEU4RTAzNBAAGg0I5aKijAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6c0cadf0233d768689ee4fd3941210f0a04fdbd1e877040cfb37ad8670af3a0d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2YzBjYWRmMDIzM2Q3Njg2ODllZTRmZDM5NDEyMTBmMGEwNGZkYmQxZTg3NzA0MGNmYjM3YWQ4NjcwYWYzYTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI5aKijAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2YzBjYWRmMDIzM2Q3Njg2ODllZTRmZDM5NDEyMTBmMGEwNGZkYmQxZTg3NzA0MGNmYjM3YWQ4NjcwYWYzYTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI5aKijAYSBAgCEABCAEoA&google_gid=CAESEKHklk9XVh0wBWJIRkJtlFo&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Request Chain 116
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b666188-9165-4600-960d-59187982b791
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDkyOTFFNEMtOEQzMS00MzgyLUE2MEQtNEFBNkQ0RThFMDM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIEELg-BHHljPna6z0GMn0A&google_cver=1
Request Chain 119
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
Request Chain 120
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737178857735877580&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 121
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Request Chain 124
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 125
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1636340069647.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fus_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 126
  • https://ssc-cms.33across.com/ps/?_=1636340069647.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://rtb.gumgum.com/usersync?b=tta&i=1690046945666
Request Chain 127
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ExN5eqXJQahMzRs4rtIrOVdlX8w&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
Request Chain 128
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1636340069647.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fus_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?us_privacy=&bidder_id=1&external_user_id=8b666188-9165-4600-960d-59187982b791
Request Chain 129
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp%7EA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 130
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3a8c7e4fe951120a&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGaKpWCf6ieAMovQXZAAAAAAA&expiration=1636426469&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGaKpWCf6ieAMovQXZAAAAAAA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 135
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=KVQ2MMK6-15-ANX7
Request Chain 136
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KVQ2MMK6-15-ANX7 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KVQ2MMK6-15-ANX7&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 137
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQ2MMK6-15-ANX7&sigv=1&esig=2~7b320742339ab7e407dd16c603f71336e6e7e496
Request Chain 138
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MwMTYyY2YyNGQ5NjczODM2NGE4NDJjYzk1YTY0NmM1NzYwZDYxYg
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELq4zHxYBc77zePPqNkNNwk&google_cver=1
Request Chain 140
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYiRZQAAApSoXQAz
Request Chain 141
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rl4KVzKXJ7z6PlYNgsN5gcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3606956393407137529
Request Chain 142
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8b666188-9165-4600-960d-59187982b791&expires=28
Request Chain 144
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRMk1NSzYtMTUtQU5YNw==
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMMR0r1YxCWh7AmN6cm0ekM&google_cver=1&google_push=AYg5qPIgVlNt999Knu6Kf_dvosnzyVzZKq3WwUkH2y88O5Mcv0BC0Q2Q1sWKsTVfTZIxdsSfvaSOnZzG-K-_DXK8rLazw1Wd7Fk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVlpUlpRQUFBcFNvWFFBeg==&google_gid=CAESEMMR0r1YxCWh7AmN6cm0ekM&google_cver=1&google_push=AYg5qPIgVlNt999Knu6Kf_dvosnzyVzZKq3WwUkH2y88O5Mcv0BC0Q2Q1sWKsTVfTZIxdsSfvaSOnZzG-K-_DXK8rLazw1Wd7Fk
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEErW_65D0DBmuxbMzhud5To&google_cver=1&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g&google_hm=mcaniLH0TL2scwvklwFWFg==
Request Chain 174
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESENivK05p4XLO-iPg1_Z4_0c&google_cver=1&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCEaEUtXCFhcqj9yWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCEaEUtXCFhcqj9yWA
Request Chain 175
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEMXfVcm_2wojYMaq3bKc-Mk&google_cver=1&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un2ZOUZCh3UTZRm3sqEV8-ENnRJgmE6E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un2ZOUZCh3UTZRm3sqEV8-ENnRJgmE6E&google_hm=QWU5YmxCUm9lUExPQzk5RGpTdjNKQ3c=
Request Chain 176
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFU1c-4cw7t-Rgp_yRJf01Q&google_cver=1&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFU1c-4cw7t-Rgp_yRJf01Q%26google_cver%3D1%26google_push%3DAYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8908708685674982044&exchange=193&google_gid=CAESEFU1c-4cw7t-Rgp_yRJf01Q&google_cver=1&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg5MDg3MDg2ODU2NzQ5ODIwNDQ&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW
Request Chain 179
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
Request Chain 204
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYiRZdANBuf1s7HSHga2JgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPkWjFAer_Aews6fMHe0Pfc&google_cver=1
Request Chain 206
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NTM4MDAwNzQ5NzM0MzQwNA%3D%3D
Request Chain 215
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.weather-us.com%2F&domain=www.weather-us.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=V3TnbnxnalprMVVqT1ArU3NRV0FYM1ZBQnZZc2lCcTdhZmR1cUNReWdncGNnTHlkZmFGOTh2dlBqakU5OFJxc0pWSjRzdXNmbXFyMmUyQmVMNUpib2JXWkwzTlM5VzkzV0RpN1U4c3RDN0JRbXVMV0tOdDUrYnVWSnluSkI3SmZLNWdhc0x6Ty83b3Y1cU9PaVdsRVFkTCtBVERrbndKL21UV2NnaFBpL3lSa21lbWI3UHk2bk5IZXJjelBXbkp2Z01teVdENXFlcThVYnBuT0J3OHdkUVNlcHdUNkhwL0d0WlZZOFlEeUlIaW83NGQxbVh6eUt5WGgvUDhrTHE5cXB5M2xXfA&cppv=2
Request Chain 227
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=pubmatic&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3D&us_privacy=1---&uid= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26us_privacy%3D1---%26uid%3D$UID&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/1/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=appnexus&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3D&us_privacy=1---&uid=2785380007497343404&us_privacy=1--- HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26us_privacy%3D1---%26uid%3D&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/2/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=index_rtb&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3D&us_privacy=1---&uid=YYiRZdANBuf1s7HSHga2JgAA%26149 HTTP 302
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%253D%26us_privacy%3D1---%26uid%3D$UID&us_privacy=1--- HTTP 307
  • https://prebid.a-mo.net/cchain/3/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=sovrn&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0=&us_privacy=1---&uid=9e86f09c58a336b2de16f41b HTTP 302
  • https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=9c21657e-0cf3-4c17-a9ed-586d543be821&us_privacy=1---
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPtuFBPxbA6y5aIJg56bgp0&google_cver=1
Request Chain 269
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2NmODM3OGQtZjk3NC0yZjI4LWU5YjUtODBhMmU4NjY4YzYz
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDVzNxXGGSEaJZUPHj8IPIw&google_cver=1
Request Chain 271
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmQxYjQ1Y2UtNzAzOS00YjU1LTlkZDctYWZhNDkxOGFiMjg2
Request Chain 279
  • https://px.owneriq.net/ecmg?google_gid=CAESEIiyiIUWfnpqatLAqp3V1p0&google_cver=1&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd&google_cver=1&google_gid=CAESEIiyiIUWfnpqatLAqp3V1p0&google_hm=UTY4OTYyNjQ2OTE0NDQ1MjAwNjk=
Request Chain 280
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFF3zTaAfUrNUR9BehtmRPU&google_cver=1&google_push=AYg5qPL5UY_k6ZU7M1xC9JXOjbSe4qzPSpyP0zZsCkSNPou4-R0BufPRdGntB_ZJaSR0cP8_pEXui_FZ2hjPrLWi2rxFKvJaqZLP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OGYwYjllNGMtZmQ4Ny00M2FjLWE1ZTgtYzliNWFjOWEyYTI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Request Chain 281
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELHVYaL7bOGTUZ5LiL_cVIA&google_cver=1&google_push=AYg5qPLlRXzrh6okgSg0ILcn2IY9slV3I1OIgKyLnRMo703WMlCdByHhQ0NwMuoWOaTEIZ4auPFMFtaa5bYEmcd3cOgqbxkct5bV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLlRXzrh6okgSg0ILcn2IY9slV3I1OIgKyLnRMo703WMlCdByHhQ0NwMuoWOaTEIZ4auPFMFtaa5bYEmcd3cOgqbxkct5bV
Request Chain 282
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0&google_cver=1&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0
Request Chain 283
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGIL0W6IR694wCKnlyo5b-A&google_cver=1&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI&google_hm=ZzEwYzI2NTg5MTJmN2Q0MWI4ZTk=
Request Chain 284
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENv8oHgiNUOtBLDpRkZIuv4&google_cver=1&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3
Request Chain 285
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHIN4ZNTUM5WKUqVE7kzvRg&google_cver=1&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3Id_ASeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3Id_ASeA&google_hm=MTc5MTM3NzEzNTU4MTkyMDQ1NQ==
Request Chain 297
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=weather-us.com&sn=ChromeSyncframe&so=3&topUrl=www.weather-us.com&bundle=20-LgF9iVHVodHVBV2lvRFFXYnhGWnpMRzhMTHNvRWd5M2E2c1ZwNXF5NThsVVRsUGNEb09mRmV0TU1XV1doRnh4Z2xFM0RWcEV5djNJdkFHQjBrT2hTViUyRnJGQzdmajAzSmhRcEdpVThEWCUyQjhtRUFsUGdTekN2NXg4UVN3ZTJoQmlub2w&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Zt1MHnxmdEdJcWpJT0hUdmtYc21oeVRuOWUwTjZkcUFwUFNXS1VHbExVbDBBQ0liMDM4SG13UkdlQUVncUk2WVZMUVVwc1VFUkpkYk8xUTJBQlF4enBvTU16RVlleEUvNVRISDlsckUxdHdVNEl1bFQvdVc1UWRzbm5sM3R5WmVEU0xsdytuLy9nZ3Z2MHl1RVhrVUF6YWt4cHhucDZGQjhGbktSeThIckcxUEVLdGpMSUplTjBiNGZ0dHBUMmFyZERPOVY4RnZMWGN1RXhtckRCa1pLZXR2ZUlDVzkwdUFBWGVmL1ZpSjFoalMza0xPbFZkY014TEhxeTFxNlpWMlViaXpyU3YzZHVuNU9mM3oycVRHbXhlK2V4Q1pveDlzSFlSU3FDQnBXZjgzdGxpWT18&cppv=2
Request Chain 306
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=2f3b6d825cb8120b&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGaWA8H3APMAMpbLjQAAAAAAA&expiration=1636426478&nuid=&is_secure=true
Request Chain 307
  • https://px.owneriq.net/eucm/p/cwc HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VzZmNEl3UDBfSHA1NHEyMXk5YVkwZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFffqRXARKhnAnyrsH_WMss&google_cver=1
Request Chain 309
  • https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=99c6a788-b1f4-4cbd-ac73-0be497015616&ssp=pulsepoint&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593803332041085428&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpulsepoint%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=12785609-8d33-4da7-a7a9-3660d41c8a0f&ssp=pulsepoint&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=204810503964002917060&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593803332041085428&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 310
  • https://pixel.advertising.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&apid=UP36820262-403f-11ec-9fc3-0a4f85d3528b
Request Chain 313
  • https://match.prod.bidr.io/cookie-sync/pp HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNFgwN0RFU01BQUJNcTg4U0F2dw&bee_sync_partners=pm%2Csyn%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csyn%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpp%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC4X07DESMAABMq88SAvw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4X07DESMAABMq88SAvw
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=5mWlCotForN0 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEMmnG9gHJGbjsKn5rQW9uo8&google_cver=1
Request Chain 315
  • https://sync.search.spotxchange.com/partner?adv_id=8185&uid=5mWlCotForN0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8185&uid=5mWlCotForN0&__user_check__=1&sync_id=3681dab7-403f-11ec-b2b1-1fc52e7f0203
Request Chain 319
  • https://red.erne.co/pulsepoint/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=1EdLI70YakVn4pVBcM3HXx9O&partner=2&redirect=red.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D560956%2526ev%253D1EdLI70YakVn4pVBcM3HXx9O HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D560956%252526ev%25253D1EdLI70YakVn4pVBcM3HXx9O HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D560956%252526ev%25253D1EdLI70YakVn4pVBcM3HXx9O HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3f698bec9e20afaec74652433569d330&redirect=https%3A%2F%2Fred.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D560956%2526ev%253D1EdLI70YakVn4pVBcM3HXx9O HTTP 302
  • https://red.erne.co/ct/cm?red=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D560956%26ev%3D1EdLI70YakVn4pVBcM3HXx9O HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=1EdLI70YakVn4pVBcM3HXx9O
Request Chain 327
  • https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=5mWlCotForN0 HTTP 302
  • https://ads.us.e-planning.net/uspd/1/6d0a5307809091fa?ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/6d0a5307809091fa?ct=1&ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID
Request Chain 328
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0 HTTP 303
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0&_li_chk=true&previous_uuid=6ef0c638919d47c29c10f1a315757d28 HTTP 303
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0
Request Chain 329
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=5mWlCotForN0&expires=30&user_group=[NUMERICAL_VALUE] HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=
Request Chain 333
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&dongle=0cfd
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEH8mjHyILMqT8BhJ_aMJcQM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 335
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4NTgwMzUyOTc2Mjg5NjA2MzQ%3D
Request Chain 336
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13858035297628960634&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13858035297628960634&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1&_expected_cookie=e986fcb73415fe709cfe124abe702b49
Request Chain 337
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13858035297628960634?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIVUT99E2oQX5zu1TSLXuGhJb0O5WZvKb2otFYK0Gg--~A&dongle=0883
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=13858035297628960634&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=df314584-b368-4d4b-91c5-ad6d70334f10&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=99c6a788-b1f4-4cbd-ac73-0be497015616&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 341
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVFU2NZSMZZUUUTINMZVGYKZGBCFK4JV&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVFU2NZSMZZUUUTINMZVGYKZGBCFK4JV HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mKM72fsJRhk3SaY0DUq5
Request Chain 342
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2737178857735877580&dongle=d407
Request Chain 344
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2785380007497343404
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8b666188-9165-4600-960d-59187982b791
Request Chain 347
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2737178857735877580
Request Chain 348
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I1gAOuxz1MJUNU5
Request Chain 349
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ec2204000d5740c0e87b70&expiration=[EXPIRATION]
Request Chain 350
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_b0f40b6ac50d41d7a4512
Request Chain 355
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 356
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Drkt%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=rkt&refUrl=&vid=63400784222793416786145265000V10&ovsid=1791377135581920455
Request Chain 358
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dcon%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=248d172c0daf120c&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dcon%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=con&refUrl=&vid=63400784222793416786145265000V10&ovsid=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&is_secure=true
Request Chain 359
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dopx%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=opx&refUrl=&vid=63400784222793416786145265000V10&ovsid=28bb8dd8-9b03-4b6c-9f1a-a475906bd0df
Request Chain 360
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dmma%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=mma&refUrl=&vid=63400784222793416786145265000V10&ovsid=8b666188-9165-4600-960d-59187982b791
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc5MzQxNjc4NjE0NTI2NTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmTfY5RnGWd8IYcqJzve5w&google_cver=1
Request Chain 362
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=dxu&refUrl=&vid=63400784222793416786145265000V10&ovsid=I1gAOuxz1MJUNU5
Request Chain 363
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31905072-43fd-413a-8724-ddfbee012d0a
Request Chain 364
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119826&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 365
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dzem%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJNGTOMTGONFFE2DLGNJWCWJQIRKXCNJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DGNBQGA3TQNBSGIZDOOJTGQYTMNZYGYYTINJSGY2TAMBQKYYTAJTWONUWIPJSG44TGNBRGY3TQNRRGQ2TENRVGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJNGTOMTGONFFE2DLGNJWCWJQIRKXCNJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DGNBQGA3TQNBSGIZDOOJTGQYTMNZYGYYTINJSGY2TAMBQKYYTAJTWONUWIPJSG44TGNBRGY3TQNRRGQ2TENRVGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=mKM72fsJRhk3SaY0DUq5&refUrl=&type=zem&vid=63400784222793416786145265000V10&vsid=2793416786145265000V10
Request Chain 366
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2793416786145265000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2793416786145265000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=14bbf732-89ea-4f9c-a1a1-a162fe9a0c31&cs=1
Request Chain 368
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=KVQ2MMK6-15-ANX7
Request Chain 374
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4X07DESMAABMq88SAvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=1118083083793387219 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw
Request Chain 375
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 376
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_b0f40b6ac50d41d7a4512
Request Chain 377
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36b9db44-403f-11ec-92aa-d6b6d5b7e420
Request Chain 378
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I1gAOuxz1MJUNU5&gdpr=0&gdpr_consent=
Request Chain 379
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ExN5eqXJQahMzRs4rtIrOVdlX8w
Request Chain 380
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005&rndcb=2732528348 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1791377135581920455&expires=30&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/99c6a788-b1f4-4cbd-ac73-0be497015616?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-bded5dca-ff8f-429d-b414-24662c4e43c9-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Request Chain 381
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 382
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6896264691444520069
Request Chain 383
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=620839977313
Request Chain 384
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e789761-8fd9-481f-b3df-852672ae507c-tuct88216ee&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 385
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RouH9UuEC5WrV6Rvb5GIYQ
Request Chain 386
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:255667754110789
Request Chain 387
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 389
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
Request Chain 391
  • https://pixel.onaudience.com/?partner=214&mapped=D9291E4C-8D31-4382-A60D-4AA6D4E8E034 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=7869aa258f54256a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18a02129442&zcluid=7869aa258f54256a&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFCucm686ZQ-opPceZ4GLVA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18a02129442&zcluid=7869aa258f54256a&zdid=1332
Request Chain 392
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&addseg=10,33,39
Request Chain 394
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=36abaa60-403f-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent=
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qm7nOMpE2uWQlzwkJuMuGC7AJ8ot.zk-~A&gdpr=0&gdpr_consent=
Request Chain 398
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2785380007497343404&gdpr=0&gdpr_consent=
Request Chain 400
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr_consent=&gdpr=0
Request Chain 401
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Request Chain 402
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9aaeb109-b5d7-474c-8e02-69c3cea38ad4-6188916e-5553&gdpr=0&gdpr_consent=
Request Chain 403
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E635F3AC_123D81150&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 404
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xyicVMgoklncKMVbwHiJX5QgwVrcKZNYyX3JpBa4
Request Chain 405
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=4da16cb3-3cdb-45ca-9a7c-117b48413422&ssp=pubmatic&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 406
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000088379961AF
Request Chain 407
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6809213772414941253
Request Chain 408
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2785380007497343404

412 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.weather-us.com/
Redirect Chain
  • http://weather-us.com/
  • https://weather-us.com/
  • https://www.weather-us.com/
140 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda287f35d99f6b7b265d15c8bcb838baf24bc72d559ceb070784e1ea0ac3de5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=0, must-revalidate, no-cache, no-store
display
pub_site_sol
expires
Sun, 07 Nov 2021 02:54:28 GMT
pagespeed
off
pragma
public
response
200
vary
Accept-Encoding Accept-Encoding
x-ez-minify-html
2.58% 143250 / 147037
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFfNGAI6opEdEtc2UhAw6ScXX%2BiLoteKSsG34lfSs69buLdzsEgW7vHhtY3peRpCxQ71iJLlpVfZ%2BwDqaiOFRGRFOY2YvodZnWwGmgo5q3jBQc9kWNdC8UaOU3iEb3Z%2BOyUNedbuxieHh51abGxazpw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aab84512ab51784-EWR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-type
text/html; charset=iso-8859-1
cache-control
max-age=0, must-revalidate, no-cache, no-store
display
staticcontent_sol
expires
Sun, 07 Nov 2021 02:54:28 GMT
location
https://www.weather-us.com/
pagespeed
off
response
301
vary
Accept-Encoding Origin,Accept-Encoding
x-ez-minify-html
15.74% 198 / 235
x-middleton-display
staticcontent_sol
x-middleton-response
301
x-sol
pub_site
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViEN5%2Bs5h99CiVBrPD%2FN9Eto7gdUV%2BUvSOt%2Fdny90QoKYjGrmnDLTwVJ3yB85nVrWB5d0NIXKkl4ekRfCFgA9zs%2BAnpVV5qiLvGwTeT3kH%2FgtERWipdy1IBbOVvDnXaiPVigR4LFYwX%2BU9AMvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aab844e8e9f1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
06e3755ccc6fdaf6fa2e39feb08259ddca154d93ef919ff13d958e5a9d8a13c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1037 / 484 of 1000 / last-modified: 1636149998"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27041
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 02:54:28 GMT
dall.js
go.ezodn.com/hb/ 		294 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480152f805d808c5ad00c023745fda46556c88b93b4eb3d22e2faa23835abe82

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 02:54:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV2Ke8WLatLtXjXPHKp9dh54UsIH2GCUTFaLEKwwkqUk93ysC4SYzUPrHjD6iR1DJw1C51eRxQnDOLCWUeblY3frkMNADNmhcu58EJsM7s8DDOfJLGnoOKo1pjBxp0oiY2ZEMU5EIjOytaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6aab84560f5517a1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-2.bos50.r.cloudfront.net
Software
Server /
Resource Hash
93c82ccc39b7e17f1dc209bb315850ce50de6d22967ad754c13405030530bf5b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
C.eJyhwiu1CUUYL5THOPOEhrEFMHapwE
content-encoding
gzip
etag
da811a06050a3a24710aa7c2fb435c00
age
846
x-cache
Hit from cloudfront
server
Server
x-amz-rid
01FYFX9PCFET04SKC3Y1
date
Mon, 08 Nov 2021 02:40:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
BOS50-C3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kXUKTVJ6mn0-7pWUlTe9mSOlvDnsJo_pzxgpwMgpxjnwCdRfKZF1iw==
mdb.pro.used.css
www.weather-us.com/weather/css/mdb5/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/css/mdb5/mdb.pro.used.css?v=0905&ez_used_css_s=13
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638b6624ab5df37876824e872e08f7555ffa44373b85dc9b71b5044763e470a9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status
HIT
x-sol
orig
age
978278
cf-polished
origSize=31619
x-ezoic-cdn
Hit ds;mm;4fe47e61ce7ed112ddfb433fecc476d3;2-217360-50;6db564bd-9240-4fa8-589f-5c23f48f1f7d
x-middleton-display
staticcontent_sol, orig_site_sol
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css
1.67% 31619 / 32155
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KNb7mBrzInXGyef9FTqFcZYjhK4YGnsEgSftFPCxJlYpjHTmxsBkCIUtle0qMIQpPZOuGnYCLtfld3xRhplIgKV48D3iYJUDN4ygwOxzOb%2FcQpeNIYe2tK6shUBvFT5E%2Fv8%2Bp53GCyw3aVoNuEmmtc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=252460800
cf-ray
6aab8455eb231784-EWR
display
staticcontent_sol, orig_site_sol
cf-bgj
minify
all.min.used.css
www.weather-us.com/weather/css/mdb5/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/css/mdb5/all.min.used.css?v=0905&ez_used_css_s=13
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed14f4bf32c654e56e2691089b4bd954be71dba372c41a77bf2ec76c8afbf8de

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status
HIT
x-sol
orig
age
978278
x-ezoic-cdn
Hit ds;mm;2b4aebbffda633f5bcf09258c0383931;2-217360-50;76b641b4-333d-490b-52e7-ab61a63747b4
x-middleton-display
staticcontent_sol, orig_site_sol
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css
1.37% 2517 / 2552
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEmYENyy8fJkb47GygQQ5iqQYZb7T68HzJKViM%2BMR2LyNOT1KckEvx1MuHfHXk%2F1DT%2B409sPSVlsqww440KA7AmSdHOkF6V3oy3Gz7URceQnBaJFCCVwGoAdTnkMwqSR52g9pPiMkFrGa%2Fuo3zfqI7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=252460800
cf-ray
6aab8455eb251784-EWR
display
staticcontent_sol, orig_site_sol
cf-bgj
minify
scroll-status.min.css
www.weather-us.com/weather/css/mdb5/plugins/ 		100 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/css/mdb5/plugins/scroll-status.min.css?ez_used_css_s=13
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaf963aeec4eae8b6c7555128ec7610a0a8b219c6926a8bb98ca06630178e51

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status
HIT
x-sol
orig
age
978278
x-ezoic-cdn
Hit ds;mm;36ac2fa4d0a2079c44093c177d7aea4f;2-217360-50;f8354020-d53d-4397-6e49-f5d1ae62ee56
x-middleton-display
staticcontent_sol, orig_site_sol
x-ez-minify-css
9.09% 100 / 110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLltlGR5qZ%2FNVVqY583YXM860%2FdHl5UMVVMynu7tayMj%2B2cW%2FcI78G7D1gvWgQXCvdZevxK%2Faj%2BgYEDtzYn8tVWUjaaJgrTFKFpwHHxq%2Fey2DdWqzu9lMqyR22Mav4EJEbwJUHRrWqb%2FGIKti16Ifkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-middleton-response
200
cache-control
public, max-age=252460800
cf-ray
6aab8455eb261784-EWR
display
staticcontent_sol, orig_site_sol
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.weather-us.com/
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
368171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78196
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpIBHGIK9la%2BP0DjgYUd3tej%2FBIVTFOtLWbwIHRS%2FlpBxEi6SkqTzZ5Z9bXqUPnPXZLiIxj4hWKh%2FBNLEGFrqCyhKr3r7xf1bwsBC1suSgVwR82Fj9G1O5BoVDIxsV%2BzqEBvo5eot0xovVvYl%2B5Pkmc2"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aab8455ffca18aa-EWR
expires
Sat, 29 Oct 2022 02:54:28 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.weather-us.com/
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1587266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13276
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-33dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlYtfDsIXj76C8lORH0DodBSHJ0lRdFIXZEgDpAj9CbJ%2BRCG6jqEySiZId3PSbIcnGNcSUZGLhqB%2FNPfbn3sowediFJjgnxtDun%2Fdw8tRcQemsNSYXNXk7GK4lM92TJ5RmhlpZ9l3V30QgBM8eMkiMi1"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aab8455ffcc18aa-EWR
expires
Sat, 29 Oct 2022 02:54:28 GMT
banger.js
www.weather-us.com/porpoiseant/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/banger.js?cb=195-2&bv=83&v=55&PageSpeed=off
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed68221ed719c295927c8acca2cfea320ed0f003e5d9dcfc1947360525eb1177

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178270
cf-polished
origSize=51008
cf-ray
6aab84560b631784-EWR
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 06 Nov 2021 01:23:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rADbdaYHD3B2r4mxDrD0vhaXGfC090Ey%2Fqo3MIgp%2FLwXCw7LFI1B1Ktc1Prlh9S4a8l2bp97ynDsANfdHV0tdnqwDXBs%2FZBPZuNSdotImJxY1voRVnXAuHa57OfSka5QSPX7QZcAiEkrt3YKa%2BYoqko%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-bgj
minify
mdb.pro.used.js
www.weather-us.com/weather/js/mdb5/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/js/mdb5/mdb.pro.used.js?v=0905
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc036d1cf00bbe9057ee39d715c0fcb8b023d28731b853b6559e15657a0de09

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984640
x-ezoic-cdn
Hit ds;mm;c964dc542ef79940c4a75432159f35cc;2-217360-50;70b2ddc4-68b9-424d-5670-07b952e886f8
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc7o6v7lpza9hQHfREOPPmqK01PAXk9%2BFR7sT0Etj0XnDr1XX%2BwXTn10i10mZD1RfF37qiRMckYDpACsNrgO57Pwyqi%2BUJ50%2FsLdRLZ3Tj%2FsWtlRVxFoQUN01LFohu5%2FleAT6IgK%2FQBb2rrXs9b9kqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=252460800
x-ez-minify-js
0.00% 100221 / 100223
cf-ray
6aab8455fb3b1784-EWR
display
staticcontent_sol, staticcontent_sol
cf-bgj
minify
scroll-status.min.js
www.weather-us.com/weather/js/mdb5/plugins/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/js/mdb5/plugins/scroll-status.min.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b9627ade2a742e1a99b928ee21ee6977e4db00f55482cafc6929b76741ccbf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984640
x-ezoic-cdn
Hit ds;mm;d5a1d690b388e3b56bb6f31ee75ae7e9;2-217360-50;7473f948-b02e-46ce-76fe-a7c599da23b8
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAVJOFQrQEEz7BgztqS%2Fi4kTFRbaKx43jAC4k6Nwf3HC2vYzrGjpfiWq6HGhYulkZPVLlhUvSvzU5Ekexs6vq3JlZOhPhjcHuAIXACqTsLkbrhWjlZ2Pjtk4lZxCG3lcokEyzkNY19XzBGLZK2yEnIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=252460800
x-ez-minify-js
0.09% 51682 / 51728
cf-ray
6aab8455fb3f1784-EWR
display
staticcontent_sol, staticcontent_sol
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8052758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
701
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9p2XSB959I9z5UbxMO6eaz2%2BCT7rN9MUv1eo%2BKDvRQUtRVjXMT26Xk7xfCnSoPOv05b8SVCQSqCOU4N%2Belm1RhCUS3%2F06DExJNe9bvg4o8LfGVtwVHLbecvjlEcXV76WxB8Yz8yp5KVbCXbvJTT1OpZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aab8455ffcd18aa-EWR
expires
Sat, 29 Oct 2022 02:54:28 GMT
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@12.3.0/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.3.0/dist/lazyload.min.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e88c120a7ece25d960dc24e0e770120611ee5f854effb0cdf344ee7f7f69ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1145250
x-jsd-version
12.3.0
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19180-FRA, cache-ewr18123-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"18f0-XcUsW+DoJ6YMC8PaGJGPMb/0Rcw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6aab84562c86335a-EWR
js.autocomplete.js
www.weather-us.com/weather/js/ 		617 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/weather/js/js.autocomplete.js?v=0905
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7891bfcf7345d3de0a160ce88395fb9fc01b9c82c6a6a0dea24fe5db9252db

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984640
x-ezoic-cdn
Hit ds;mm;4a29c07eb689baa877f96ba2006f0df6;2-217360-50;3c307746-9c2e-472f-5137-fb4c4a98e9c6
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWeuwsNCbQ1gGbFieB05qZFm3h7h6YvGQFapVTHgqdziIuDLRPM4gmoXSJydY%2FMxzFZsM8mSQCVcbOtLm6iWROE53IcFqa2FxRcF0WJRnROYNE7jJ2b4SeQI1ZeoMEsXgO57%2FaP2vi9cjqqbtu3GVFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=252460800
x-ez-minify-js
0.00% 617 / 617
cf-ray
6aab84560b641784-EWR
display
staticcontent_sol, staticcontent_sol
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-87677018-1
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eabc94fc6e6135f976a9a48c6925071e95206ae866fce161824218894aafbe94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36398
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Nov 2021 02:54:28 GMT
cmbv2.js
www.weather-us.com/detroitchicago/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
012200130163b83a065decd7fadce5f66f53aa01a6d479a2045cbf5f56a26346

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
882762
cf-polished
origSize=83438
cf-ray
6aab84560b681784-EWR
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 21:41:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJXwW2lX%2BeLKwCnh7HbQfGwSIZqfJDqUlfoSge%2FcJ4Y%2FKljAtk2yicUWzi2L7AjtsAB%2F%2FTrEUblBsWt1RUeZZQhmU4yu8uJkZgJO8kN4tfT17oBV398ckxagSmExuXGbH1UtNioPi1Ks83my5GH7zXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
cf-bgj
minify
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6aab845628073344-EWR
ezoic.png
go.ezoic.net/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:e000:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 08:49:23 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32f.cloudfront.net (CloudFront)
x-sol
middleton
age
410706
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
content-length
1181
x-amz-cf-id
MX4xJSvq2t5ne56SgOGzB9GaWKb1h5_HDgQ-gNiGLRa4e74868wuew==
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"49d-5bd497273b080-gzip-gzip"
vary
Accept-Encoding,Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
BOS50-C3
display
staticcontent_sol
expires
Wed, 10 Nov 2021 08:49:23 GMT
imp.gif
www.weather-us.com/detroitchicago/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A6%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%226%2C2%2C3%2C0%2C35%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A2%2C%22city%22%3A%22New%20York%22%2C%22country%22%3A%22US%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A217360%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A501%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1103%2C1108%2C1123%2C1148%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%223d5fe4f9-55ef-4de4-7d11-11004cbab96f%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2210013%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A61639%2C%22response_time_orig%22%3A454%2C%22serverid%22%3A%223.83.130.154%3A22534%22%2C%22state%22%3A%22NY%22%2C%22sub_page_ad_positions%22%3A%221006%2C1103%2C1108%2C1123%2C1148%22%2C%22t_epoch%22%3A1636340068%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.weather-us.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1089%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRTEe3IO9tmg2divLvbYOWSQNMU2bKIhqy1%2FCseKT5IrWSfu8N9S5R%2B2CJb2OF0gj%2FoE1cwbWo7rfOrb8AVLkeMnixQDmw8FKKs7oVkpRUGEXFmDtxFzkswJghvsaEnQaBQ%2FY9xRlKQIi0XRRVDoXJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
6aab8456acca1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
etag
"4zy+3zXYb8Q7og5Af8HrBg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 15 Nov 2021 02:54:29 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
cmbdv2.js
www.weather-us.com/detroitchicago/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/cmbdv2.js?gcb=195-2&cb=03-5y0c-5y18-4&cmbcb=20&sj=x03x0cx18
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560736f6b71577b7ce3fc8f7b3b6662a7c8c7ecaa5177950d278cc29cfb072e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
882762
cf-polished
origSize=44604
cf-ray
6aab8456bcd31784-EWR
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 21:41:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4Mijuf1qNBRKdRaKcvzdeWZVYRMhbr4r2jjxOpGhPh9g9JTRPLqwFQrFQnMdjUiS7XmR0FtppHz4xG%2FJBZYCaQ7uquJIg7pZWrVSFSMzFWMPn%2BPtGDdZHgq6q%2B5AsOgcqid6HlR2%2Fa18s4rgHj6RjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
cf-bgj
minify
houston.js
www.weather-us.com/detroitchicago/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/houston.js?gcb=2&cb=15
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3662d59dc02e7a992f8da286146a1b0825d81ca1a9ebaf041a0f080606b0e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
288581
cf-ray
6aab8456dd1e1784-EWR
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 04 Nov 2021 18:44:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP%2BWz%2BWQOxE3nMGpGXlETSL0mjuFE%2B6EHRRTHyFD3PBVbSpjpNHx4Oxn5eE2p8lbw2%2FxXKRtHVi0DmDrbM6bt%2BIL74wsJuQbed2DqWxHpZ1aELnFj0LHMmut4NdPXxf2nRW4mo3HM6TwngcEpWKY0rw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-bgj
minify
nmash.js
www.weather-us.com/porpoiseant/ 		24 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/nmash.js?v=83
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c003b66f6e6bfc85740a44018d95208ebec057503d4371d889ce9346a05754cc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178348
cf-polished
origSize=24707
cf-ray
6aab8456ed291784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 06 Nov 2021 00:10:59 GMT
server
cloudflare
etag
W/"6083-5d013982a7fa5;5c701b9c2cf40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rThnG1fub3lMI2S2ATbgKBitp96fhMZhv%2Fr%2F7A1Xz9OoGUNtVriDSrwfsk9tG5MreFbcMh3edxpUkSvSXZ5Emyi9u294VoZ9mfO8XQ8EFhher18asdNudeKD8WOXQAoRZY9v6Ew0mXNQEQEg0FJu%2BPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-bgj
minify
pubads_impl_2021110201.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118932
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 08:34:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 02:54:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		140 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ba05479353595e7b5b95df4218a9483cae816fddb5cd943c8d361f49f52bab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
expires
Mon, 08 Nov 2021 02:54:28 GMT
33.png
www.weather-us.com/weather/images/icons/128x128/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.weather-us.com/weather/images/icons/128x128/33.png
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f143a4a7a89a9f986fbc1ca5dbf2696e46dd29a1fadf3116c90486c36b3019

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
983962
x-ezoic-cdn
Hit ds;mm;97203be2421152458a44d405f91bbb75;2-217360-50;55299b71-8875-4c43-569b-b05d56dd3b1a
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjygpnHl9A3DLUTXk7jNa9LLq9FBkV13QKFeugKG07g4%2FbJ%2FWKY%2FZ9pKMqvWi5hUR2qnIzUZrmofKJz3M1%2FK%2B4Ct7OvpRqLHW3gTJj6RTqqN7iEuixCKv1DLKpc0cKv9yWVUILxx7u3EG%2F8CHaN810E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=252460800
cf-ray
6aab8457cec61784-EWR
display
staticcontent_sol, staticcontent_sol
31.png
www.weather-us.com/weather/images/icons/128x128/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.weather-us.com/weather/images/icons/128x128/31.png
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4f44122a173725d8ba66d29452c62cca073865e4c1510021214bd0d51fc152

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984632
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
cloudflare
x-origin-cache-control
max-age=252460800, public
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5A3%2BAV1sQwkFlLxWDnL1HOZuESHrWmHf4vHp573N%2Bwg%2BJcDsgBj9VA7vC56ax2XXeKyJCCi3C8QPCiBuD6JkLm1DVlw%2B89os%2FW1%2FEtIzFSQmPHcX2mLnBeOAESVFKENk4Moqj5Fnva2zNAHTwsJBQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=252460800
cf-ray
6aab8457cec41784-EWR
display
staticcontent_sol, staticcontent_sol
expires
Wed, 01 Jan 2020 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.weather-us.com%2F&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-2.bos50.r.cloudfront.net
Software
Server /
Resource Hash
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 21:50:21 GMT
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
server
Server
age
18246
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
BOS50-C3
content-length
385
x-amz-cf-id
_3g0vKjTDYX50hSfqfCnmx_NdN8mMTTJzIQYLXqHPv1dmV6AHlAFaQ==
bid
c.amazon-adsystem.com/e/dtb/ 		185 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.weather-us.com%2F&pid=Bp0sYlGnsGhPT&cb=0&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-weather_us_com-box-3-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C3711114%2Fweather_us_com-box-3%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A17%7D%2C%7B%22sd%22%3A%22div-gpt-ad-weather_us_com-box-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C3711114%2Fweather_us_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-weather_us_com-large-leaderboard-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C3711114%2Fweather_us_com-large-leaderboard-1%22%7D%5D&schain=1.0%2C1!ezoic.ai%2Cca795391da0aaa38c9f60e344ca4af9e%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-2.bos50.r.cloudfront.net
Software
Server /
Resource Hash
7aeb78b465c12b559de6332855e66d480a8e8d8120d3705a67ccbc63971316e2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-C3
x-amz-rid
MD2R9S7NCAABAC814HKX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
185
x-amz-cf-id
O9MAWQXFFKynG5vbsNGdYUUOrAGF1N62lg94o64HCXE1qyLJb_VIng==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-2.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:14:44 GMT
via
1.1 44ff34c350a3caf3ee6c495fff64077a.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
5985
x-cache
Hit from cloudfront
content-length
6482
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
BOS50-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
rKJUbxa_1DLRvvnjvqHWpD0mQn5dbTcB_w4HT5XinD9arEOooDCLEg==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87677018-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
3730
date
Mon, 08 Nov 2021 01:52:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 08 Nov 2021 03:52:19 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Mon, 08 Nov 2021 02:41:16 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10053
x-request-id
587628639
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:bc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 07:04:46 GMT
via
1.1 dcf91885f867cf935702b92732a304e7.cloudfront.net (CloudFront)
age
71384
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
BOS50-C3
accept-ranges
bytes
x-amz-cf-id
PIYX3JbVEPNI8z1QCekorabtrWegwsl464mDhh8HB6rT7E7k7wvMyg==
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1252775448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.weather-us.com%2F&ul=en-us&de=UTF-8&dt=Weather%20Atlas%20%7C%20New%20York%2C%20USA%20weather%20forecast%20and%20Climate%20information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=740187387&gjid=611706757&cid=1495726912.1636340069&tid=UA-87677018-1&_gid=536134134.1636340069&_r=1&gtm=2oub31&z=1054260579
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=788444220;labels=Domain.weather_us_com%2CDomainId.217360;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.weather-us.com%2F;uht=2;fpan=1;fpa=P0-13203061-1636340069083;pbc=;ns=0;ce=1;qjs=1;qv=11...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=788444220;labels=Domain.weather_us_com%2CDomainId.217360;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.weather-us.com%2F;uht=2;fpan=1;fpa=P0-13203061-1636340069083;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;us_privacy=1---;ref=;d=weather-us.com;je=0;sr=1600x1200x24;dst=0;et=1636340069082;tzo=0;ogl=title.Weather%20Atlas%20%7C%20New%20York%252C%20USA%20weather%20forecast%20and%20Climate%20information%2Cdescription.New%20York%252C%20USA%20weather%20and%20climate%20data%20-%20from%20current%20weather%20and%20hourly%20forecas%2Cimage.%2Fweather%2Fimages%2Fcity%2F9%2F3%2F2372139-1500%252Ejpg%2Curl.https%3A%2F%2Fwww%252Eweather-us%252Ecom%2Csite_name.Weather%20Atlas
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:559e:e8a8:8a19:7f11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
457.json
id5-sync.com/g/v2/ 		453 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p24.id5-sync.com
Software
/
Resource Hash
71855e2d9e249b85247d1a45e3e138cd0c06a0d2ddfd53a7380a180bfda43a37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 02:53:37 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.weather-us.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
rum
www.weather-us.com/cdn-cgi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.weather-us.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6aab84580f581784-EWR
vary
Origin
iu3
s.amazon-adsystem.com/ Frame 408A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
304 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3bf52dd37091b459cb892524dafa14e39594406aea17d5f157d85ac70e944586
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
304
Connection
keep-alive
x-amz-rid
RT458C31GXBFGBH5C772
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
8E0AHQPDFDB3XGRVWC0Q
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
pr
s.amazon-adsystem.com/v3/ Frame 8FDF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ee11333ba68c52a046b0f4c557ec466c4766a10f2e8f0267d70aa53009680229
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rx_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2452
Connection
keep-alive
x-amz-rid
HJ4HXNR7SNJ11YQJH5C5
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
amzns2s
rtb.gumgum.com/usync/ Frame 221D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
079749576b7b570a05b859cd859d5a92952f7cb3f68de4f3bbfe7d2b3431ba1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"072aa9f46380517689661ae825b1b8e3d"
timing-allow-origin
*
content-encoding
gzip
ecm3
s.amazon-adsystem.com/ Frame E69D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=99c6a788-b1f4-4cbd-ac73-0be497015616
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=99c6a788-b1f4-4cbd-ac73-0be497015616
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
0T7BWF77SS77GC82WG1H
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=99c6a788-b1f4-4cbd-ac73-0be497015616
usermatch
ssum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
052579673d96ad574716854898fb6bba575e1ec5bde41eac28028408ca7e004c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|31|57|65|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1718
Expires
Mon, 08 Nov 2021 02:54:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 08 Nov 2021 02:54:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0217 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
d900c4b1d6455457067835a006261bc7117ca24493d7b7153c3bc31a0cc0820a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
427
ecm3
s.amazon-adsystem.com/ Frame 9DDD
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bdevice_id%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=b6d67017-e46d-4825-a911-4ee8976060ef
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=b6d67017-e46d-4825-a911-4ee8976060ef
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
6AV1SS16Q03T7QK2A9X1
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=b6d67017-e46d-4825-a911-4ee8976060ef
content-length
0
date
Mon, 08 Nov 2021 02:54:29 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3686 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=33953
expires
Mon, 08 Nov 2021 12:20:22 GMT
date
Mon, 08 Nov 2021 02:54:29 GMT
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame B5D6
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=7EDEAC6C997F4AECA88DCAAAA501CD64&ex=simpli.fi&status=ok
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7EDEAC6C997F4AECA88DCAAAA501CD64&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
PV4BPEPV83YAXHVM9ZNS
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

server
nginx
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
text/html
content-length
138
location
https://s.amazon-adsystem.com/ecm3?id=7EDEAC6C997F4AECA88DCAAAA501CD64&ex=simpli.fi&status=ok
expires
Sun, 07 Nov 2021 02:54:29 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tamptsync
sync-amz.ads.yieldmo.com/ Frame 15C2 		881 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.71.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-71-32.compute-1.amazonaws.com
Software
/
Resource Hash
236cf608ad71b4b998b98ae7567fc81aab74f9b86caeb2cbfee77db3eccb1b8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
ecm3
s.amazon-adsystem.com/ Frame 1000
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2785380007497343404&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2785380007497343404&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
M9P0KV7QA4XK7CZYZQZE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=2785380007497343404&ex=appnexus.com
AN-X-Request-Uuid
3428f3db-b6b7-4ceb-a551-6c89606e5921
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame 97FF
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
817f06c96a24322d481d939bcfe42bda0b5d6e6d60fed74e3cd327325bc0d9dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Server
nginx
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2dca1
ecm3
s.amazon-adsystem.com/ Frame 784A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=13858035297628960634
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=13858035297628960634
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
Q8XXZ42KVK8ABFMBTBM0
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=13858035297628960634
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
stats.g.doubleclick.net/j/ 		2 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-87677018-1&cid=1495726912.1636340069&jid=740187387&gjid=611706757&_gid=536134134.1636340069&_u=YEBAAUAAAAAAAC~&z=1931795446
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 0217 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=3acc04dc-6acc-40a8-b9a4-8e176d1d0775
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8H1B9V5F69APHW0DC732
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0217
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 0217
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 0217
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=2785380007497343404
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=2785380007497343404
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
303d5a0d-d8c6-4cfc-9554-5b8ab3b0b479
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=2785380007497343404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0217
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=fec8aa7f-32fe-4a90-a67a-998ca76667b8&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=2785380007497343404
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=2785380007497343404
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3dc6f2a3-6969-45a4-840f-84fcf06d0947
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=2785380007497343404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=34fb4add-557d-4046-a194-9ac38e1ad026&user_group=1&ssp=gumgum2&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://rtb.gumgum.com/usersync?b=bsw&i=99c6a788-b1f4-4cbd-ac73-0be497015616
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=99c6a788-b1f4-4cbd-ac73-0be497015616
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=99c6a788-b1f4-4cbd-ac73-0be497015616
Date
Mon, 08 Nov 2021 02:54:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-b659012f-22b0-448e-4e12-6a4bc59b8791$ip$87.101.95.204
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-b659012f-22b0-448e-4e12-6a4bc59b8791$ip$87.101.95.204
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-b659012f-22b0-448e-4e12-6a4bc59b8791$ip$87.101.95.204
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&gdpr=&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWUWTJXGJTHGSSSNBVTGU3BLEYEIVLRGU
  • https://rtb.gumgum.com/usersync?b=zem&i=mKM72fsJRhk3SaY0DUq5
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=mKM72fsJRhk3SaY0DUq5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&i=mKM72fsJRhk3SaY0DUq5
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
87
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4073075717
  • https://sync.1rx.io/usersync/tradedesk/8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
  • https://sync.targeting.unrulymedia.com/csync/RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Tengine
ETag
RXbded5dcaff8f429db41424662c4e43c9005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=pv0i1gefhpDT&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=pv0i1gefhpDT&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=pv0i1gefhpDT&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-857fc6c844-pmz4x
expires
-1
cookie-sync
sync.outbrain.com/ Frame 221D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_4f43a9e4-d451-482f-b069-3220fe9f0b02&obuid=ENC(RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=RlZSP9Zb7vWLOazFfpyQzewXvdZU9u32DR7D8E0b7zmQEmMnKmQpLnkiTTouYpco
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=outbrain&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616&google_hm=OTljNmE3ODgtYjFmNC00Y2JkLWFjNzMtMGJlNDk3MDE1NjE2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMbNmV3TeJF78-VMNy8AnZI&google_cver=1&ssp=outbrain&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Cache-Control
no-cache
X-TraceId
497e48e0bcb0949a7184ff4015aea97c
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Mon, 08 Nov 2021 02:54:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=17aa4037-1816-49da-9b2e-caf6ead44345
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=17aa4037-1816-49da-9b2e-caf6ead44345
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=17aa4037-1816-49da-9b2e-caf6ead44345
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 221D 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:7acd:b606:a0b6:34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=31405679-403f-11ec-87b2-63f22605595d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=31405679-403f-11ec-87b2-63f22605595d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=31405679-403f-11ec-87b2-63f22605595d
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3140567a-403f-11ec-87b2-63f22605595d
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://rtb.gumgum.com/usersync?b=snc&i=851E40D473E44DD399FF4BFBE8E09D55
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=snc&i=851E40D473E44DD399FF4BFBE8E09D55
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 varnish
server
nginx
age
0
location
https://rtb.gumgum.com/usersync?b=snc&i=851E40D473E44DD399FF4BFBE8E09D55
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
614898863
content-length
0
142
match.deepintent.com/usersync/ Frame 221D 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame 221D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=ed2029f1-53ff-4c45-9263-0bac84caeb2e
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=ed2029f1-53ff-4c45-9263-0bac84caeb2e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=ed2029f1-53ff-4c45-9263-0bac84caeb2e
date
Mon, 08 Nov 2021 02:54:29 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 221D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 221D 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_4f43a9e4-d451-482f-b069-3220fe9f0b02
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1D33B62P2EPN3E49CX3M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 97FF 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=9e86f09c58a336b2de16f41b&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3PSRMA0CGWRA9P8FJRM1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 97FF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=9e86f09c58a336b2de16f41b&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=620839977313
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=620839977313
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=620839977313
epx.gif
px.owneriq.net/fr/ Frame 97FF
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6896264691944097024&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
104.65.247.96 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-247-96.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=319333
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 11 Nov 2021 19:36:42 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=71286
Connection
keep-alive
Content-Type
text/html
Content-Length
154
merge
ce.lijit.com/ Frame 97FF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=oxxSsH4fKVcB&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=oxxSsH4fKVcB&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=oxxSsH4fKVcB&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-857fc6c844-p7gf8
expires
-1
merge
ce.lijit.com/ Frame 97FF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=2785380007497343404&gdpr=0&gdpr_consent=
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=2785380007497343404&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b59a60ad-c6dd-4b1a-be70-4e9e0939a505
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=2785380007497343404&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97FF
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OWU4NmYwOWM1OGEzMzZiMmRlMTZmNDFi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OWU4NmYwOWM1OGEzMzZiMmRlMTZmNDFi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=OWU4NmYwOWM1OGEzMzZiMmRlMTZmNDFi&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
ecm3
s.amazon-adsystem.com/ Frame 15C2 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g10c2658912f7d41b8e9
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X22DB9K1DVY0RC24GFY1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 15C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=2785380007497343404&pn_id=an
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=2785380007497343404&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
63a69c18-ca31-4136-8aee-931dd80a2a60
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.yieldmo.com/v000/sync?userid=2785380007497343404&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 15C2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=99c6a788-b1f4-4cbd-ac73-0be497015616&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=99c6a788-b1f4-4cbd-ac73-0be497015616&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=12785609-8d33-4da7-a7a9-3660d41c8a0f%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&ttd_puid=12785609-8d33-4da7-a7a9-3660d41c8a0f%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=yieldmo&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://ads.yieldmo.com/sync?userid=99c6a788-b1f4-4cbd-ac73-0be497015616&pn_id=bsw&extinit=
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=99c6a788-b1f4-4cbd-ac73-0be497015616&pn_id=bsw&extinit=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=99c6a788-b1f4-4cbd-ac73-0be497015616&pn_id=bsw&extinit=
Date
Mon, 08 Nov 2021 02:54:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 15C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 15C2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=ExN5eqXJQahMzRs4rtIrOVdlX8w
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=ExN5eqXJQahMzRs4rtIrOVdlX8w
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=ExN5eqXJQahMzRs4rtIrOVdlX8w
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 15C2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=5mWlCotForN0&ev=1&pn_id=pp&pid=561118
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=5mWlCotForN0&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.208.71.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-71-32.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync-pp.ads.yieldmo.com/sync?userid=5mWlCotForN0&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 3686 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46246444&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
597596bafb71f426b48dcb8395494adfb25454ba5dff21655ec52c16b25c4499

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-87677018-1&cid=1495726912.1636340069&jid=740187387&_u=YEBAAUAAAAAAAC~&z=565757934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01DB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=33953
expires
Mon, 08 Nov 2021 12:20:22 GMT
date
Mon, 08 Nov 2021 02:54:29 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 1287
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&t=1638932069
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&t=1638932069
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&t=1638932069
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame F8E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame A311
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=8b666188-9165-4600-960d-59187982b791&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=8b666188-9165-4600-960d-59187982b791&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master iad-pixel-x10 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=8b666188-9165-4600-960d-59187982b791&gdpr=&gdpr_consent=
Expires
Mon, 08 Nov 2021 02:54:28 GMT
usersync
rtb.gumgum.com/ Frame FEF3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
  • https://rtb.gumgum.com/usersync?b=atm&i=YYiRZQAAApSoXQAz&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YYiRZQAAApSoXQAz&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YYiRZQAAApSoXQAz&gdpr=&gdpr_consent=&_test=YYiRZQAAApSoXQAz
accept-ranges
bytes
date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 varnish
x-served-by
cache-lga21921-LGA
x-cache
HIT
x-cache-hits
0
x-timer
S1636340070.517884,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 11A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 08 Nov 2021 02:54:29 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZjQzYTllNC1kNDUxLTQ4MmYtYjA2OS0zMjIwZmU5ZjBiMDI=&gdpr=&gdpr_consent=&google_tc=
date
Mon, 08 Nov 2021 02:54:29 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
de.tynt.com/deb/ Frame 49DF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
2078feb70f1dd631eee10ecb19d825b665383b545023b5b73acd5e2b194e2841

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1774
date
Mon, 08 Nov 2021 02:54:29 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Mon, 08 Nov 2021 02:54:28 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usersync
rtb.gumgum.com/ Frame 1636
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3l...
  • https://cs.emxdgt.com/umcheck?apnxid=2785380007497343404&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly9ydGIuZ3VtZ3VtLmNvbS91c2Vyc3luYz9iPWVteCZpPSRFTVhVSUQ=
  • https://rtb.gumgum.com/usersync?b=emx&i=2785380007497343404brt66581636340069510964b9
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=emx&i=2785380007497343404brt66581636340069510964b9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

content-type
text/html
date
Mon, 08 Nov 2021 02:54:29 GMT
location
https://rtb.gumgum.com/usersync?b=emx&i=2785380007497343404brt66581636340069510964b9
content-length
0
usersync
rtb.gumgum.com/ Frame 6C4E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YYiRZcCo8YwAAC3mQWEAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YYiRZcCo8YwAAC3mQWEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YYiRZcCo8YwAAC3mQWEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40232.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":false,"ipv4":"87.101.95.204","key":"YYiRZcCo8YwAAC3mQWEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40232"}
X-SO-Key
YYiRZcCo8YwAAC3mQWEAAAAA
X-SO-IP
87.101.95.204
X-SO-Cluster-ID
18
X-SO-Upstream-ID
a-ad40232
usersync
rtb.gumgum.com/ Frame 7493
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1791377135581920455
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1791377135581920455
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=1791377135581920455
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 14C4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=UZ1J5wYKCKHKQGHSpdLF&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=UZ1J5wYKCKHKQGHSpdLF&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT Mon, 08 Nov 2021 02:54:29 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=UZ1J5wYKCKHKQGHSpdLF&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
8.gif
id5-sync.com/c/457/796/1/
Redirect Chain
  • https://id5-sync.com/i/457/8.gif?id5id=ID5*gox7FWwGx8_VFcdfsyRaDRfAihKHodWLkcg2UhG1jLAAAJW3TJbHOk_qYLKy1YeW&o=api&gdpr_consent=undefined&gdpr=0
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/457/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/457/2/7/2.gif?puid=2785380007497343404&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOtMLxlQ3R8QVr4GxXzwS8SF9l49FJDAAIyXG66g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/457/3/6/3.gif?puid=8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&ttl=%%TTL%%
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAKq0-3sf5iKpASRoX6F-F4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2785380007497343404&opid=apx&ops=&utidl=tech:goo:CAESEAKq0-3sf5iKpASRoX6F-F4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22319410907&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NTcmZm9ybWF0PWdpZiY
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOtMLxlQ3R8QVr4GxXzwS8SF9l49FJDAAIyXG66g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F457%2F916%2F3%2F6.gif%3Fpuid%3...
  • https://id5-sync.com/cq/457/916/3/6.gif?puid=ed2029f1-53ff-4c45-9263-0bac84caeb2e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4X07DESMAABMq88SAvw
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F796%2F1%2F8.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/457/796/1/8.gif?puid=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
0
0
crum
dsum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYiRZdANBuf1s7HSHga2JgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENs0ok4d71ambkVACUK0Uzo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENs0ok4d71ambkVACUK0Uzo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENs0ok4d71ambkVACUK0Uzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&expiration=1638932069&gdpr=0&gdpr_consent=
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&expiration=1638932069&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&expiration=1638932069&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame AA51 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
21SK3E87GQH83R8Z0CZS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ0zH-B3PR5Dp1xrL0WPBMU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ0zH-B3PR5Dp1xrL0WPBMU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ0zH-B3PR5Dp1xrL0WPBMU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6896264691444520069&uid=Q6896264691444520069&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6896264691444520069
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6896264691444520069
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6896264691444520069
Cache-Control
max-age=71286
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377135581920455
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377135581920455
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377135581920455
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum.casalemedia.com/ Frame AA51
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=79223c6dfdd8120b&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGaE9i-ZOb1QMnPkeaAAAAAAA&expiration=1636426469&is_secure=true
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGaE9i-ZOb1QMnPkeaAAAAAAA&expiration=1636426469&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGaE9i-ZOb1QMnPkeaAAAAAAA&expiration=1636426469&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame AA51
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-acc16193-471c-4596-9da9-73c8bf8722e7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-acc16193-471c-4596-9da9-73c8bf8722e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:29 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-acc16193-471c-4596-9da9-73c8bf8722e7
date
Mon, 08 Nov 2021 02:54:29 GMT
server
Apache-Coyote/1.1
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AA51 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q2B504B1PXCQTR66EGKX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		878 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=3702375639809567&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-3%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x250%2C300x250%7C336x280&prev_scp=a%3D%257C252%257C%26iid1%3D7895063989747713%26eid%3D7895063989747713%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dweather_us_com-box-3-7895063989747713%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D1100%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D187%2C168%2C0%2C34%2C0%2C168%2C187%2C20%2C143%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C919%2C2030%2C783%2C16%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3Dc410f2a2b0c2123f4b6651cda6c5cf53%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D950%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636340069&dt=1636340069537&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C1030&adys=136%2C603&adks=3533397810%2C3973906509&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x252%7C355x280&msz=970x250%7C300x250&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
2f5dbd7e3b226bde177d13cc5bf1a693a46794805a1f2ae18acd12b9c7de2717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6866ab0fbc2d9aa53cd8c9233d3cc6ba2729d94cab57258f689927075961901a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9209
x-xss-protection
0
container.html
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2507 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 02:54:29 GMT
expires
Tue, 08 Nov 2022 02:54:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
match
c1.adform.net/serving/cookie/ Frame B792
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 08 Nov 2021 02:54:29 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5472
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYiRZQAAApSoXQAz&gdpr=0&gdpr_consent=
1 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYiRZQAAApSoXQAz&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug014:0:632
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYiRZQAAApSoXQAz&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 varnish
x-served-by
cache-lga21921-LGA
x-cache
HIT
x-cache-hits
0
x-timer
S1636340070.663555,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0931 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
95G8MDRQZ4MPR3EJ4HYB
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3686
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33953
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 08 Nov 2021 12:20:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3686
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQ5MjkxRTRDLThEMzEtNDM4Mi1BNjBELTRBQTZENEU4RTAzNBAAGg0I5aKijAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6c0cadf0233d768689ee4fd3941210f0a04fdbd1e877040cfb37ad8670af3a0d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2YzBjYWRmMDIzM2Q3Njg2ODllZTRmZDM5NDEyMTBmMGEwNGZkYmQxZTg3NzA0MGNmYjM3YWQ4NjcwYWYzYTBkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2YzBjYWRmMDIzM2Q3Njg2ODllZTRmZDM5NDEyMTBmMGEwNGZkYmQxZTg3NzA0MGNmYjM3YWQ4NjcwYWYzYTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI5aKijAYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
54.211.161.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-161-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=56 t=1636340069
x-served-by
beacon-n024-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date
Mon, 08 Nov 2021 02:54:29 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
SPug
image4.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b666188-9165-4600-960d-59187982b791
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b666188-9165-4600-960d-59187982b791
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x17 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b666188-9165-4600-960d-59187982b791
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:28 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDkyOTFFNEMtOEQzMS00MzgyLUE2MEQtNEFBNkQ0RThFMDM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:357
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIEELg-BHHljPna6z0GMn0A&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIEELg-BHHljPna6z0GMn0A&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug012:0:1496
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIEELg-BHHljPna6z0GMn0A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
42 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:866
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 07 Nov 2021 02:54:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737178857735877580&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737178857735877580&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:542
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2737178857735877580&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3686
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug012:0:507
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usync.js
eus.rubiconproject.com/ Frame F8E3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43f837576363b4db837a9602c15f95f8a25c28efd10a6c93f44bc171fceecc14

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31192
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Mon, 08 Nov 2021 11:34:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 08 Nov 2021 02:54:29 GMT
usync.html
eus.rubiconproject.com/ Frame 20F0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Date
Mon, 08 Nov 2021 02:54:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1211
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1636340069647.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D25%26external_user_id%3D
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=33953
expires
Mon, 08 Nov 2021 12:20:22 GMT
date
Mon, 08 Nov 2021 02:54:29 GMT
vary
Accept-Encoding

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP002
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D25%26external_user_id%3D
content-length
0
date
Mon, 08 Nov 2021 02:54:29 GMT
usersync
rtb.gumgum.com/ Frame 49DF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1636340069647.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://rtb.gumgum.com/usersync?b=tta&i=1690046945666
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=tta&i=1690046945666
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://rtb.gumgum.com/usersync?b=tta&i=1690046945666
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 49DF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=ExN5eqXJQahMzRs4rtIrOVdlX8w&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
date
Mon, 08 Nov 2021 02:54:29 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 49DF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1636340069647.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fus_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?us_privacy=&bidder_id=1&external_user_id=8b666188-9165-4600-960d-59187982b791
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?us_privacy=&bidder_id=1&external_user_id=8b666188-9165-4600-960d-59187982b791
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?us_privacy=&bidder_id=1&external_user_id=8b666188-9165-4600-960d-59187982b791
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:28 GMT
match
cms-xch-chicago.33across.com/ Frame 49DF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp%7EA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp%7EA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:28 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-R66UfeFE2uHwCkk.thwjbwLpDvPZgvfp%7EA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 49DF
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=3a8c7e4fe951120a&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGaKpWCf6ieAMovQXZAAAAAAA&expiration=1636426469&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGaKpWCf6ieAMovQXZAAAAAAA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGaKpWCf6ieAMovQXZAAAAAAA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGaKpWCf6ieAMovQXZAAAAAAA&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame F8E3 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/jpg
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FFBF 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 07 Nov 2021 03:44:00 GMT
expires
Mon, 07 Nov 2022 03:44:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
83430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 978F 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8adebcb7022c7e1373b496a7ecf9ca5933dea51519fae02d2165583d86e449a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yXBNGp/J4dnyhc3MlRsRdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 08 Nov 2021 02:54:30 GMT
date
Mon, 08 Nov 2021 02:54:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yXBNGp/J4dnyhc3MlRsRdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame 20F0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43f837576363b4db837a9602c15f95f8a25c28efd10a6c93f44bc171fceecc14

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31192
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Mon, 08 Nov 2021 11:34:21 GMT
usersync
rtb.gumgum.com/ Frame F8E3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
  • https://rtb.gumgum.com/usersync?b=mag&i=KVQ2MMK6-15-ANX7
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=KVQ2MMK6-15-ANX7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=KVQ2MMK6-15-ANX7
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
match
cms-xch-chicago.33across.com/ Frame 20F0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KVQ2MMK6-15-ANX7
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KVQ2MMK6-15-ANX7&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KVQ2MMK6-15-ANX7&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KVQ2MMK6-15-ANX7&ts=1636340069&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
ads.yahoo.com/cms/ Frame F8E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQ2MMK6-15-ANX7&sigv=1&esig=2~7b320742339ab7e407dd16c603f71336e6e7e496
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQ2MMK6-15-ANX7&sigv=1&esig=2~7b320742339ab7e407dd16c603f71336e6e7e496
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQ2MMK6-15-ANX7&sigv=1&esig=2~7b320742339ab7e407dd16c603f71336e6e7e496
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F8E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MwMTYyY2YyNGQ5NjczODM2NGE4NDJjYzk1YTY0NmM1NzYwZDYxYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MwMTYyY2YyNGQ5NjczODM2NGE4NDJjYzk1YTY0NmM1NzYwZDYxYg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MwMTYyY2YyNGQ5NjczODM2NGE4NDJjYzk1YTY0NmM1NzYwZDYxYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F8E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELq4zHxYBc77zePPqNkNNwk&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELq4zHxYBc77zePPqNkNNwk&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELq4zHxYBc77zePPqNkNNwk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F8E3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYiRZQAAApSoXQAz
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYiRZQAAApSoXQAz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636340070.930083,VS0,VE0
x-served-by
cache-lga21921-LGA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYiRZQAAApSoXQAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame F8E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rl4KVzKXJ7z6PlYNgsN5gcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3606956393407137529
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3606956393407137529
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif

Redirect headers

date
Mon, 08 Nov 2021 02:54:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3606956393407137529
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame F8E3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8b666188-9165-4600-960d-59187982b791&expires=28
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8b666188-9165-4600-960d-59187982b791&expires=28
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Content-Type
image/gif

Redirect headers

Date
Mon, 08 Nov 2021 02:54:29 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8b666188-9165-4600-960d-59187982b791&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:28 GMT
709414.gif
id.rlcdn.com/ Frame F8E3 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame F8E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRMk1NSzYtMTUtQU5YNw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRMk1NSzYtMTUtQU5YNw==
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRMk1NSzYtMTUtQU5YNw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=3101891864218379&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ga%3D2497208%26tap%3Dweather_us_com-pixel1-8493526997675934%26ezoic%3D1%26ap%3D9999%26iid1%3D8493526997675934%26bra%3Dmod1-c&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636340069&dt=1636340069946&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=654887904&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9b4fd18a833f9f946c365cda52ab99611ac7fa1e24250bda7e67fa1c62cf2959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31352
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2021110201.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110201.js?cb=31063414
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13417
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 08:34:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 02:54:29 GMT
greenoaks.gif
www.weather-us.com/detroitchicago/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMTEtMDgifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Uvj87xoEqHqgCsaY2eeWR%2FKM1U1%2FY7kpypoOmWITp60A3fsO5uGR7kcjjIVSFIGpwi9IKJBLdrO7U8KyskZilXdPcrtLgptNcS37Ay8vHj34ydSFeLFsRq8uJ1n4YKNM5Ysx3TWeKf4EUlVvayRols%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab845dda4d1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:30 UTC
greenoaks.gif
www.weather-us.com/detroitchicago/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI0NTIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjExOTgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjcifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTc3In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjA4In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjM1NCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjEzNTgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEzNTgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nUCvjKu0LWB1CJI9aIoB2PfmnGRNVvw5fX5fJ6%2B7tzXzifXuTMCDbX%2FRKG3Qx%2FO33wwvltZByBQ36wQletutJlJvsnNbAzoBZlGohRvGGCu8u9RfbivrmiqgiBb31BSaV1L7bAM%2BvF%2BSR7FO%2Bhav18%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab845dda531784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:30 UTC
greenoaks.gif
www.weather-us.com/detroitchicago/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMjcyIn1dfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpgiQ2jCDY1c41CqhVOW5%2B5w9PwRnx2N8aqDevDjSaLehLriMQpxfIAIkV0hOvr3vXFUFN2lIrUnXJtN0lo6Ie1ay8s33kftM%2BuBJecUVXeUburrmV3IbM%2FX23v3nmpCLG%2B1neuMmvqh3hpE2PsfK8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab845dda551784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:34 UTC
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame FFBF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
364454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 21:40:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 978F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=2465637124299127&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=2465637124299127&bg=!HxylHFjNAAYH3anuB907ACkAdvg8WkUICoKniaYyaYORL-NADkdJSTpe7nXN_ozDYMV6-s0YVdfnEQIAAAB0UgAAAAtoAQcKACjsdx8mO8Ryv-zfnxrnonaEEFN96IUkcZgDoDNoOGgbP90KK_4QSeGVmQLGrWRaM8FPQ78mkKuxxSw-d_ob0FgqkxQBcjWbAvY62HxXARr7jz87Uou_Eo3hmALvjAXFXG4-JmH5ZzeQ89RJ7KU3MnEWHKfPOaVUUhh_U_xNvdwo23G9CIKSEvkPGHMelETz2mRopf1RW2ymk1E0U4-sYXIUx-YSV3SraHQx7bbtKr-wxcLqQaeZi09alGy5e5LtT5AAGnJ8uhLOMxwbphEPE-iuWuFHX4a_0eik6DEbT2eIYz6FB1YjGMG-z3sIJM0AlMUKN7SO8zQN2LSqOhH1Ywnc_-lLV2h2neE_3BZUNrg0Su0YnAVzhIruAL81qRlgWPKj_jV8fp3rWYrkp64dbkF1xwYSsO2cxLHXHlYx4H_n_1vE5x6DLfZ0dVxgPNL5ZgPRA2FLK9m0e2Hta57IcJO9f80rIj6LXTaLJl_ymUBxyGFyO7jkTLsOYmXOWGbGcf5fZ4dB5k2nrYVvhpGg4WhD9BR1xhsFxOWZkMzMtPtSSoygtj9nFwoQarnBAbzOPtGKEvalBrUxat5rsDDnAN9A0Qn9lOTMthD88Ow-H2Iz88b8xAxXLhB8MB_CuEYjUZmB3b1AapKuC81yglWJuocC1lHB2R3GWy-_bm0f93eXonlvrmzQlWuOWseDuzFfhz_BwmIwAskJxzXnHih41jObf0OWfuVEg148g4IBsBDW9v3IqCPbvmY5pRTJCnohzQipkxLmwZLpqcJYEPEROZoZRodTiO_UZd_EROxQvSKE2atiDAps2rA6ePBw-wRrgym0_Db4XjKNeZrLSbh-KyxKqsdGwbR7_RYzViw_NjORKwRCLUYgeQtbeYVwmCGqDBdMfhHkRjMjzL8xTK5QfrEnkGA7KgU7LYGMLHBAoqJtbR6TN91Z2vr3aUBBdfQv9CGxWsUwWPBZpS3zdA_3wX2UYW_GGxBs8JDSYREtxdmgSz0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA42 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 02:54:29 GMT
expires
Tue, 08 Nov 2022 02:54:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
greenoaks.gif
www.weather-us.com/detroitchicago/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE3NzAifV19XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19RFo6soZQdRaPDOoVKBKxhWlrDt6dK8bXd%2Bu%2FF1oTdOjFPm%2FPSc3tU59IB2l0h60%2BFpAEAHzLfs6D%2FAQviyjLSi8rjNhrfA67%2B%2FYyMRMsVMMZWmYAsVqRjVRnHKnL1nlj0CxnJq15hx3Y94en%2BDU%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8460f8101784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:30 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODQ5MzUyNjk5NzY3NTkzNCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJ3ZWF0aGVyX3VzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhdWN0aW9uX2Vwb2NoIjoxNjM2MzQwMDcxLCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImJpZF9mbG9vcl9pbml0aWFsIjpudWxsLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6bnVsbCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTkzLCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa1nN%2BQwAK7PKuxhhzgcNegDY04hVyR%2F%2FCOB0efx0fq%2BKpMtsyoClF4zN59lfvjUYT%2B1NJXLL7g5wl7pbyAwwdOi93sofO6EpdwdVbIKLL%2FxUXNp05JYJHPmSKI4ZbliK%2FZlRLeKK46Dfw39v1YhClY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8460f8121784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:31 UTC
css2
fonts.googleapis.com/ Frame AA42 		4 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:45:40 GMT
server
ESF
date
Mon, 08 Nov 2021 02:54:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 02:54:30 GMT
css
fonts.googleapis.com/ Frame A91C 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 02:45:39 GMT
server
ESF
date
Mon, 08 Nov 2021 02:54:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 02:54:30 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A91C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:28:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame A91C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:54:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A91C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:52:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A91C 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:52:31 GMT
l
www.google.com/ads/measurement/ Frame A91C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToLQ0Ooc4vC9CiUVHhltQOaQAosOd1kSkrgKu5GFLqJFh9yErxtuZpnasQ7HRmnuBfnMQBrajsiuKOKjnXf6X4PynDiQ
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A91C 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 02:54:30 GMT
5193475774055ccce470a7af02e48ef6.js
www.gstatic.com/mysidia/ Frame A91C 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 03:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 05:34:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 05 Feb 2022 03:46:31 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame AA42 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8166
x-xss-protection
0
server
cafe
etag
3013067873597081824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:52:54 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA42 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:31:14 GMT
x-content-type-options
nosniff
age
386596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 03 Nov 2022 15:31:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA42 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 04:31:32 GMT
x-content-type-options
nosniff
age
166978
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 06 Nov 2022 04:31:32 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2808 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Nov 2021 02:06:15 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C783 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Nov 2021 21:56:09 GMT
expires
Mon, 08 Nov 2021 21:56:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
17901
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame C783
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVlpUlpRQUFBcFNvWFFBeg==&google_gid=CAESEMMR0r1YxCWh7AmN6cm0ekM&google_cver=1&google_push=AYg5qPIgVlNt999Knu6Kf_dvosnzyVzZKq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVlpUlpRQUFBcFNvWFFBeg==&google_gid=CAESEMMR0r1YxCWh7AmN6cm0ekM&google_cver=1&google_push=AYg5qPIgVlNt999Knu6Kf_dvosnzyVzZKq3WwUkH2y88O5Mcv0BC0Q2Q1sWKsTVfTZIxdsSfvaSOnZzG-K-_DXK8rLazw1Wd7Fk
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636340071.641601,VS0,VE0
x-served-by
cache-lga21921-LGA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVlpUlpRQUFBcFNvWFFBeg==&google_gid=CAESEMMR0r1YxCWh7AmN6cm0ekM&google_cver=1&google_push=AYg5qPIgVlNt999Knu6Kf_dvosnzyVzZKq3WwUkH2y88O5Mcv0BC0Q2Q1sWKsTVfTZIxdsSfvaSOnZzG-K-_DXK8rLazw1Wd7Fk
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C783 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAigvXGuP9-JSpEoLd9PPoo&google_cver=1&google_push=AYg5qPI1bUVYaqYAM6fCvksgsAtNHIvyHjbLeKYXcLnTKmF7w-zJgvIimnkFWJbaMlbfWz7Ca_LFqn3DCPeepypbBQKyoDDudA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame C783
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEErW_65D0DBmuxbMzhud5To&google_cver=1&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65n...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g&google_hm=mcaniLH0TL2scwvklwFWFg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g&google_hm=mcaniLH0TL2scwvklwFWFg==
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g&google_hm=mcaniLH0TL2scwvklwFWFg==
Date
Mon, 08 Nov 2021 02:54:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C783
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESENivK05p4XLO-iPg1_Z4_0c&google_cver=1&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCE...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCEaEUtXCFhcqj9yWA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCEaEUtXCFhcqj9yWA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:30 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPJUJSFrBZlf2na3-FXqkuoLG_mWx5uZAdp_v9f_P1QWRL58jHpODIsy4iBvBqgTMaZwz4Z0cc75ujCEaEUtXCFhcqj9yWA
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
193
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C783
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEMXfVcm_2wojYMaq3bKc-Mk&google_cver=1&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un2ZOUZCh3UTZRm3sqEV8-ENnRJgmE6E&google_hm=QWU5YmxCUm9lUExPQzk5RGpTd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un2ZOUZCh3UTZRm3sqEV8-ENnRJgmE6E&google_hm=QWU5YmxCUm9lUExPQzk5RGpTdjNKQ3c=
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLz7adIJYrgNCtJQECrtfwo3Y9cQA-NIAtobAJsIuZuVlTmPqSuLgfTkKaoHg0Un2ZOUZCh3UTZRm3sqEV8-ENnRJgmE6E&google_hm=QWU5YmxCUm9lUExPQzk5RGpTdjNKQ3c=
Date
Mon, 08 Nov 2021 02:54:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame C783
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFU1c-4cw7t-Rgp_yRJf01Q&google_cver=1&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7w...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFU1c-4cw7t-Rgp_yRJf01Q%26google_cver%3D1%26google_push%3DAYg5qPLASp6IUCUVIMpzH1...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8908708685674982044&exchange=193&google_gid=CAESEFU1c-4cw7t-Rgp_yRJf01Q&google_cver=1&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsg...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg5MDg3MDg2ODU2NzQ5ODIwNDQ&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg5MDg3MDg2ODU2NzQ5ODIwNDQ&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg5MDg3MDg2ODU2NzQ5ODIwNDQ&google_push=AYg5qPLASp6IUCUVIMpzH1g4_FLuVZaUXJsleZxpLUoHdVenfJsgJzswlSt0n_UTevH9LEePbK-lbE7wJsetloxIhrMTqjXrTufW
Date
Mon, 08 Nov 2021 02:54:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame C783 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEqn9WIQXTZjXDS_nsDUwZc&google_cver=1&google_push=AYg5qPJx999K-0Rrx9tqin3n6xBJi8XOSOc6o2qkS6Sthit_vgkHb1SPzQUyFqK7QtCGC7Iq_Awsvwnlad3EKzu0O1BRNujF8Jhp
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 02:54:30 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C783 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4myRGMYIAZTD82oGmL6afeucaMaYUWbvH14qZJ-GSwuF6fRfqRvgRgdDK7Fsbw1TehKdwvN4
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2808
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Nov 2021 02:54:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Nov 2021 02:54:31 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Nov 2021 02:54:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SPug
simage4.pubmatic.com/AdServer/ Frame 3686 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
army.gif
www.weather-us.com/porpoiseant/ 		0
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODQ5MzUyNjk5NzY3NTkzNCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJ3ZWF0aGVyX3VzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODQ5MzUyNjk5NzY3NTkzNCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJ3ZWF0aGVyX3VzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg0OTM1MjY5OTc2NzU5MzQiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0Ijoid2VhdGhlcl91c19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:32 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9jTN4UrkoG%2BDkCHgLqRpEPyydpw0XWtQgy8fITJ3BP9nmHqfed2C%2FDbNJaK67AVk49gKFO67MSV218utWHfErLMpbvHF8UW3BySC4mTO0NoXIQobiL8H76jUwsfZ7J2Tra0H2DyWQuIiXBmadcYmLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab846a4b621784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:31 UTC
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=497674177394951&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ris=3&rcs=1&prev_scp=a%3D%257C252%257C%26iid1%3D7895063989747713%26eid%3D7895063989747713%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dweather_us_com-box-3-7895063989747713%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D187%2C168%2C0%2C34%2C0%2C168%2C187%2C20%2C143%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C919%2C2030%2C783%2C16%2C12%2C13%2C14%2C15%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1100%26reqt%3D1636340072487&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340072&dt=1636340072492&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=136&adks=3533397810&ucis=1&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x252&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
805399367df09e2b8ff7cd92cf2e32395e9b146199a5dcd38d9ac94e1d8092fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=3945298738043958&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=3&rcs=1&prev_scp=a%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%2C11%2C12%2C13%2C14%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D950%26reqt%3D1636340072484&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340072&dt=1636340072496&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=603&adks=3973906509&ucis=2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x280&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
51cf452076b681728e1993ae184c7ae424201372265eae0404287054bc99ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=2799887892425049&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=2&rcs=2&prev_scp=a%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D350%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%2C11%2C12%2C13%2C14%2C10%2C11%2C12%2C13%2C14%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1636340072998&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340074&dt=1636340074005&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=603&adks=3973906509&ucis=2&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x280&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
6622c23da94231c74eead1e272ccf546fb07f702dede288e9c01684c691d9e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=4211205743900717&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ris=2&rcs=2&prev_scp=a%3D%257C252%257C%26iid1%3D7895063989747713%26eid%3D7895063989747713%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dweather_us_com-box-3-7895063989747713%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D50%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D187%2C168%2C0%2C34%2C0%2C168%2C187%2C20%2C143%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C919%2C2030%2C783%2C16%2C12%2C13%2C14%2C15%2C17%2C19%2C20%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C916%2C915%2C874%2C835%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D550%26reqt%3D1636340073016&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340074&dt=1636340074019&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=136&adks=3533397810&ucis=1&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x252&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
d62a1005ebb91853d8fd2a38512e000f2b6139c97eb1d0e08fdbe3748253b115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9689
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
www.weather-us.com/porpoiseant/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxNTcxOTEzODE2NzE2MjAiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ2In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wr7SaR%2Fd4kgv3%2BePQqK3AcG%2FW5WDyznpM5gmVtCasJ7q3wbA6BrF7kfhTOlWqVjFHxeKlqgr%2FugLJXFBOF7nTh064%2BuuK0x2zu%2B2eHo375kQKDWZrQfuRXFBCOR2Ocq6ubABwbbgWK404oWbi4jdQxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab84774b831784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:33 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEzNiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxNTcxOTEzODE2NzE2MjAiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAzMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNjAzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFSorBzxKKSxZ1zLoeWmH77Gadx0PBHlGZ8jeaiW5TLK5e3ooNVBnhKprR4mI20CEYDlBXZb%2Fk%2BUGsq9uL68gY2%2FXsPwpPDmZ4MNmv2SAkfKQsczf%2FVZG83Gx9FWZf0Y5kK2qdkHr8l1Zgjkv7OJNak%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab84774b861784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:31 UTC
container.html
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5224 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 02:54:29 GMT
expires
Tue, 08 Nov 2022 02:54:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
army.gif
www.weather-us.com/porpoiseant/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc4OTUwNjM5ODk3NDc3MTMiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjNiYTk4MmZjNDIzOGRkNDE5N2IxZDUxYjM0NTQ3OGRjIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3ODk1MDYzOTg5NzQ3NzEzIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDU1LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc4OTUwNjM5ODk3NDc3MTMiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybOh42QbESuMbguAftotK2z6igEyasFmC%2F%2Fs2RwaS3GzwogVYPbuxIDX22pn7Y%2BQVSFGtlQ2aaHCuh9uuPwi7yEuEIfDrvLFUyP3yQ%2BubTfKlrZHxr8CNvin3Cctd%2FkFfcQoAKggIyAwWt70IBWF57M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8478fedf1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:38 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0xMS0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LycsvZjoLt67wUvuIiZEOvTSD8fcOCW0kA9cMLFBJvl6BjbkpTdF5gh7CJMKbJ2sEv8p11DlWqI7ERj1HPHTREa2GUb1UFQn96lf7R1KE59wYdC0zbp1CMteC%2F1MiA3NblELvkqaT3D1xvCa3OOJimU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8478fee11784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:41 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhdWN0aW9uX2Vwb2NoIjoxNjM2MzQwMDc0LCJhZF9wb3NpdGlvbiI6MTEwMywiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImJpZF9mbG9vcl9pbml0aWFsIjoxMTAwLCJiaWRfZmxvb3JfcHJldiI6NTUwLCJiaWRfZmxvb3JfZmlsbGVkIjo1MCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzcwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6qQWV2zGDa5QSdd812Uwza51LTK%2BNBSj%2FfZflmT1aEF8jQikTBO7Ncb%2BLT%2BkpckACJH%2Bi1kqF0SLHX4s%2BzJoCL1P%2F3jM5LOnjRnxROlZk2o5JJE2uxtwHb29NoTOfgnDyD7FHyK%2FWMQh%2FLem3PCxSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8478fee41784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:33 UTC
pixel
googleads.g.doubleclick.net/xbbe/ Frame EB08 		624 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Nov 2021 02:54:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5224 		13 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQjfz3IABaU8VsSQHldl0We1RXZ8GAisaYhtEEDI7eeWeXgpWtPV3V41sHFGSr3bRn5pivF77sbkGgnh-qs83jtA_Pd2jY6EitWeol3jt8z95mYyk2eeoE2tGQULgVJWsIYxiWbynjmS1Tm3FMeoLrVFTSYw&cry=1&dbm_d=AKAmf-DcocL-z1Sz2D9EdgRu8JO2e-B0FwSSbwhdsKJCQQaUxqaYTqizom9TdeCXG1Sx-UGNXl71p1BGfVv8QTXZt9UbjLBImOWvoEWRqEJ-CsSkFZHiqtAc2CLURvCzjM-OHuR4qDWffafAE9-11qbXp0IfAk40ij2ieyQe8loHqe-hYBsGrVLYhK23sBpJ2fDnniYJ7TKO7yfbnvlHfExlohK5i5k3y_BS6CXZ_vL4-YWclSXhLJDVzJQZNLTGYK8TOAOY-jOKsY_BMv8UgilQU_yBUleiKqzPBtrXOrQqX1RbG2y89WDKIRzDAowK4l1aKxO9dffWaiIaKRGNXfbywuhyR5cdomv5g-ZFxarZrw1AlgWCo5hdXvXIDfq0zkQ311g7DKhV-QcnnFkpqmw1OPoFtek3KFYPkLEFSRy11Ievxc1VzQ2AmMWunsLuljINreGc7cLCVFdVeIEz8_mZD-DJPKaTS5kaydXL6hgT-PiBmO0kX1ZPAD9puNSvniGTdYnKHnFN7Miggl_kTdICplVNWC2KWTSRzCoG9JzgMSPZCrjxXLtbgQxM_9P7mcipFkUdzqxo70uWpomJqwvEIFHyhx1jHHhYbcVTYtPP4NEB60Alk-E2Y9gWXbplsYMKFfm6YqeGqOgS3I0MNqqYoNCrQB9jUmKabNxwgt86esdmAAy_oPZ3YZYaxmdaapkzdqVHQosfR7HMOGq28NZov3S4nta1u_uq6tr5b-MtE5MyIbXGmo2QoIuNzHLAt53KwV9n_Ihxc2JNbYpTC3lcfO-WhVBYWxnAheofJ4LScazCnhw383lqSDERWg9J4pCY4M883aaLDbvGt5P1SsBHlRTRW57bclRAe-7NZ82Y1LUXJ4IKnFtVB29dzJEpf1SppEQPWatqvGaEAO14K59wq1lTxobmf4adSPPELxzA5p4FTRDimLBIlpJIR8H9k7_fuZqv89UlZzrBARLLsDW0zlG8qDOOGWRvAZzU5IAQlzWq7CZ0cCqhHZayR1HjMZnjQobcP-1fz6FD70WUrLT-ojMK-JQi1urfGfPNeMuMUl9YWzke3Io9Xu45WzJbyayigFrlwFRQeWNjBBOMhCLBRaI322CigRBdvAYPrK4ywm4BC5RWf_4VhXVLQLqj9agsqf21mxnOFR7rHbz-HzvPOWmEqJDQaJjdmHncwMHGKKIoQ1Msl_8KlILYYv-05y9vt7bTV-5UWfXyMQ6L0x1ynlhRfCcH3Xg2Fkn74e91WyDcloSeqSinAVcWs97LZohqWgu6r7ISjuhNGUOkEoGXTXAbP4EyzHcSq2ByOnvKGNKn-Qx6_kmy8hrRbxy2oIJp_Ov4it1T2nwitJizBTVHlTdf5CYYNkLW-AVZAr0mVIvvfkakw9j2Mf-eXsYFMCHjHFh36r6eI0BSx5WK8YjfPpGv46YcvpIxEh2VnBO1fWD5dULTL_VN5HWVRLLUmhzO-4Rd2F2iB_nfRXhDXjbI6WzYOfnwubLAt0ZYx7XCNzJWlzaWwntqFd3giM0TggKn1t-xfWjTBtIPFs6zU9cu8dinOFZTZv4XI5RyESaZS6gjEscBacq6eVBJgN_0daIHdKXhQ1FSirLDOafCuTRVez0QGDGoN0Z23CSZzFIUJBA27ii7LKHlGsNp-i-VT3cOamiWT4yYhcM8t9LATJdZhGbBFlLgewGiL8ExzLegRMdMrzP4RoVeDjUK68PBIkGA2o8CTWhPO_4unhMs-r0qg-Qo12SO7gxT99oI7y_PJGQEetd_fQfZXLQRXkcr-ifsVd1WrFEN72YxFqmothGWaiR5OuSe7elaeZNVuZTl7854-bUjK0YBmTs0aTjpaeAEIYvY2-h4qbMrS-Kw6y7gvs9S9-cPS-V69zJZ4DdZ1JJXm7XYprHsHpQC1PMJ1qNSWF9Fbo5iOSTCynN4lsAl-FmrFKP0yUZStqwQobrotnCEmscP8Nkys7QS9HfQypxnEdteAIw9CEasq_P-_B7eqcnftExOt9HGsEDQ4S-TAUdU3GYJbWHU1AELNJydYZiVxJRpK2D3kCAPcyMnuAJouvuuvqkfFQOWkYnhUMwABis1uHkasVIyO3MfEdV2AW7L2kOhq6HNnADSzGOfOv1MT42ph03UzzHM8KYM-AniumIspyq_gE4OiO03gVz81zwN-mHhCkBLs2kDvs2AAs7XW8J96AdDTZSCObz78p7LMtw_vCV3CZQ6GmEWim02aGqrfFq5i2784SwpprCzCki3-3iQ3e-THj-z-VVpijMjoXFYW3rMgswNVBkEyDv6j5fea7NsosxqxvDqxlgMq6g3xA9BtjIbqGGVOIaHcN0CnVt4Wzx3Jr318vsAFwcqV9hFf7swvP6tAHwvmZsIZVkvCzwoawGrD-Eu2j2A_lPgLd4oFn_Epfx_4hyMa4qfmsndOytt95-3u0-duWn85U81E6K3ot8etiF-wmLr0j1WsmEO4SypzjQZ2ahfU5boNoy-AzriH0NxIbe9svBNlZ1itLZIn4-IZrNO7SZDe7qe929xWLwceitLu30E9V-9sKjma0vYXXQ9uHYAFHWzLB_OajALzosFjN0_8uZgM4VbQGUTI5W4k9zctPpx63cwP_z-31xiLzqGoQUPS5_-vnLBonj8AMpQJv57VJxbwJKDPEc63g5H5qU64WZrFeVCte-1eDc69hI-FU3G43UP2ufAQhuaoI7Bdi-jkQFwibIS8AB8rem3ZV1LXt9k2tDUWXgYiSJhfAbwybZqbXMssLKxti-hJazn6rBLz3MqnGSbm8iMMNYRva3OvQGbl7dQQwsTPci5Wz7DX0Nk4krAEnk9xAbXsACbP2Q-5wqikpqw2yQqhiHSTndEOHBsxbn8NtiLRFvCG8uphzdGVUwFcwIEP1GqKYQSsyxHEc-DUfqhypv8obNn9TskdM_4OK9VRwt2LHKTB8iKXU9YArUMlADAfj0K_qjglux1RpomeplxbOSDLF17FaBWMjUrALOIvzE2nKLTNbozVGKkCICCar2SttObxy6G4wjQVX6Kqn-sxdPbZielovWiY4VS8nY5yq3YlH8Qhd4X&cid=CAASEuRotd_Q7x-rLK9TJIeqnFPpwA&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36ab7601ba2118cea8b5a30787fdbf130fd26d619705f699ba838f9072c70469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5224 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aawe4yMUJ9m5XcHCo0Ai_eP0-XK0NciyEVfuoJx6ZEeIakxVNLKhiBLsYqaFEIC6TR-CYSn9HDQI8ukVqg7i_JFDQvXooEJpMFBTV47-oqKVie4uU
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
fw.adsafeprotected.com/rjss/bs.serving-sys.com/861472/58118884/Serving/ Frame 5224 		0
0
jload
pixel.adsafeprotected.com/ Frame 5224 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=21165945&campId=55896175&pubId=1&chanId=424024280597&placementId=387935559&dealId=&adsafe_par&impId=ABAjH0jx81Mk7uw2bDWGvM-kWnCv&bidurl=https://www.weather-us.com/
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.96.27 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
56a56a0f43adef1acd89668bc23f7dce756898642139fcf99c7d23ad9846d4e4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
x-server-name
app13.va.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211104/r20110914/client/ Frame 5224 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
314b423bd9d48f1a5e51079dcc83ee6eecad1a276f1ce928fb3454debc9192b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:22:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1411
x-xss-protection
0
server
cafe
etag
6253377622373838478
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:22:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211104/r20110914/client/ Frame 5224 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67229a898b0464fde474b8a6966da4dfe548cbe445df2120080333eeb40d37f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:16:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6571
x-xss-protection
0
server
cafe
etag
15091339945457397414
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:16:41 GMT
l
www.google.com/ads/measurement/ Frame 5224 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTM3I6e9NP-cXJQW69yIFRHBBUzijVaDMytz5uYB-TYxX6IO_8IlaXsa4nLfy95HDcv9eZ8NdRCfyWWTap3H-yt6ulPdA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5224 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 02:54:34 GMT
rum
dsum-sec.casalemedia.com/ Frame EB08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EB08
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYiRZdANBuf1s7HSHga2JgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPKKd3PbfQMxG--4V0w4OOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EB08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPkWjFAer_Aews6fMHe0Pfc&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPkWjFAer_Aews6fMHe0Pfc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Protocol
HTTP/1.1
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:34 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
58ecb687-bd1d-4b26-b2a8-675efc0dcbff
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPkWjFAer_Aews6fMHe0Pfc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB08
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NTM4MDAwNzQ5NzM0MzQwNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NTM4MDAwNzQ5NzM0MzQwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDms8PMAhjH2v24ATAB&v=APEucNUzuh-QNGbj-5XTfyVWsn2pe5QFjivfFxalHtnDiOwHjsa4BVAxLZdRo5goklmge3CGgq5fAqJQKezGLPXew5BegLbbAA
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:34 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ba251d5b-e850-40eb-a696-04f6c3f623a8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NTM4MDAwNzQ5NzM0MzQwNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=2799025657120730&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=1&rcs=3&prev_scp=a%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D220%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%2C11%2C12%2C13%2C14%2C10%2C11%2C12%2C13%2C14%2C20%2C9%2C10%2C11%2C12%2C13%2C14%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D350%26reqt%3D1636340074513&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340074&dt=1636340074520&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=603&adks=3973906509&ucis=2&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x280&msz=300x250&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
b659a71ed1f046d0c48213346001294485687300e61b5f91f1b733e75da15105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5224 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQjfz3IABaU8VsSQHldl0We1RXZ8GAisaYhtEEDI7eeWeXgpWtPV3V41sHFGSr3bRn5pivF77sbkGgnh-qs83jtA_Pd2jY6EitWeol3jt8z95mYyk2eeoE2tGQULgVJWsIYxiWbynjmS1Tm3FMeoLrVFTSYw&cry=1&dbm_d=AKAmf-DcocL-z1Sz2D9EdgRu8JO2e-B0FwSSbwhdsKJCQQaUxqaYTqizom9TdeCXG1Sx-UGNXl71p1BGfVv8QTXZt9UbjLBImOWvoEWRqEJ-CsSkFZHiqtAc2CLURvCzjM-OHuR4qDWffafAE9-11qbXp0IfAk40ij2ieyQe8loHqe-hYBsGrVLYhK23sBpJ2fDnniYJ7TKO7yfbnvlHfExlohK5i5k3y_BS6CXZ_vL4-YWclSXhLJDVzJQZNLTGYK8TOAOY-jOKsY_BMv8UgilQU_yBUleiKqzPBtrXOrQqX1RbG2y89WDKIRzDAowK4l1aKxO9dffWaiIaKRGNXfbywuhyR5cdomv5g-ZFxarZrw1AlgWCo5hdXvXIDfq0zkQ311g7DKhV-QcnnFkpqmw1OPoFtek3KFYPkLEFSRy11Ievxc1VzQ2AmMWunsLuljINreGc7cLCVFdVeIEz8_mZD-DJPKaTS5kaydXL6hgT-PiBmO0kX1ZPAD9puNSvniGTdYnKHnFN7Miggl_kTdICplVNWC2KWTSRzCoG9JzgMSPZCrjxXLtbgQxM_9P7mcipFkUdzqxo70uWpomJqwvEIFHyhx1jHHhYbcVTYtPP4NEB60Alk-E2Y9gWXbplsYMKFfm6YqeGqOgS3I0MNqqYoNCrQB9jUmKabNxwgt86esdmAAy_oPZ3YZYaxmdaapkzdqVHQosfR7HMOGq28NZov3S4nta1u_uq6tr5b-MtE5MyIbXGmo2QoIuNzHLAt53KwV9n_Ihxc2JNbYpTC3lcfO-WhVBYWxnAheofJ4LScazCnhw383lqSDERWg9J4pCY4M883aaLDbvGt5P1SsBHlRTRW57bclRAe-7NZ82Y1LUXJ4IKnFtVB29dzJEpf1SppEQPWatqvGaEAO14K59wq1lTxobmf4adSPPELxzA5p4FTRDimLBIlpJIR8H9k7_fuZqv89UlZzrBARLLsDW0zlG8qDOOGWRvAZzU5IAQlzWq7CZ0cCqhHZayR1HjMZnjQobcP-1fz6FD70WUrLT-ojMK-JQi1urfGfPNeMuMUl9YWzke3Io9Xu45WzJbyayigFrlwFRQeWNjBBOMhCLBRaI322CigRBdvAYPrK4ywm4BC5RWf_4VhXVLQLqj9agsqf21mxnOFR7rHbz-HzvPOWmEqJDQaJjdmHncwMHGKKIoQ1Msl_8KlILYYv-05y9vt7bTV-5UWfXyMQ6L0x1ynlhRfCcH3Xg2Fkn74e91WyDcloSeqSinAVcWs97LZohqWgu6r7ISjuhNGUOkEoGXTXAbP4EyzHcSq2ByOnvKGNKn-Qx6_kmy8hrRbxy2oIJp_Ov4it1T2nwitJizBTVHlTdf5CYYNkLW-AVZAr0mVIvvfkakw9j2Mf-eXsYFMCHjHFh36r6eI0BSx5WK8YjfPpGv46YcvpIxEh2VnBO1fWD5dULTL_VN5HWVRLLUmhzO-4Rd2F2iB_nfRXhDXjbI6WzYOfnwubLAt0ZYx7XCNzJWlzaWwntqFd3giM0TggKn1t-xfWjTBtIPFs6zU9cu8dinOFZTZv4XI5RyESaZS6gjEscBacq6eVBJgN_0daIHdKXhQ1FSirLDOafCuTRVez0QGDGoN0Z23CSZzFIUJBA27ii7LKHlGsNp-i-VT3cOamiWT4yYhcM8t9LATJdZhGbBFlLgewGiL8ExzLegRMdMrzP4RoVeDjUK68PBIkGA2o8CTWhPO_4unhMs-r0qg-Qo12SO7gxT99oI7y_PJGQEetd_fQfZXLQRXkcr-ifsVd1WrFEN72YxFqmothGWaiR5OuSe7elaeZNVuZTl7854-bUjK0YBmTs0aTjpaeAEIYvY2-h4qbMrS-Kw6y7gvs9S9-cPS-V69zJZ4DdZ1JJXm7XYprHsHpQC1PMJ1qNSWF9Fbo5iOSTCynN4lsAl-FmrFKP0yUZStqwQobrotnCEmscP8Nkys7QS9HfQypxnEdteAIw9CEasq_P-_B7eqcnftExOt9HGsEDQ4S-TAUdU3GYJbWHU1AELNJydYZiVxJRpK2D3kCAPcyMnuAJouvuuvqkfFQOWkYnhUMwABis1uHkasVIyO3MfEdV2AW7L2kOhq6HNnADSzGOfOv1MT42ph03UzzHM8KYM-AniumIspyq_gE4OiO03gVz81zwN-mHhCkBLs2kDvs2AAs7XW8J96AdDTZSCObz78p7LMtw_vCV3CZQ6GmEWim02aGqrfFq5i2784SwpprCzCki3-3iQ3e-THj-z-VVpijMjoXFYW3rMgswNVBkEyDv6j5fea7NsosxqxvDqxlgMq6g3xA9BtjIbqGGVOIaHcN0CnVt4Wzx3Jr318vsAFwcqV9hFf7swvP6tAHwvmZsIZVkvCzwoawGrD-Eu2j2A_lPgLd4oFn_Epfx_4hyMa4qfmsndOytt95-3u0-duWn85U81E6K3ot8etiF-wmLr0j1WsmEO4SypzjQZ2ahfU5boNoy-AzriH0NxIbe9svBNlZ1itLZIn4-IZrNO7SZDe7qe929xWLwceitLu30E9V-9sKjma0vYXXQ9uHYAFHWzLB_OajALzosFjN0_8uZgM4VbQGUTI5W4k9zctPpx63cwP_z-31xiLzqGoQUPS5_-vnLBonj8AMpQJv57VJxbwJKDPEc63g5H5qU64WZrFeVCte-1eDc69hI-FU3G43UP2ufAQhuaoI7Bdi-jkQFwibIS8AB8rem3ZV1LXt9k2tDUWXgYiSJhfAbwybZqbXMssLKxti-hJazn6rBLz3MqnGSbm8iMMNYRva3OvQGbl7dQQwsTPci5Wz7DX0Nk4krAEnk9xAbXsACbP2Q-5wqikpqw2yQqhiHSTndEOHBsxbn8NtiLRFvCG8uphzdGVUwFcwIEP1GqKYQSsyxHEc-DUfqhypv8obNn9TskdM_4OK9VRwt2LHKTB8iKXU9YArUMlADAfj0K_qjglux1RpomeplxbOSDLF17FaBWMjUrALOIvzE2nKLTNbozVGKkCICCar2SttObxy6G4wjQVX6Kqn-sxdPbZielovWiY4VS8nY5yq3YlH8Qhd4X&cid=CAASEuRotd_Q7x-rLK9TJIeqnFPpwA&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 06 Nov 2022 16:05:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8374 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 06 Nov 2021 16:05:57 GMT
expires
Sun, 06 Nov 2022 16:05:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
125317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame 8374 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
364458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 21:40:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8374 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAf6XapGIYbefHe2SoPMPiYmw0AUAAAAAOAHgBAI&bg=!k5ClkNTNAAYH3anuB907ACkAdvg8Wu1qNucT-MyLeQn9L8vhKOcLMlV2bKylamqblNuR96WVbndkUgIAAABgUgAAAApoAQeZAxECXtpXlmWLQuT3rxXcRb-_YmBINFZXNccXdigIcFlrvp05jgahWFET_AAAuZi4Z2Fw5p3A7AN4OA20Lz_R3WyIlt5jZUTdzXq-n5eo5XhZY1s1t9A95H8GRhOHnKmaeVz5fCOT3cu4iyQYcDoJ4TtbeWHRSJB8sT9aclDMvjOarpfGlDDLG8d5-cVzAkT7MO0TCveoy-hbytS9M9NQFoNvcF_ERuLhzAM7xwXApfjLVK_XRgQ37Rko1f0wshEB2ngkf-OcO6PMQmqYG6D3cOfivrjdNHO9I_5wnrYXZLfSA6gSMh5bOcxo7fVBGmnBMs4MpiHs88SW_clD7ssF-4COJ_yqPzHaPmgY5rFTy5669vboHntcdAsSpcAGCENcxCs_TzKxy8yrE9IwX5JZMo0ubVeZinjdknw_KPvcrOq6vhnrrgPM0kiz_3k7D_-5DmvGqLN6b5So96grlOFL2SnoZ3kghk_ZQdozQ8dKnFSK4uu7cE1vhTdQ9D-f2lVTI7ArTs-b3ggBpLY2RRYEdzBbnnthMdLI3ZFiFBgDegiAgI-0BTm2zVYKjrXjfHBu-2-LE1-ZrUlvhfAZZkv_jOEn0Wq6OqVpCasdiOJUzAqq6JLLpehCsAxUpWgOr-YU_9LvNfEnDs8sg_1ChuxTilJHijGSKR4H0nqhg6O1mhAzeR3pJrdQ0sPJwji4IKY4Ypxb-Yf7eUGmz_QJXfGKFK0nPr8xZlhjxAL_mYg_kcciZYD3FLa5-y7xkLxeW32JqwB5qJ-ntRQclzvlRIzQVj2EdpJ2ytWzr4NXXeJ5KmFsnYUCJPvo_X_5wwnBqN2TBTnlc2fu_b-I0fjzxdkSp3UE0YYas0m1YObM8zpPXlrVkxBm8-IcS-Zg0-FbOJtFOCD2ScBBqytz5s8LDIka--gC9WaY6J7k3jYv52kxsw1jxMVc5NXJRooc6c7FuD3mDD8UModvLWQHf4ePaIK9SjkXEXMCju-fFxUiph2XtfE2qEIjGP1Jjrewg6Fn-qw-NSRqCdymMnUYbAh3PnOr7phJYg
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.weather-us.com%2F&domain=www.weather-us.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.weather-us.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.weather-us.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1796
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.weather-us.com%2F&domain=www.weather-us.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=V3TnbnxnalprMVVqT1ArU3NRV0FYM1ZBQnZZc2lCcTdhZmR1cUNReWdncGNnTHlkZmFGOTh2dlBqakU5OFJxc0pWSjRzdXNmbXFyMmUyQmVMNUpib2JXWkwzTlM5VzkzV0RpN1U4c3RDN0JRbXVMV0tOdDUrYnVWSnluSk...
345 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V3TnbnxnalprMVVqT1ArU3NRV0FYM1ZBQnZZc2lCcTdhZmR1cUNReWdncGNnTHlkZmFGOTh2dlBqakU5OFJxc0pWSjRzdXNmbXFyMmUyQmVMNUpib2JXWkwzTlM5VzkzV0RpN1U4c3RDN0JRbXVMV0tOdDUrYnVWSnluSkI3SmZLNWdhc0x6Ty83b3Y1cU9PaVdsRVFkTCtBVERrbndKL21UV2NnaFBpL3lSa21lbWI3UHk2bk5IZXJjelBXbkp2Z01teVdENXFlcThVYnBuT0J3OHdkUVNlcHdUNkhwL0d0WlZZOFlEeUlIaW83NGQxbVh6eUt5WGgvUDhrTHE5cXB5M2xXfA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b0333fc7c632062ed5b5d228f6af483ac7ac1b06a7703908ab434c5606e766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 08 Nov 2021 02:54:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2523
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 08 Nov 2021 02:54:34 GMT
location
https://mug.criteo.com/sid?cpp=V3TnbnxnalprMVVqT1ArU3NRV0FYM1ZBQnZZc2lCcTdhZmR1cUNReWdncGNnTHlkZmFGOTh2dlBqakU5OFJxc0pWSjRzdXNmbXFyMmUyQmVMNUpib2JXWkwzTlM5VzkzV0RpN1U4c3RDN0JRbXVMV0tOdDUrYnVWSnluSkI3SmZLNWdhc0x6Ty83b3Y1cU9PaVdsRVFkTCtBVERrbndKL21UV2NnaFBpL3lSa21lbWI3UHk2bk5IZXJjelBXbkp2Z01teVdENXFlcThVYnBuT0J3OHdkUVNlcHdUNkhwL0d0WlZZOFlEeUlIaW83NGQxbVh6eUt5WGgvUDhrTHE5cXB5M2xXfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2697
content-length
509
expires
0
cookie_sync
pb-server.ezoic.com/ 		510 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/cookie_sync
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.114.16 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b41c7d662f71f0fa5e93052c53e8fdc01c1e4c40114e5b9d8ee74026f2364a48

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
EWR52-C3
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
510
x-amz-cf-id
x6rJegkwdO3zI4xe1CM45mwLJGoopWkNAOotvBGotkiDJPeRvmGP3A==
expires
0
auction
pb-server.ezoic.com/openrtb2/ 		161 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/openrtb2/auction
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.114.16 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cbeffefe20cffd7e735b9304062d4d689a4e07db8b77a7746c50d36ae83dc2d8

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
EWR52-C3
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
161
x-amz-cf-id
zNiY9bhVwyyPGZRc4b6-4NqmuSHj1lt4_4esWCnh-SYgTQn9ZiiJzg==
expires
0
ortb
bid.contextweb.com/header/ 		0
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
server
envoy
cwdl
22/4211,22/4211,22/4211
access-control-allow-origin
https://www.weather-us.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
cw-server
bid-deployment-5f7c564c85-zvvwt
prebid
prebid.media.net/rtb/ 		37 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6cc4dc0e965cf32146b0ec116e3f816b02201238c5b77fb569175a4f4e2b2712

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		25 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=305138&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217231c68978a8bf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.weather-us.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.10.0%22%2C%22userIds%22%3A%5B%22quantcastId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22184d1af853a05b6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2219a1aa659f59849%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222008c2a7c8e498e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305147%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22ca795391da0aaa38c9f60e344ca4af9e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.50.75.217 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9822f2322eb498794f2b2908c6d3928116eed36e50b80d6e22ec32e1b49881cb

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[US], RC:[NJ], CN:[NA], CIP:[87.101.95.204], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.weather-us.com
x-cs-client-geo
01
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
01
expires
Mon, 08 Nov 2021 02:54:35 GMT
cdb
bidder.criteo.com/ 		18 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.10.0&cb=44548239071
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weather-us.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
imp
g2.gumgum.com/hbid/ 		601 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?quantcastId=P0-13203061-1636340069083&si=20829&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!ezoic.ai%2Cca795391da0aaa38c9f60e344ca4af9e%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weather-us.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.10.0%22%7D&ogu=https%3A%2F%2Fwww.weather-us.com&ns=10240&gpid=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c4d6e6fb7df77ee7bb952b880eed6b1ab9a2593c8525d3a1342c0fd9661653a5

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weather-us.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		601 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?quantcastId=P0-13203061-1636340069083&si=20851&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!ezoic.ai%2Cca795391da0aaa38c9f60e344ca4af9e%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weather-us.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.10.0%22%7D&ogu=https%3A%2F%2Fwww.weather-us.com&ns=10240&gpid=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.77.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-77-52.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8f9a55a217714df5081bfd701f447d6f626f42d618e8232f1d65d06146b57cb

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weather-us.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.10.0&referrer=https%3A%2F%2Fwww.weather-us.com%2F&tmax=3000&us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.57.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=1285521765612351&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-4%2Cweather_us_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x250%7C580x400%2C300x250%7C300x1050%7C300x600&prev_scp=a%3D%257C3%257C%26iid1%3D3586291009744808%26eid%3D3586291009744808%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1148%26sap%3D1148%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D1%26tap%3Dweather_us_com-box-4-3586291009744808%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D0%26bvm%3D3%26bvr%3D6%26shp%3D1%26ftsn%3D3%26br1%3D0%26br2%3D1900%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C0%2C34%2C0%2C168%2C66%2C20%2C71%2C30%2C192%2C31%26deal1%3D24%2C25%2C26%2C919%2C2030%2C783%26ax_ssid%3D10082%7Ca%3D%257C124%257C%26iid1%3D4268227603691682%26eid%3D4268227603691682%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1123%26sap%3D1123%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dweather_us_com-large-leaderboard-1-4268227603691682%26eb_br%3D736e09a0771285737509ab8954c475a7%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D3%26br1%3D1200%26br2%3D600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C168%2C0%2C67%2C0%2C168%2C66%2C20%2C71%2C30%2C192%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2030%2C783%2C16%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340075&dt=1636340075034&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=231%2C1030&adys=1368%2C1672&adks=2570825459%2C68465294&ucis=4%7C5&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x252%7C355x1050&msz=1138x250%7C300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
1157e5ceb886381a8cecf1650cdba519e9abd370450e55c626b277f036417ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12406
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V3TnbnxnalprMVVqT1ArU3NRV0FYM1ZBQnZZc2lCcTdhZmR1cUNReWdncGNnTHlkZmFGOTh2dlBqakU5OFJxc0pWSjRzdXNmbXFyMmUyQmVMNUpib2JXWkwzTlM5VzkzV0RpN1U4c3RDN0JRbXVMV0tOdDUrYnVWSnluSkI3SmZLNWdhc0x6Ty83b3Y1cU9PaVdsRVFkTCtBVERrbndKL21UV2NnaFBpL3lSa21lbWI3UHk2bk5IZXJjelBXbkp2Z01teVdENXFlcThVYnBuT0J3OHdkUVNlcHdUNkhwL0d0WlZZOFlEeUlIaW83NGQxbVh6eUt5WGgvUDhrTHE5cXB5M2xXfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1260
date
Mon, 08 Nov 2021 02:54:34 GMT
content-encoding
gzip
vary
Accept-Encoding
setuid
pb-server.ezoic.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIu...
  • https://prebid.a-mo.net/cchain/0/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=pubmatic&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3D...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaW...
  • https://prebid.a-mo.net/cchain/1/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=appnexus&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3D...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2Z...
  • https://prebid.a-mo.net/cchain/2/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=index_rtb&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0%3...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F19%3FA%3D9c21657e-0cf3-4c17-a9ed-586d543be821%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9i...
  • https://prebid.a-mo.net/cchain/3/19?A=9c21657e-0cf3-4c17-a9ed-586d543be821&bidder=sovrn&cbx=aHR0cHM6Ly9wYi1zZXJ2ZXIuZXpvaWMuY29tL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mZj1pJnVpZD0=&us_p...
  • https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=9c21657e-0cf3-4c17-a9ed-586d543be821&us_privacy=1---
0
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=9c21657e-0cf3-4c17-a9ed-586d543be821&us_privacy=1---
Protocol
H2
Server
99.84.114.16 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
EWR52-C3
x-cache
Hit from cloudfront
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
content-length
0
x-amz-cf-id
1dYRscIXJVdDr_3HCe6tre-NrAKKWk-3McyUADJ66fwEcLhswoUUqw==
expires
0

Redirect headers

location
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=9c21657e-0cf3-4c17-a9ed-586d543be821&us_privacy=1---
date
Mon, 08 Nov 2021 02:54:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
/
onetag-sys.com/usync/ Frame F04A 		2 KB
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cbef60c84c3a9eb0a7c19ff1dd410c37dcbac51c28c1f65550af4646ded4b98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
783
strict-transport-security
max-age=15552000
setuid
pb-server.ezoic.com/ Frame F04A 		0
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.114.16 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:35 GMT
via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
EWR52-C3
x-cache
Hit from cloudfront
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
content-length
0
x-amz-cf-id
d7gn8CkdnJf79_tj9WpV3QUiO9CyEwSCyGU-Kt2XwT1GMjMcptovrg==
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 8286 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
422018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Wed, 03 Nov 2021 05:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Nov 2022 05:40:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 8286 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
422018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Wed, 03 Nov 2021 05:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Nov 2022 05:40:57 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 8286 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
422018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Wed, 03 Nov 2021 05:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Nov 2022 05:40:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 8286 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
422018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Wed, 03 Nov 2021 05:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Nov 2022 05:40:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 8286 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
422018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Wed, 03 Nov 2021 05:40:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 03 Nov 2022 05:40:57 GMT
css
fonts.googleapis.com/ Frame 8286 		5 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c733809a15b6fd666d9c4e02e6fbf1382e73b5fbbba07d4cf8c5f33046c035a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 02:04:17 GMT
server
ESF
date
Mon, 08 Nov 2021 02:54:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 02:54:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8286 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:41:35 GMT
x-content-type-options
nosniff
server
cafe
age
780
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Nov 2021 02:41:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8286 		295 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Nov 2021 14:51:53 GMT
x-content-type-options
nosniff
server
cafe
age
43362
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 08 Nov 2021 14:51:53 GMT
l
www.google.com/ads/measurement/ Frame 8286 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkdTcV59AHFSVMp5ZK1hjavVvxzeDYYapvR8GwMP_BUxGh4p8QTje2Y2138Ik-uFfkYMOXewe-9-Hl4ZQbF8cZ6kuRgw
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8286 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLtBra5GIYeCVBpW6hweWsKaoCaDRht1ijMS44dQNloLNhYgWEAEg0dmWOWDJxqmLwKTYD6AB0dan7gPIAQHgAgCoAwGqBOcBT9AW7Linf2b-NYNZFV2airbuvIN5uBUiFaJ13COpl3piZh-pvcmBaPp_HRsV_Y6ofjTUcdyOCTdC4ZZ2ACdbmBfiPNPDIAL75dlS0Ou9TMjyZ76yuGTu-ZsS2-w3Xg6lhndAZIrkeLHlCJbw1IYRZ-vs4BioqCNoYD1ZyER1aNfnKTjgsob2MtgdLukE7TrriGrd18Kgm5vlTG9Nb0608VKZPrrZPYAydp38655rKElO_JVCMQdNUt7LzqEX1eMWkI3meVigyvr0N0wBYBkjGVD-aH46tsr6QYp4zAnSoQX3RPsl-MhrwASVhJ36yAPgBAGSBQQIBBgBkgUECAUYBIAH0uLVFKgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCsh0zSCAcIgGEQARgdgAoByAsB2BML0BUBgBcBshceChwIABIUcHViLTE5NjIwOTQxNjYyODU3NzIYvskH&sigh=KqMZzXIj-GE&uach_m=[UACH]&template_id=5020&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
army.gif
www.weather-us.com/porpoiseant/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI2MDQ3NDIxMWRhZjFkZmQ0ZDkwMDAwZWEwMWY1NmMzMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwMDIsImFkX3Bvc2l0aW9uIjoxMTQ4LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAwMDIsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTg2MjkxMDA5NzQ0ODA4IiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTQ4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjEsImxpbmVfaXRlbV9pZCI6NTUyNTY3NjE3NSwiY3JlYXRpdmVfaWQiOjEzODMyODc1Mjk0MiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzI4NzUyOTQyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTg2MjkxMDA5NzQ0ODA4IiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTQ4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjEsImxpbmVfaXRlbV9pZCI6NTUyNTY3NjE3NSwiY3JlYXRpdmVfaWQiOjEzODMyODc1Mjk0MiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNTUyNTY3NjE3NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vi2Y0b6fH%2FcOfStcyvp96ZU6iFaVLEFeemxVuLzJjFeHj6QZtVCvnVZQKei4jr4rHlkUA13aMO2B4nHU4jD8MIFrVA2WJBRndX0Pt84ytPYSQLQs09Zjjm7bR5lQ5L3E%2BA9W3iaYCLCsxj%2B1YDRb%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848228ac1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:36 UTC
5525676175
go.ezodn.com/dac/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/dac/5525676175
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/porpoiseant/banger.js?cb=195-2&bv=83&v=55&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 08 Nov 2021 01:50:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr2sNtP2EoM2kWeaHqNwTOv4a%2BT%2BHoHy5vYhkpBdIo3snOTU5NUk4ASlgHw0LOIsTeZx0aTwHQmDJ1LbKv2oRuCPfs1sgP7bWhndr%2B2dd152E5ifGNfzWxdOd5tZhQWsSFbFeGK2xzI8mqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6aab84822917e734-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
army.gif
www.weather-us.com/porpoiseant/ 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTExLTA4In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjM1ODYyOTEwMDk3NDQ4MDgiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExNDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MSwibGluZV9pdGVtX2lkIjo1NTI1Njc2MTc1LCJjcmVhdGl2ZV9pZCI6MTM4MzI4NzUyOTQyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTM5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTg2MjkxMDA5NzQ0ODA4IiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTQ4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjEsImxpbmVfaXRlbV9pZCI6NTUyNTY3NjE3NSwiY3JlYXRpdmVfaWQiOjEzODMyODc1Mjk0MiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMjMxIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMzY4In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9QKBvH4%2BmZxU2vR5E7zCt8ouuJwOToZNpq7bmzM9inhGw7Vs4XT1EeAlUeU%2BQplMDNjaHS5pLaBlW3KJccxuGlKgOBA2jlupxB%2Bnl1CiZg5iDHo0uStxgRWrl3HfQQyaU%2F5AVdurZLi%2BpcIjbTmXpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848228ad1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:39 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhdWN0aW9uX2Vwb2NoIjoxNjM2MzQwMDc2LCJhZF9wb3NpdGlvbiI6MTE0OCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImJpZF9mbG9vcl9pbml0aWFsIjowLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODIyLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzV9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeLfgTtXAnUibsxi%2BE%2FpAZ5JEw0qomyFvKyxzKdNyemo1Md0SuPysk5NLP%2Fa1O2sBV5P4wZWka4eViiO%2BX1FLuKNMO7BO5N9z%2FQBiG12YB6A1GS0jB%2FnU0OS0e9LWv8Q4tMduUkxAu9Mh7yWAYTg3CI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848228af1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:31 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzg5NTA2Mzk4OTc0NzcxMyIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc4OTUwNjM5ODk3NDc3MTMiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3ODk1MDYzOTg5NzQ3NzEzIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTg3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ESwQjwhLx1LuoshgVGyzOLd0TInPgyZEwlF3VGwO8pGq04TQUALPYjrKU3stGGbDHuiifJa%2FQrvTWbp7%2FZz1oJijbi9fkno%2BORNfbKLQFn3DAgl6Jgtk6f9qrXYwP192gM2nQ0f11A9n%2FNSYLSSJh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848259111784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:35 UTC
truncated
/ Frame 8286 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8286 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87f7d71f86d1a3c0f6a58bac7c587402de05e381198e0c3bdbda5ff1c41b374

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=694591251295880&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=2&rcs=4&prev_scp=a%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D120%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%2C11%2C12%2C13%2C14%2C10%2C11%2C12%2C13%2C14%2C20%2C9%2C10%2C11%2C12%2C13%2C14%2C17%2C20%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C915%2C874%2C835%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1636340075046&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340076&dt=1636340076065&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=603&adks=3973906509&ucis=2&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x280&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
bf3a8b9e64e11117664d4ba2ff6a3a110d3b2c1dd8811deb69562c38b13bd86e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8286 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
x-content-type-options
nosniff
age
124565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 06 Nov 2022 16:18:31 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8286 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 09:47:17 GMT
x-content-type-options
nosniff
age
61639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 07 Nov 2022 09:47:17 GMT
4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8286 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bbbc44e5ebb0694e2faa4b84737dc33d6b8fa9d0eaa8b5f63ac3537130cb07bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.weather-us.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 13:00:05 GMT
x-content-type-options
nosniff
age
482071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21444
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Nov 2022 13:00:05 GMT
greenoaks.gif
www.weather-us.com/detroitchicago/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJkb21haW5faWQiOiIyMTczNjAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjMxNzUwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6Ijg0NzcwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiOTU0ODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1OTY4In1dfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:36 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVj3Sd2QNtj1G7DAFTOCaKWSAZTRFcsAqKoP1ApOIKLj82PWyCBcPogWrhjppaUcFDRbRrp674VLwLyVSzjv2TuJSmXv6oEzAQVIu%2BB8lqWHoV3ZXwGk7LU9qerfZgRR6jnumNbIH8oirIMO0MqFvo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848648531784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:37 UTC
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=2982969886493412&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=1&rcs=5&prev_scp=a%3D%257C2%257C%26iid1%3D6157191381671620%26eid%3D6157191381671620%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dweather_us_com-box-1-6157191381671620%26eb_br%3D8fc09e60bfd78aa82afac0405213359a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D3%26bvm%3D0%26bvr%3D8%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D48%26br2%3D500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C34%2C0%2C131%2C20%2C192%2C26%2C197%2C187%2C77%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C2030%2C783%2C15%2C16%2C11%2C12%2C13%2C14%2C10%2C11%2C12%2C13%2C14%2C20%2C9%2C10%2C11%2C12%2C13%2C14%2C17%2C20%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C915%2C874%2C835%2C17%2C19%2C20%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C916%2C915%2C874%2C835%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D120%26reqt%3D1636340076585%26hb_bidder%3Dmedianet%26hb_adid%3D32b2c522d2a0954%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.17&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340076&dt=1636340076590&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=603&adks=3973906509&ucis=2&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x280&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
4f5090e21e77e760e0fdf4caa005a55c7fc7f152a1b87add1afd8bffb25618d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9050
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		350 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=3208042426922553&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x1050%7C300x600&ris=2&rcs=1&prev_scp=a%3D%257C124%257C%26iid1%3D4268227603691682%26eid%3D4268227603691682%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1123%26sap%3D1123%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dweather_us_com-large-leaderboard-1-4268227603691682%26eb_br%3D45a351e981f435b4c20fafca8a5d741c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D3%26br1%3D600%26br2%3D600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C168%2C0%2C67%2C0%2C168%2C66%2C20%2C71%2C30%2C192%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2030%2C783%2C16%2C13%2C14%2C15%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Dmedianet%26hb_adid%3D33592c222e0f009%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.17%26lb%3D1200%26reqt%3D1636340075864&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340076&dt=1636340076871&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=1822&adks=68465294&ucis=5&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x1050&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
77dca85fdd22dce0e64348859651b12b8b2317250d821bc756c7aee04600b7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9406 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 02:54:29 GMT
expires
Tue, 08 Nov 2022 02:54:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
army.gif
www.weather-us.com/porpoiseant/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxNTcxOTEzODE2NzE2MjAiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjhmYzA5ZTYwYmZkNzhhYTgyYWZhYzA0MDUyMTMzNTlhIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTU3MTkxMzgxNjcxNjIwIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ4LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDgsImJpZF9mbG9vcl9wcmV2IjowLjAwMTIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTU3MTkxMzgxNjcxNjIwIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU1MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkecow8QSUW%2B33c9aWVs7BmTf7j0m%2BalEC3GhS4EKbVx%2F3JFG8rRJi03TzRnoxlMKLiWWXJ%2BraqQRaPsi2vkjg9RDSbZP8cBQJjFw1Cn0HMUVzpuMVlS8u4xXjSZK%2F0J5wbTigWCQZWqAFOZ6r62dfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8489ee8f1784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:38 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0xMS0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwtjSmygByY4hxeFpkSQzrFVBlpnGDHoaPF29NODc67ocsC6VcOwI2IvwIbLDkLp62DvVUTxpy0xL4waEanA2Ul7jqfTXwFPGVRz%2FLf7b9y8NvIvXt6SeHbbf2uJJWUX1zk6%2BwfqlqsrkrY0Fl4UQ0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8489ee921784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:39 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhdWN0aW9uX2Vwb2NoIjoxNjM2MzQwMDc3LCJhZF9wb3NpdGlvbiI6MTEwOCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImJpZF9mbG9vcl9pbml0aWFsIjo5NTAsImJpZF9mbG9vcl9wcmV2IjoxMjAsImJpZF9mbG9vcl9maWxsZWQiOjQ4LCJhdWN0aW9uX2NvdW50Ijo2LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1MDksIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SJtvS7GuKG54k33yHUjjhuAw3Ef4cdovstf2afosgDA4nFX8gRNKajQ%2BIOsQMT54mh%2B7S1EefdUQYd6ulDhEisdv1vEYukrDfjvo7awsdPnlmOs264MpGOYvgYEg9hvYwn7Okeu7D9H4rYvl4mVWzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab8489ee951784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:40 UTC
pixel
googleads.g.doubleclick.net/xbbe/ Frame C352 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Nov 2021 02:54:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9406 		56 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3d8e91173532eeac7817dba09f77b718c0ef7ebcbeef3cad9e3071b379f283b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27059
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9406 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsO8ipgWbe9YqecnOOhmYX9h5BeOhDC0zsCLD0BIJrMXctN_Mf6jf4wQgPjHjrX9Z0kkOkJZrmAPLw99dVs3aw-eSY41Ms3PjgTFyjFmgsaSRKepc
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9406 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:52:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9406 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:52:31 GMT
l
www.google.com/ads/measurement/ Frame 9406 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO34zlcNjoqgz7liEe1JqeIqDMaPMH0JN-cSnfdn1jZWXaGzJNDO8hngRidtQSxXYaITXaSAIOj0XFytbtDSWvTMcXIA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9406 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 02:54:37 GMT
sd
us-u.openx.net/w/1.0/ Frame C352
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPtuFBPxbA6y5aIJg56bgp0&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPtuFBPxbA6y5aIJg56bgp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPtuFBPxbA6y5aIJg56bgp0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C352
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2NmODM3OGQtZjk3NC0yZjI4LWU5YjUtODBhMmU4NjY4YzYz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2NmODM3OGQtZjk3NC0yZjI4LWU5YjUtODBhMmU4NjY4YzYz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2NmODM3OGQtZjk3NC0yZjI4LWU5YjUtODBhMmU4NjY4YzYz
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame C352
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDVzNxXGGSEaJZUPHj8IPIw&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDVzNxXGGSEaJZUPHj8IPIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Protocol
H2
Server
184.29.133.72 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 08 Nov 2021 02:54:37 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEDVzNxXGGSEaJZUPHj8IPIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C352
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmQxYjQ1Y2UtNzAzOS00YjU1LTlkZDctYWZhNDkxOGFiMjg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmQxYjQ1Y2UtNzAzOS00YjU1LTlkZDctYWZhNDkxOGFiMjg2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6a9b0CEKvZ2_YCGJeI3LcBMAE&v=APEucNUosYFlZHuwcJ4YPxKkupRF3LlUz6pAPumnWNvaoatk1VvBol3TfhmKn8H9o9UoPah4esxkFLza1k-YTAQovvpGosDneQ
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
akka-http/10.2.6
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmQxYjQ1Y2UtNzAzOS00YjU1LTlkZDctYWZhNDkxOGFiMjg2
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 08 Nov 2021 02:54:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 9406 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:51:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 9406 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 02:51:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9406 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvo1Bkzb6kakUOZMkqUXoq-VqOqwWlXFye5Wo1_rVZE7WYAc-JFUKaMNplhLqarD-gF2FXKWict0UA5vEEW0Q3wzm0TgR1jnxOOkz5QHHGZMl9sWtZe7BmkwabHtPMD67Y3d8KHqN6pOyL0QCx__S9ZmyPJmq43Gh5bh_R09xZJC84hh4oMOAmQWZeOW2m85DRMRUqCNH3QdT9PN-hGg7NhCMYX3RzvjqxTd9m3cN_Ljy70pGXIUF77-xBidoiD_SzTHCaLCOSW524r157bhk6kdqgvNc89dParI_C5wf98O45j1xaLOkSMsp4HBTUqjPFTY3_Pv_NaLtHTLgnZC3-UoiqEH-ZXE-yK0Rq385r7DQoEY6cYcngV9_fkWuC2bX2-0AnGTxG5Bnp7z4R-spYp3KfrZUAgq4hlflByvtXv7JRJx4Na1QK0toyNrMwaNDHXRQzcyl5l9_iiBucbubmfCTemPt9TvzihB10wsjgYUFsHbt6fBlNdZ4t5rvs8eGCs1LxoxjIlwlxM-yK4ZYFKSsSENY69DyQaFzxI4e42ldlA5lEiybf9QUTnpbCGlcQdyfSqs76-f0ZqY8A7OPbA3TJFqK_clDeOucJL42ggrV6jow3KZRFAHZNx14f453tPRpsmYjWYSkyTfEoFkShsjQRHiBfQ75D2Gyngl0Ju_IexqgR59QJz8_FLxMXWqq9ayuWgjVGiOzm5nkEpyt1lzmIE4BPC2sS2QBfMKBTK72yoEqhY_3PURuxqHyNe8EZ_ExqsMvjBpysApM6sITIJaXgynqIUkCI6Nb74kCl5dW2Rbv1ybGcBBz22RR1JF-VStKt6OKtsOMb3-gCPrNYGxyglHK-uuvc6ltemtwFgWX00T_WSMHlDr13WMs0F2w_tmArtGqiWAXFH1UOKPeR3UGUYO0X0A3g9XaIiIowKmMhrvGlizcxwSXZppKzhf0F5J1-0eDLFbrE89zZSTsmGh2ftG0Dxl3foMuAcWGHDyjtx4GBafWko3Is-pO6hEphPdyDL6DkSWbugYvc1YeKmT5y9aOdDRaVdNKtgV-b3pNZP_VYmkqa3dHGhYlPZCR0cLaZuLZ3WkRYCLEdZ4eEKRkpr53tvJqokRP66EIzcGb5olRcwWC3hppK-dyIA9VVaHt6wgxPOQGuhYo5DJj57z2x4alW-f-k_cXosZzDF9oL-dyzsjIZQ7pve4dSs_5xjSMu_-irFEaWeLJoNBFL7Xpw4V5w3DOetIqIZFRXs73ct9SatPnWGfF5NbWzwRiZUPmr1wuqEkYAA2DCMOkNJ9FYOEA68fDovKDSO4JhuxpOB93Uk3oQ&sai=AMfl-YTGTDy0CVQ-36_ODxKzim-ubEVlNlMo_I7UWfGfxD9PSFTIVWsigeobgZ91Z3_qhM3RAyf72fNtul-9p9siDifCJG9qjH9A8SlGcn-Fh1SmJOtc123trr49PSxqcAuR1He-5tHEfsVyig9RBROfu-bQblywBV7dOylkiD8T6dt18LYIQ8Q&sig=Cg0ArKJSzCMfguYD8cKqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20211103.99925&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 08 Nov 2021 02:54:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9406 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 06 Nov 2022 16:05:57 GMT
300x250_EN_NYC_Better_Together_Learn_More.jpg
s0.2mdn.net/11345942/ Frame 9406 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11345942/300x250_EN_NYC_Better_Together_Learn_More.jpg
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de5c16bf284d1c80ded4f99ea13441acd6683a54c9fff580a6d74e09831dd397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 00:41:08 GMT
x-content-type-options
nosniff
age
8009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78628
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 19:39:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 00:41:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 40DA 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Nov 2021 21:56:09 GMT
expires
Mon, 08 Nov 2021 21:56:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
17908
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9406 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29902e58b5c35a9d7359ffd55f1e0d2e961e95466754433cdf8981e7263e65c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEIiyiIUWfnpqatLAqp3V1p0&google_cver=1&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd&google_cver=1&google_gid=CAESEIiyiIUWfnpqatLAqp3V1p0&google_hm=UTY4OTYyNjQ2OTE0NDQ1MjAwNjk=
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJDp5I8s3GPLr2sBp03SVmMnNkLgZ1ccxE15ZTDRcIriTZJLYC2v32iDMkXqqheL91806GDfOaAX562q_Y4IMkWVsT6rhKd&google_cver=1&google_gid=CAESEIiyiIUWfnpqatLAqp3V1p0&google_hm=UTY4OTYyNjQ2OTE0NDQ1MjAwNjk=
Cache-Control
max-age=48707
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFF3zTaAfUrNUR9BehtmRPU&google_cver=1&google_push=AYg5qPL5UY_k6ZU7M1xC9JXOjbSe4qzPSpyP0zZsCkSNPou4-R0BufPRdGntB_ZJaSR0cP8_pEXui_FZ2hjPrLWi2r...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OGYwYjllNGMtZmQ4Ny00M2FjLWE1ZTgtYzliNWFjOWEyYTI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OGYwYjllNGMtZmQ4Ny00M2FjLWE1ZTgtYzliNWFjOWEyYTI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OGYwYjllNGMtZmQ4Ny00M2FjLWE1ZTgtYzliNWFjOWEyYTI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLlRXzrh6okgSg0ILcn2IY9slV3I1OIgKyLnRMo703WMlCdByHhQ0NwMuoWOaTEIZ4auPFMFtaa5bYEmcd3cOgqbxkct5bV
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2SkeTI0xQ4KmDUqm1OjgNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLlRXzrh6okgSg0ILcn2IY9slV3I1OIgKyLnRMo703WMlCdByHhQ0NwMuoWOaTEIZ4auPFMFtaa5bYEmcd3cOgqbxkct5bV
date
Mon, 08 Nov 2021 02:54:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unV...
0
0
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGIL0W6IR694wCKnlyo5b-A&google_cver=1&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI&google_hm=ZzEwYzI2NTg5MTJmN2Q0M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI&google_hm=ZzEwYzI2NTg5MTJmN2Q0MWI4ZTk=
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPJQ3WO-loytb91xkZZmPrEYJTGwUPMq2JF3FFbtaNmxWtSst_Z8phaZ-k3iK55LFWw7mnRS9rIjZZ1Q5Oe6-J_7clk1xRI&google_hm=ZzEwYzI2NTg5MTJmN2Q0MWI4ZTk=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESENv8oHgiNUOtBLDpRkZIuv4&google_cver=1&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e...
0
0
pixel
cm.g.doubleclick.net/ Frame 40DA
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHIN4ZNTUM5WKUqVE7kzvRg&google_cver=1&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3Id_ASeA&google_hm=MTc5MTM3N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3Id_ASeA&google_hm=MTc5MTM3NzEzNTU4MTkyMDQ1NQ==
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPImfHargwoX9je1-Stic_z55vdZcxuGVtURLOPlVc1huod2UWfSpC8dD1Z-DA7dyclkz7QIlo13UbA8zykrR0eDeP3Id_ASeA&google_hm=MTc5MTM3NzEzNTU4MTkyMDQ1NQ==
Date
Mon, 08 Nov 2021 02:54:37 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 40DA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhbbTD9azpWJ_NkcKsuRdWhGHuaD9q47ML2gaJ6xKHGaJ1y4hyywwgFGH3T6-AgdwUfu7CpA
Requested by
Host: 2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
URL: https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
army.gif
www.weather-us.com/porpoiseant/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils1ODAsNDAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU4NjI5MTAwOTc0NDgwOCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTE0OCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjU1MjU2NzYxNzUsImNyZWF0aXZlX2lkIjoxMzgzMjg3NTI5NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLrKZHfXGAyX4oC5rPBDnSUVcJQ%2FQgbFG%2BHj%2Bg5Dsd%2BRuClWve8l5D8HBQYaQDXFqUslSdaB4s5Dlo74Alj9kEhVN6YsCenRZJBlrQY4tZAgl0nHFEqQ2o6lFG%2BfALYfOf5XJ2traepshw4vsgBi8kE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab848b89d41784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:44 UTC
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		350 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=176729434255491&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x1050%7C300x600&ris=1&rcs=2&prev_scp=a%3D%257C124%257C%26iid1%3D4268227603691682%26eid%3D4268227603691682%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1123%26sap%3D1123%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dweather_us_com-large-leaderboard-1-4268227603691682%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D3%26br1%3D300%26br2%3D600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C168%2C0%2C67%2C0%2C168%2C66%2C20%2C71%2C30%2C192%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2030%2C783%2C16%2C13%2C14%2C15%2C10%2C11%2C12%2C13%2C14%2C15%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Dmedianet%26hb_adid%3D33592c222e0f009%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.17%26lb%3D600%26reqt%3D1636340077373&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340077&dt=1636340077379&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=1822&adks=68465294&ucis=5&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x1050&msz=300x250&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
8bd132e22ac3a0c3cdf4929fce5802ba69c6078dad69b05d4f6df3fa257a9ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4033 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 06 Nov 2021 16:05:57 GMT
expires
Sun, 06 Nov 2022 16:05:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
125320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame 4033 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
364461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 21:40:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9406 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvo1Bkzb6kakUOZMkqUXoq-VqOqwWlXFye5Wo1_rVZE7WYAc-JFUKaMNplhLqarD-gF2FXKWict0UA5vEEW0Q3wzm0TgR1jnxOOkz5QHHGZMl9sWtZe7BmkwabHtPMD67Y3d8KHqN6pOyL0QCx__S9ZmyPJmq43Gh5bh_R09xZJC84hh4oMOAmQWZeOW2m85DRMRUqCNH3QdT9PN-hGg7NhCMYX3RzvjqxTd9m3cN_Ljy70pGXIUF77-xBidoiD_SzTHCaLCOSW524r157bhk6kdqgvNc89dParI_C5wf98O45j1xaLOkSMsp4HBTUqjPFTY3_Pv_NaLtHTLgnZC3-UoiqEH-ZXE-yK0Rq385r7DQoEY6cYcngV9_fkWuC2bX2-0AnGTxG5Bnp7z4R-spYp3KfrZUAgq4hlflByvtXv7JRJx4Na1QK0toyNrMwaNDHXRQzcyl5l9_iiBucbubmfCTemPt9TvzihB10wsjgYUFsHbt6fBlNdZ4t5rvs8eGCs1LxoxjIlwlxM-yK4ZYFKSsSENY69DyQaFzxI4e42ldlA5lEiybf9QUTnpbCGlcQdyfSqs76-f0ZqY8A7OPbA3TJFqK_clDeOucJL42ggrV6jow3KZRFAHZNx14f453tPRpsmYjWYSkyTfEoFkShsjQRHiBfQ75D2Gyngl0Ju_IexqgR59QJz8_FLxMXWqq9ayuWgjVGiOzm5nkEpyt1lzmIE4BPC2sS2QBfMKBTK72yoEqhY_3PURuxqHyNe8EZ_ExqsMvjBpysApM6sITIJaXgynqIUkCI6Nb74kCl5dW2Rbv1ybGcBBz22RR1JF-VStKt6OKtsOMb3-gCPrNYGxyglHK-uuvc6ltemtwFgWX00T_WSMHlDr13WMs0F2w_tmArtGqiWAXFH1UOKPeR3UGUYO0X0A3g9XaIiIowKmMhrvGlizcxwSXZppKzhf0F5J1-0eDLFbrE89zZSTsmGh2ftG0Dxl3foMuAcWGHDyjtx4GBafWko3Is-pO6hEphPdyDL6DkSWbugYvc1YeKmT5y9aOdDRaVdNKtgV-b3pNZP_VYmkqa3dHGhYlPZCR0cLaZuLZ3WkRYCLEdZ4eEKRkpr53tvJqokRP66EIzcGb5olRcwWC3hppK-dyIA9VVaHt6wgxPOQGuhYo5DJj57z2x4alW-f-k_cXosZzDF9oL-dyzsjIZQ7pve4dSs_5xjSMu_-irFEaWeLJoNBFL7Xpw4V5w3DOetIqIZFRXs73ct9SatPnWGfF5NbWzwRiZUPmr1wuqEkYAA2DCMOkNJ9FYOEA68fDovKDSO4JhuxpOB93Uk3oQ&sai=AMfl-YTGTDy0CVQ-36_ODxKzim-ubEVlNlMo_I7UWfGfxD9PSFTIVWsigeobgZ91Z3_qhM3RAyf72fNtul-9p9siDifCJG9qjH9A8SlGcn-Fh1SmJOtc123trr49PSxqcAuR1He-5tHEfsVyig9RBROfu-bQblywBV7dOylkiD8T6dt18LYIQ8Q&sig=Cg0ArKJSzCMfguYD8cKqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=334&vt=11&dtpt=332&dett=2&cstd=0&cisv=r20211103.99925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR7Hq4kUCRLHtrJpwSrCk9LdfiHZID851DGjr26K6-pn3jq9_vmyUWYHIWu3TewCmWp_TVwWFz1gq9iwSCD7tHRpSnP59mmofBLaEphfMfx8YYjPdwbT9hCUt4_bBcyDrHmzZEQvvFBNAeMkD-euBMO4b0tw&dbm_d=AKAmf-CpYq_aWsg9fE67s8iE4Chm6UmX7bgki2MIpE1jl5rK2NZoGSLv21MN_v5Rqqj11d-TBUl1wIbznFdBmQcituGRCatGirlxlVSHmCmrkbAGv_1FTvTQtjUi7OXWSChBu5EN6UGx9OhWCNvDMiTbLbD8LcmFAUCcELP6CW5jDfurC4Z9FhkjIxAgjFRuMH0slrvRTx7gly8h8LV9aiFdWKswNBRPr--w__uP83B1gUyQcPdnSr9cvpBCgFfzS-ASA17IA4UIvlu8FbPpBhFReXhEiNwc_hgyIbvisD7O-NPbOFdc3QwX_xZVDRpnuFuCJRh-cDaAPf9aLAutNe2pWmXpk3FHiwAZqv_lDclxLN4ufyXq61IQ5ejSRO6lq5-diIb2LVq12FeAW4ZUoYJQwcGkPV7mApUXtCyoipPpx4OI2QCBeGJRlauTC_8CN_0X37ydoQ-4x7kPbVUqZ5vERMQyiYHjA959etsmCKFaQKgfun6BOR6sjyRHeaDlpjoJw77g5WOByBlNIr3N0hDe9LK-pNyi-jqzxlSYqktPW2srW4uL5ifykUnHLg7E5Md6rTa2h9Zo7JrOsnko6KOtdCyDQJ7Cbz50RL-b1x2HBh0J04SKhgQiqDIY7PLVyQR1WtBGExNhb7f6R01RbN-JaTKWNnsZkl7fDAaEBv_5Ty7l4k9RzBQEQbt2EnkC7NM_nDwP0KR70g8cGoV3Xh3FDQFYDMz85nOPu6EZ8X9Fb3JEI_nAF3LzrtR3H5n758kyCv4L7mIfb3i9p_oxSaXx-VxTKdP0BimNjWFXaUfx0Ud8CzuU6XsUO3u7qLu-XUuKWvZeJlQCBapTLbZU-4W2tJ8ipW-Ac2zBXb-KnlyvOfaO05TXNGP3DLmqSTPyZkoewJOt_ZHu3JLOWJ43WGm-CYVzqsfqMrKVw1ggMVKpBcWatc_aymNyX7S17KUGOa7ERWDHeRUui395C07XqK386qegUaixa3LAJU1aWx8jVE6NiwtMBVSefYWiaE2ooxPLVjkdG13yqKv1sR9rbnZw5MHWoFdocrHSemguRkBXO6YlxYrn-yMu5o925P4LI3uwidGHWt7Vuc_KSrBls-Z57EBl8zloggkYTseJSD0MLPCT7HWHiLBEE024HRaFFcGKNg1dK0WWvSc7iu6a4MVwTR9mQUsSCM5TuoBS0dWG94kl6OwPw3-_jIcjO3GUJ9yv4bukIX1FFeYs5HhFMAJVx11KYKbL7reLw62YP8kUN2d64sCxy51H-qW_oG9NpQBqIedNbh178Z4HQuVTqKtTzuU9MOp4InzJK2yPSRNM174TBx_AvKPbwUlA-gu1hUsUJ9trjL63cniT9fXI8m86BVGASDpObQNKlYJFh0YQO5UbTmJ3LMan2EbJMSF6uPOdsq-EPEz7R75n_N5qjrncbVCVAIRgfKGpgKwr6a1qjcw39BmYjl2oAd-1DOmGZdJDa3LrLHCEa8lY3i5Sgo-O4dntp7hwJ907_ILhDOPpjuXak_NkAQX889PAY_1FBxmppe6RI9oQCejFmgGUov5gECKhWNxrQ5FFkiePuuv8hWPvxM6CPtJobHL8l4vTuVi0xxo9J4pjQrODX5wM6cGaEMdjSKKdxx5pifJO7vJlKp5bF04HRmhY5ES_5vzLJqT7mwmSy3nNKY2X-PzRKWe9yfhb_iFOaHLt-v0eOR_9xdGii_fwNPF3MT-hGNgucX3X5QooUJ8Uc--vKIZVWc215HI4qUPHBuKnPJlpbCmOWKy9SEtccNg9pAjgT0WpbCtlQk_wbjXA19UeUNoy71-5Ir0iEO7ng9H---y7nzdtioAn54eIGLFWc0m0FnGzD76co4CqGqABRl_jf58-S19zaARPvRFhpLgRnMECkaa3Kox3-H_lX2V7G12czRDnEKywkCR0hwSob-gl23HZuMKl_h_NMgfqE8Mt5srqH1lh-WRrkL_NQ5uJ4oMOSWdOipISkKcUVz6UPmO89ZAtsmAzX_zpcOCvw8-YcPkgtY21WoFsnoOT1lUoEdK2f3iXxDCDv11BTwGGk3QrtON32GmkqPvMYmzQagcMfw_c4FhSz__emgULtDFUpMq1bPZ4hJJUBdd1BRI0-y6CCtDQqJqIKMxhlGMytzYLNMw06MKWao7rB9L5fcfKC3LOlG275374hnM-JLdyqS7f7lGqQmjYZQCWmLnDYoMZ4_aXG5LqPwUacGfVQvLZBCy2ZWvcRFblb0D80gZ2uHXfZlUztajAgpdTSHC1RRJoT9vdXZNGgo4qUAX7-3BuifavGaUYBybESzjZfxkNUenJaGn2stshy6jTLFa4MlvrcSxekoM9JwDycIvtL8O6HspsuQtoJlGvKiSK31pzFpnJCTaRLGMqQeoRbu5xUf74Dr8xfLyW7mebT51uu-HEN6WeOAaXyFL4sz0zF-zZl5VxJ9xwdKEiJeVH3agzUm_81bGQy8-aZm35PgCUJhJt__doHPQV1ovq76DAiRb17tm1_Q-c2-_XTWYCweleQxTq3CVi9YHJNZ7GHBzRK7tYIkV3gYsNSD8OufvdNXhgEomHK5mmsDm6ttrxAouuGESB7UI9WbTf6F0Ckl4yAeIUsYSUfTglx7uQ9C0CewI3-FCNxGKx2pkl0bbYnpWUY76ytVANnYQl4FjNxs6Sy4KVYzOkcZsfo-sjNoD6YJuAJvW3-h3AkGNMnXrV2ofu8uhO7MVrsYcE-BhTZ_Q5dFCB12XyW4MaOY46mUzrLle-umtQUI5hawJPluV1l2CXXY3Nk7_XNAeH4OnqGrLRa0pg9C_4RTUN1pM0OYe_WJziYH6e0DTfzGP6sA8t_EzR5bkxNvPdCwSPnuvWe9YyNAuJodd74m8Ec8DlKMMN1osC6TeIoNVcNmQn5O4OzUH9pUxhCFAtC35ywAfa0iv3_ht_g06COAwPV-LvriBMr5hxK9L7Pppbk9bF0ykgdd9AhMRuOsICQr98IHCeQqbzckIk-5T6205tQ5zodm4BXOGrUZKlmKxLGmDL297M1ifhdEODAyZlbQ7sYpjPnwhKcd5E9kf3P2WJK2aHxpqohbiFnUDQkDVd7YZGVRloDU6Dl7jGBp_y_oNtFgBw8-7hxN6rIZMC5Y2ivd2H7AmXIVxZ1ubcVnT8gu1snFP0raaX0g&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&rfl=1%2Chttps%253A%252F%252Fwww.weather-us.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4033 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD76FbZGIYYfLCPeXoPwPxeiGoAQAAAAAOAHgBAI&bg=!LyylLGjNAAYH3anuB907ACkAdvg8WvxhQisILB39DbILyOo6MBlbI-drAdX3rIcBntOSrRURxfcTrgIAAABrUgAAAApoAQeZAweJ9f5SUn8SrAD8eFcVC5ORwNmicgRJZOShvw7q3BNxlgNLh1hd5wqG27tUM0KBlt21H5-Mes21ugqiqbnQuHmXeFvFgVA6hHH-PV1V_mP4K4kFil4Y2SaGzlEF9vP-sMGY9caR_p1ClFGpsvDWT8OsmbIAI9ALm6LMeRPxFG3RjUs5VNFoY2exh0rI2MSxMoW8EupzRhZaFqcV7GdqmYUKs9MJe0TpXA75EuLyxGooZw_I15a2fx8q399WcqatovZGPGGob3kil03Vly4vUkr94B3UlmHS_SlHqJ9f1gOYs6nOVcH8CPjKwWZsGqo3AznIXOVlAAsaG95tpVKaLl_lBGOnJlosg6j6Qwy1_gLvLamnu7lxLkZ6XT3uoMAIeFi6ksKVRDhI-x_iTDtvSGQDCgFdEmWb5ZaE_iH0YZT4lHHKBuoMLmeFW7l0xbuFSY1faifWtgu7l289bGY6DwMw-2QvmRexPCG7VRY3O4yy9DF05d75ysidZRUm9zyNY6R5fHixYYxB5Rw0NPzZDKllEmdq7dC5_ZDGMepJbJeSpEL6HymDGJ0OOP-nV-Pw3cPVzgwNlRX3P_syHJBY1NXIlsMAzCsHoVighEHsU5I1IE62XQEySzy_kAfQJSoigph80yoI5X85JtHq-vALULKdJg5syMmdWpLVnAqjCnGPp0yRaeBZ5YWqMC_VevbS6msE63JpTudgeyZoaSOl0SqTETqgPvETrx7mv4YdmsONk9EPNCCIwliul5O5YSmow7o0Q3JnScD1Ty4PZvOAE2Q7HnxoQvDoZg6a6nPLkrf_ZwynyVWianoZqYXlWuir4nOLvqv8m81cWwxhQz2EYrR-7_DLLi2E50At2skTaZTHgZuaHCPTwG01FJ9JbzXH9CRGujeibG2Mi5PLMOUdL3-XC0meBpvKv3c_-pYg97ueqxjcvWakl7Ab9Y_7bQRnMIHzGSh6PHJ-_vBfckzxy5b3-oXCGPuMjW2ty2xqb73GVKytfzfMDD1mAzxcSHGHwqE6x1Ny13dp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 09 Nov 2021 02:54:38 GMT
syncframe
gum.criteo.com/ Frame 099A 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.weather-us.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6de355c79c0d5e8d4c373e4b79a36d59aacca27ecc8c5cbd2e3191ab2871c440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2623
date
Mon, 08 Nov 2021 02:54:37 GMT
content-length
4684
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 03:25:58 GMT
server
nginx
etag
W/"6178c6c6-14b2b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 09 Nov 2021 02:54:38 GMT
sid
mug.criteo.com/ Frame 099A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=weather-us.com&sn=ChromeSyncframe&so=3&topUrl=www.weather-us.com&bundle=20-LgF9iVHVodHVBV2lvRFFXYnhGWnpMRzhMTHNvRWd5M2E2c1ZwNXF5NThsVVRsUG...
  • https://mug.criteo.com/sid?cpp=Zt1MHnxmdEdJcWpJT0hUdmtYc21oeVRuOWUwTjZkcUFwUFNXS1VHbExVbDBBQ0liMDM4SG13UkdlQUVncUk2WVZMUVVwc1VFUkpkYk8xUTJBQlF4enBvTU16RVlleEUvNVRISDlsckUxdHdVNEl1bFQvdVc1UWRzbm5sM3...
0
0
457.json
id5-sync.com/g/v2/ 		451 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p24.id5-sync.com
Software
/
Resource Hash
204b6a9d47419ba8dddf9d28d188a229d885d703e614e90004c467197a9ff303
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 02:53:46 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.weather-us.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
/
id.a-mx.com/sync/ 		99 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.weather-us.com/&u=https://www.weather-us.com/&v=5.10.0&vg=epbjs&us_privacy=1---&gdpr=0&gdpr_consent=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:29fd -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
04d9df077ab87f4460cfabfe4c4d0525db46c0c2197ec1f6e56b89ee69eec363

Request headers

Referer
https://www.weather-us.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJR6z1kFHiOUIjqV5E4Cp%2FuGSq%2BDT2m45P6Lyynzn22ykChs6x4eUYEI6kwTx8cjOrVaMRb1ZD6nZPqdEOLBFPy%2F7zViOPb2bNzVK2IBgbNzEVMHz%2FE6vTf6qHRkX7l%2FwvuuJGRjl32ONw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
6aab84911aea1841-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
onetag-sys.com/usync/ Frame 40D2 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1636340075190&us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
visitormatch
bh.contextweb.com/ Frame 71F8 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
1045f8de706d9c4fd02715691730a3474207212364771ea15f366c3f81f78aad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-857fc6c844-xxjtk
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
content-type
text/html;charset=iso-8859-1
content-length
3692
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ixmatch.html
js-sec.indexww.com/um/ Frame E3CC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 62EF 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
dcd43629b63b1680087c336a5e356e5e02e84979836e5aa4a9ee2cec644bfd82
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 10 Nov 2021 02:54:38 GMT
date
Mon, 08 Nov 2021 02:54:38 GMT
content-length
11474
sync
eb2.3lift.com/ Frame 349F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4774d67af96daaca25b73f3072ac0c9168145eac4baea5ede56f0b4bc4b5165a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html; charset=utf-8
content-length
465
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
iex
csm.va.us.criteo.net/ Frame 099A 		43 B
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.va.us.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.weather-us.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gum.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Finatra
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rtset
bh.contextweb.com/bh/ Frame 71F8
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=2f3b6d825cb8120b&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGaWA8H3APMAMpbLjQAAAAAAA&expiration=1636426478&nuid=&is_secure=true
49 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGaWA8H3APMAMpbLjQAAAAAAA&expiration=1636426478&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGaWA8H3APMAMpbLjQAAAAAAA&expiration=1636426478&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
epx.gif
px.owneriq.net/fr/ Frame 71F8
Redirect Chain
  • https://px.owneriq.net/eucm/p/cwc
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
104.65.247.96 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-247-96.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=319324
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 11 Nov 2021 19:36:42 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=38273
Connection
keep-alive
Content-Type
text/html
Content-Length
154
rtset
bh.contextweb.com/bh/ Frame 71F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VzZmNEl3UDBfSHA1NHEyMXk5YVkwZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFffqRXARKhnAnyrsH_WMss&google_cver=1
49 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFffqRXARKhnAnyrsH_WMss&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFffqRXARKhnAnyrsH_WMss&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 71F8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pulsepoint
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=99c6a788-b1f4-4cbd-ac73-0be497015616&ssp=pulsepoint&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593803332041085428&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=12785609-8d33-4da7-a7a9-3660d41c8a0f&ssp=pulsepoint&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=204810503964002917060&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593803332041085428&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593803332041085428&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593803332041085428&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55972/ Frame 71F8
Redirect Chain
  • https://pixel.advertising.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&apid=UP36820262-403f-11ec-9fc3-0a4f85d3528b
0
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&apid=UP36820262-403f-11ec-9fc3-0a4f85d3528b
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55972/sync?uid=5mWlCotForN0&_origin=1&gdpr=0&gdpr_consent=&apid=UP36820262-403f-11ec-9fc3-0a4f85d3528b
date
Mon, 08 Nov 2021 02:54:38 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 71F8 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=5mWlCotForN0&dongle=8bee
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v1
match.sharethrough.com/sync/ Frame 71F8 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-48-117.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-length
68
content-type
image/png
rtset
bh.contextweb.com/bh/ Frame 71F8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pp
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNFgwN0RFU01BQUJNcTg4U0F2dw&bee_sync_partners=pm%2Csyn%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csyn%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC4X07DESMAABMq88SAvw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4X07DESMAABMq88SAvw
49 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4X07DESMAABMq88SAvw
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4X07DESMAABMq88SAvw
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rtset
bh.contextweb.com/bh/ Frame 71F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=5mWlCotForN0
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEMmnG9gHJGbjsKn5rQW9uo8&google_cver=1
49 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEMmnG9gHJGbjsKn5rQW9uo8&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEMmnG9gHJGbjsKn5rQW9uo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 71F8
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8185&uid=5mWlCotForN0
  • https://sync.search.spotxchange.com/partner?adv_id=8185&uid=5mWlCotForN0&__user_check__=1&sync_id=3681dab7-403f-11ec-b2b1-1fc52e7f0203
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8185&uid=5mWlCotForN0&__user_check__=1&sync_id=3681dab7-403f-11ec-b2b1-1fc52e7f0203
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
192.35.249.120 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
387
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
nginx
Location
/partner?adv_id=8185&uid=5mWlCotForN0&__user_check__=1&sync_id=3681dab7-403f-11ec-b2b1-1fc52e7f0203
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
74
Connection
keep-alive
Content-Length
0
/
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 71F8 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1636340078.306230,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lga21961-LGA
sync
partners.tremorhub.com/ Frame 71F8 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?uipp=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:9a2f:8341:7f9b:9de -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
UserMatch.ashx
atemda.com/ Frame 71F8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.113.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:37 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 08 Nov 2021 02:54:38 GMT
rtset
bh.contextweb.com/bh/ Frame 71F8
Redirect Chain
  • https://red.erne.co/pulsepoint/cm
  • https://pixel.onaudience.com/?mapped=1EdLI70YakVn4pVBcM3HXx9O&partner=2&redirect=red.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D5609...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252Fct%2...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3f698bec9e20afaec74652433569d330&redirect=https%3A%2F%2Fred.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtse...
  • https://red.erne.co/ct/cm?red=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D560956%26ev%3D1EdLI70YakVn4pVBcM3HXx9O
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=1EdLI70YakVn4pVBcM3HXx9O
49 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=1EdLI70YakVn4pVBcM3HXx9O
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-857fc6c844-xxjtk
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=1EdLI70YakVn4pVBcM3HXx9O
date
Mon, 08 Nov 2021 02:54:38 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 71F8 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=142&uid=5mWlCotForN0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.133.72 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 08 Nov 2021 02:54:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 71F8 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=5mWlCotForN0&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WX5E3AWK67XFMCATC5HV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 71F8 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif
rum
dsum.casalemedia.com/ Frame 71F8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=5mWlCotForN0&expiration=[EXPIRATION]
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 71F8 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&userid=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1450:16::2100 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache
server
nginx
content-type
image/gif
content-length
43
expires
0
pp.gif
sync.colossusssp.com/ Frame 71F8 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pp.gif?puid=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/plain
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 71F8 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1636340078.342072,VS0,VE2
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-lga21961-LGA
6d0a5307809091fa
ads.us.e-planning.net/uspd/1/ Frame 71F8
Redirect Chain
  • https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=5mWlCotForN0
  • https://ads.us.e-planning.net/uspd/1/6d0a5307809091fa?ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/6d0a5307809091fa?ct=1&ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.us.e-planning.net/uspd/1/6d0a5307809091fa?ct=1&ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
172.98.26.125 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
/uspd/1/6d0a5307809091fa?ct=1&ruimd=1&du=https%3A%2F%2Fdemand.trafficroots.com%2Fsync.php%3Fbuyer%3D3264%26buyeruid%3D%24UID
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1222
55660
i6.liadm.com/s/ Frame 71F8
Redirect Chain
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0&_li_chk=true&previous_uuid=6ef0c638919d47c29c10f1a315757d28
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:5b76:7408:bdd4:1592 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
f12e2cd667651d44
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=5mWlCotForN0
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
trace-id
c6a07d05f2a768e0
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
put
e1.emxdgt.com/ Frame 71F8
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=5mWlCotForN0&expires=30&user_group=[NUMERICAL_VALUE]
  • https://e1.emxdgt.com/put?d=d21&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=
43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
23.23.88.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-88-115.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=
Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
bid
cs.chocolateplatform.com/ Frame 71F8 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/bid?advid=5771&bcid=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.101.174 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
server
Chocolate Cookie Sync Powered by Vdopia
alt-svc
clear
setuid
ib.adnxs.com/ Frame 71F8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=494&code=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
aee3fdb3-476b-4d2d-995f-e7cca4eab697
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 71F8 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=5mWlCotForN0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEH8mjHyILMqT8BhJ_aMJcQM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEH8mjHyILMqT8BhJ_aMJcQM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEH8mjHyILMqT8BhJ_aMJcQM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 349F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4NTgwMzUyOTc2Mjg5NjA2MzQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4NTgwMzUyOTc2Mjg5NjA2MzQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4NTgwMzUyOTc2Mjg5NjA2MzQ%3D
date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 349F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13858035297628960634&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13858035297628960634&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1&_expected_cookie=e986fcb...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1&_expected_cookie=e986fcb73415fe709cfe124abe702b49
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6aab8492da8ae74c-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=78eca564-6d13-4016-9865-90b773b514a8&_noobservation=1&_expected_cookie=e986fcb73415fe709cfe124abe702b49
date
Mon, 08 Nov 2021 02:54:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aab84927a0ee74c-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13858035297628960634?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIVUT99E2oQX5zu1TSLXuGhJb0O5WZvKb2otFYK0Gg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIVUT99E2oQX5zu1TSLXuGhJb0O5WZvKb2otFYK0Gg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 08 Nov 2021 02:54:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIVUT99E2oQX5zu1TSLXuGhJb0O5WZvKb2otFYK0Gg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=13858035297628960634&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=df314584-b368-4d4b-91c5-ad6d70334f10&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=99c6a788-b1f4-4cbd-ac73-0be497015616&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=99c6a788-b1f4-4cbd-ac73-0be497015616&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=99c6a788-b1f4-4cbd-ac73-0be497015616&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 349F 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13858035297628960634&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
etag
"4fbbfa5769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2A4ABEB07C44DB4ADDCECB1E4A97C1C Ref B: NYCEDGE1121 Ref C: 2021-11-08T02:54:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 349F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=13858035297628960634
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVFU2NZSMZZUU...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mKM72fsJRhk3SaY0DUq5
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mKM72fsJRhk3SaY0DUq5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mKM72fsJRhk3SaY0DUq5
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 349F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2737178857735877580&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2737178857735877580&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2737178857735877580&dongle=d407
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatch
ssum-sec.casalemedia.com/ Frame B7B2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86cd4675fc079eef51155e2ea020a2b8535e2601fb851eedba6ed42675dfd868

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|3|4|47|13|176|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1558
Expires
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
crum
dsum-sec.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2785380007497343404
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2785380007497343404
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
60d4bd3d-f0c5-407e-9f25-9c26f2277a13
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2785380007497343404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B7B2 		43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:7acd:b606:a0b6:34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8b666188-9165-4600-960d-59187982b791
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8b666188-9165-4600-960d-59187982b791
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8b666188-9165-4600-960d-59187982b791
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:37 GMT
rum
dsum-sec.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2737178857735877580
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2737178857735877580
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2737178857735877580
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I1gAOuxz1MJUNU5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I1gAOuxz1MJUNU5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-023ca9a34f93eca61@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I1gAOuxz1MJUNU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ec2204000d5740c0e87b70&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ec2204000d5740c0e87b70&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ec2204000d5740c0e87b70&expiration=[EXPIRATION]
Date
Mon, 08 Nov 2021 02:54:38 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum.casalemedia.com/ Frame B7B2
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_b0f40b6ac50d41d7a4512
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_b0f40b6ac50d41d7a4512
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_b0f40b6ac50d41d7a4512
date
Mon, 08 Nov 2021 02:54:37 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
ix
ad4m.at/ad/sim/ Frame B7B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B7B2 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYiRZdANBuf1s7HSHga2JgAA%26149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weather-us.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=955
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 03:10:33 GMT
pubcid.php
hbx.media.net/ Frame 62EF 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 03:24:38 GMT
sync
gum.criteo.com/ Frame 62EF 		88 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdecb6992f7d6fcde7f2228297762720a12293340a0fa6827e79aae6013925cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 08 Nov 2021 02:54:38 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
5447
content-length
207
expires
60
usync.html
eus.rubiconproject.com/ Frame 1789
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=medianet
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
cksync.html
contextual.media.net/ Frame DE60
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Drkt%26refUrl%3D%26vid%3D634007842227934167861452650...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=rkt&refUrl=&vid=63400784222793416786145265000V10&ovsid=1791377135581920455
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=rkt&refUrl=&vid=63400784222793416786145265000V10&ovsid=1791377135581920455
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=rkt&refUrl=&vid=63400784222793416786145265000V10&ovsid=1791377135581920455
Content-Length
0
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5963 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=33944
expires
Mon, 08 Nov 2021 12:20:22 GMT
date
Mon, 08 Nov 2021 02:54:38 GMT
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=248d172c0daf120c&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=con&refUrl=&vid=63400784222793416786145265000V10&ovsid=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=con&refUrl=&vid=63400784222793416786145265000V10&ovsid=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=con&refUrl=&vid=63400784222793416786145265000V10&ovsid=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2793416786145265...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=opx&refUrl=&vid=63400784222793416786145265000V10&ovsid=28bb8dd8-9b03-4b6c-9f1a-a475906bd0df
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=opx&refUrl=&vid=63400784222793416786145265000V10&ovsid=28bb8dd8-9b03-4b6c-9f1a-a475906bd0df
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=2793416786145265000V10&type=opx&refUrl=&vid=63400784222793416786145265000V10&ovsid=28bb8dd8-9b03-4b6c-9f1a-a475906bd0df
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dmma%26refUrl%3D%26vid%3D634007842227934167861452...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=mma&refUrl=&vid=63400784222793416786145265000V10&ovsid=8b666188-9165-4600-960d-59187982b791
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=mma&refUrl=&vid=63400784222793416786145265000V10&ovsid=8b666188-9165-4600-960d-59187982b791
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=mma&refUrl=&vid=63400784222793416786145265000V10&ovsid=8b666188-9165-4600-960d-59187982b791
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:37 GMT
cksync
cs.media.net/ Frame 62EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc5MzQxNjc4NjE0NTI2NTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmTfY5RnGWd8IYcqJzve5w&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmTfY5RnGWd8IYcqJzve5w&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmTfY5RnGWd8IYcqJzve5w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63400784222793416786145...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63400784222793416...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=dxu&refUrl=&vid=63400784222793416786145265000V10&ovsid=I1gAOuxz1MJUNU5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=dxu&refUrl=&vid=63400784222793416786145265000V10&ovsid=I1gAOuxz1MJUNU5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0f659e4c40a32bbad@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=dxu&refUrl=&vid=63400784222793416786145265000V10&ovsid=I1gAOuxz1MJUNU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31905072-43fd-413a-8724-ddfbee012d0a
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31905072-43fd-413a-8724-ddfbee012d0a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31905072-43fd-413a-8724-ddfbee012d0a
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1897738
content-length
0
expires
Mon, 08 Nov 2021 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119826&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dzem%26refUrl%3D%26vid%3D63400784222793416786145265...
  • https://stags.bluekai.com/site/23178?id=mKM72fsJRhk3SaY0DUq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJNGTOMTGONFFE2DLGNJWCWJQIRKXC...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=mKM72fsJRhk3SaY0DUq5&refUrl=&type=zem&vid=63400784222793416786145265000V10&vsid=2793416786145265000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=mKM72fsJRhk3SaY0DUq5&refUrl=&type=zem&vid=63400784222793416786145265000V10&vsid=2793416786145265000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=mKM72fsJRhk3SaY0DUq5&refUrl=&type=zem&vid=63400784222793416786145265000V10&vsid=2793416786145265000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 62EF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2793416786145265000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2793416786145265000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=14bbf732-89ea-4f9c-a1a1-a162fe9a0c31&cs=1
45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=14bbf732-89ea-4f9c-a1a1-a162fe9a0c31&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=14bbf732-89ea-4f9c-a1a1-a162fe9a0c31&cs=1
date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 62EF 		42 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
cksync
cs.media.net/ Frame 62EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
log
c21lg-d.media.net/ Frame 62EF 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=560621c7-641e-46b1-a2cb-e3b40f124bc6&cs=15&vsid=2793416786145265000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 08 Nov 2021 02:54:38 GMT
usync.js
eus.rubiconproject.com/ Frame 1789 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43f837576363b4db837a9602c15f95f8a25c28efd10a6c93f44bc171fceecc14

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31183
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Mon, 08 Nov 2021 11:34:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5963 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81286006&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
14fcc9618ffc8e5844b74749f8331e56f791e5efb434f6bc95e2534c4f79dbd3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
log
c21lg-d.media.net/ Frame 62EF 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=CsWlA-xOJXdKOyF69ngnOM5O1oVF83-o&cs=15&vsid=2793416786145265000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C251%2C175%2C132%2C233%2C178%2C3018%2C2028%2C157%2C3017%2C2027%2C3016%2C236%2C214%2C2026%2C159%2C2025%2C238%2C117%2C97%2C99%2C55%2C77%2C56%2C59%2C3012%2C3010%2C182%2C262%2C141%2C241%2C222%2C3007%2C223%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 08 Nov 2021 02:54:38 GMT
cksync.php
contextual.media.net/ Frame 1789
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=KVQ2MMK6-15-ANX7
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KVQ2MMK6-15-ANX7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 08 Nov 2021 02:54:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KVQ2MMK6-15-ANX7
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 8489
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4X07DESMAABMq88SAvw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=1118083083793387219
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw
42 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug017:0:481
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4X07DESMAABMq88SAvw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 94B5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:19:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug027:0:342
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Mon, 08 Nov 2021 02:54:37 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Mon, 08 Nov 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1281380
Pug
image2.pubmatic.com/AdServer/ Frame 611F
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_b0f40b6ac50d41d7a4512
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_b0f40b6ac50d41d7a4512
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_b0f40b6ac50d41d7a4512
content-type
image/gif
content-length
0
date
Mon, 08 Nov 2021 02:54:37 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36b9db44-403f-11ec-92aa-d6b6d5b7e420
42 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36b9db44-403f-11ec-92aa-d6b6d5b7e420
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug030:0:415
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36b9db44-403f-11ec-92aa-d6b6d5b7e420
X-RealServer-NX
lga-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 99C3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I1gAOuxz1MJUNU5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I1gAOuxz1MJUNU5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:39:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug023:0:436
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 08 Nov 2021 02:54:38 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I1gAOuxz1MJUNU5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-023ca9a34f93eca61@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 9E23
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ExN5eqXJQahMzRs4rtIrOVdlX8w
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ExN5eqXJQahMzRs4rtIrOVdlX8w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:21:41 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug021:0:535
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 08 Nov 2021 02:54:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ExN5eqXJQahMzRs4rtIrOVdlX8w
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0B59
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005&rndcb=2732528348
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1791377135581920455&expires=30&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/99c6a788-b1f4-4cbd-ac73-0be497015616?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
42 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug010:0:389
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Mon, 08 Nov 2021 02:54:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005
ETag
RXbded5dcaff8f429db41424662c4e43c9005
i.match
s.tribalfusion.com/z/ Frame 97BE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aab84939efe1a2c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
687
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aab84930cf71a2c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5045
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6896264691444520069
42 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6896264691444520069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug002:0:515
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.2.15 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6896264691444520069
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=44539
Date
Mon, 08 Nov 2021 02:54:38 GMT
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F519
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=620839977313
42 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=620839977313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug022:0:382
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=620839977313
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame BAED
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e789761-8fd9-481f-b3df-852672ae507c-tuct88216ee&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e789761-8fd9-481f-b3df-852672ae507c-tuct88216ee&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 varnish
x-served-by
cache-lga21946-LGA
x-cache
MISS
x-cache-hits
0
x-timer
S1636340079.603086,VS0,VE18
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e789761-8fd9-481f-b3df-852672ae507c-tuct88216ee&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 varnish
x-served-by
cache-lga21961-LGA
x-cache
MISS
x-cache-hits
0
x-timer
S1636340079.558842,VS0,VE2
x-vcl-time-ms
2
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3F3A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RouH9UuEC5WrV6Rvb5GIYQ
42 B
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RouH9UuEC5WrV6Rvb5GIYQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:415
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 08 Nov 2021 02:54:39 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=RouH9UuEC5WrV6Rvb5GIYQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/ Frame D400
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:255667754110789
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:255667754110789
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:21:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug021:0:514
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
erebus-d1360046395d@version_1.342v2
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:255667754110789
Content-Type
text/html; charset=utf-8
Content-Length
287
X-core-time
0ms
Date
Mon, 08 Nov 2021 02:54:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A00
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html; charset=utf-8
x-lat
njrpug018:2:346
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 08 Nov 2021 02:54:38 GMT
server
_
usersync
match.bnmla.com/ Frame 2F43 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 02:54:38 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0627
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug005:0:639
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 08 Nov 2021 02:54:38 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7EDEAC6C997F4AECA88DCAAAA501CD64
expires
Sun, 07 Nov 2021 02:54:38 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cksync.php
contextual.media.net/ Frame 2B05 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2793416786145265000V10&type=pba&refUrl=&vid=63400784222793416786145265000V10&ovsid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
Apache
content-length
45
content-type
image/gif
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
x-mnet-hl2
E
expires
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
mw
mwzeom.zeotap.com/ Frame 5963
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
  • https://spl.zeotap.com/?zdid=1332&zcluid=7869aa258f54256a
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18a02129442&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFCucm686ZQ-opPceZ4GLVA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEFCucm686ZQ-opPceZ4GLVA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18a02129442&zcluid=7869aa258f54256a&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6aab8493eb65e6e4-EWR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEFCucm686ZQ-opPceZ4GLVA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=59784cdd-8140-4450-6857-f14e33a82dc6&reqId=070b98ff-8bb8-48bc-46f0-a18a02129442&zcluid=7869aa258f54256a&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Mon, 08 Nov 2021 02:54:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame 5963 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.152.118 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
/
io.narrative.io/ Frame 5963
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034
  • https://io.narrative.io/?io.narrative.guid.v2=36abaa60-403f-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=36abaa60-403f-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
3.215.189.212 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=36abaa60-403f-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:D9291E4C-8D31-4382-A60D-4AA6D4E8E034
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:477
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
MT3 4067 88cc6bf master iad-pixel-x18 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b666188-9165-4600-960d-59187982b791&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 02:54:37 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qm7nOMpE2uWQlzwkJuMuGC7AJ8ot.zk-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qm7nOMpE2uWQlzwkJuMuGC7AJ8ot.zk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qm7nOMpE2uWQlzwkJuMuGC7AJ8ot.zk-~A&gdpr=0&gdpr_consent=
date
Mon, 08 Nov 2021 02:54:38 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
D9291E4C-8D31-4382-A60D-4AA6D4E8E034
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5963 		43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D9291E4C-8D31-4382-A60D-4AA6D4E8E034?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:7acd:b606:a0b6:34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2785380007497343404&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2785380007497343404&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug005:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f4bd06fb-e08a-4fcd-907f-a3f329a0154e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2785380007497343404&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5963 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.14.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&...
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:580
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6F_NgQWChgIke193AQEBAQE&expiration=1636426478&nuid=D9291E4C-8D31-4382-A60D-4AA6D4E8E034&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug013:0:563
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Date
Mon, 08 Nov 2021 02:54:38 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
36a9d5f6-403f-11ec-bd2d-57ae9da3e037
Pug
image2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9aaeb109-b5d7-474c-8e02-69c3cea38ad4-6188916e-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9aaeb109-b5d7-474c-8e02-69c3cea38ad4-6188916e-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:620
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=9aaeb109-b5d7-474c-8e02-69c3cea38ad4-6188916e-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 5963
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_E635F3AC_123D81150&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
38.67.14.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-319326878; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-319326878; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 08 Nov 2021 02:39:40 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug023:0:484
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xyicVMgoklncKMVbwHiJX5QgwVrcKZNYyX3JpBa4
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xyicVMgoklncKMVbwHiJX5QgwVrcKZNYyX3JpBa4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug012:0:722
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xyicVMgoklncKMVbwHiJX5QgwVrcKZNYyX3JpBa4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=4da16cb3-3cdb-45ca-9a7c-117b48413422&ssp=pubmatic&bsw_param=99c6a788-b1f4-4cbd-ac73-0be497015616
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
1 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:464
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99c6a788-b1f4-4cbd-ac73-0be497015616&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 08 Nov 2021 02:54:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000088379961AF
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000088379961AF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:1024
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Nov 2021 02:54:39 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000088379961AF
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6809213772414941253
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6809213772414941253
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug024:0:494
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6809213772414941253
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5963
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2785380007497343404
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2785380007497343404
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug012:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 02:54:38 GMT
X-Proxy-Origin
87.101.95.204; 87.101.95.204; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ca945b49-d247-49d0-b46a-c85b4cecc310
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2785380007497343404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9406 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3TzOgy8j4rq4yKgVRuuJ37zZLgtjEKbFXhR9ylinCYLUqk3Vdj2JD59Y65-OGOy1N9blhYnERSWuTGNPT6kjgtI8jFk4fZPSIZt6xfh1Ve2yQXYA&sai=AMfl-YT0N_PQBIvG3vBlNC0AAHU08TRwxmnKEjar6YO3u0nHEt4YJi2a-YAYV-1iHGDAktX1uwLQ08K76M1xN5kWqYYNA9zTyTpfZoUEz9foGAkWdKV4dGys1sf9yPpX&sig=Cg0ArKJSzGBZ5M9XTaYGEAE&cid=CAASEuRoJO2bz99Vwfiq8Wkh21f7-A&id=lidar2&mcvt=1027&p=603,1030,857,1330&mtos=0,1027,1027,1027,1027&tos=0,1027,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3973906509&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636340077098&rpt=423&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 02:54:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
www.weather-us.com/porpoiseant/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akph9sxpaU4gVwCmTtOAPlBKlo68ed1QxuyzIOjVf7zxQ1VN6LL5euPjB%2Bpdd9M0AhgnSLbyKoQQovqRGr1twgvg5h3Yl5vPqt2GuUHclj%2BE4wVM7p7nQrCvQJU%2Fsf%2FA%2FAq8FgZPKceAh7tAPddeOUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab849308311784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:39 UTC
army.gif
www.weather-us.com/porpoiseant/ 		0
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weather-us.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE1NzE5MTM4MTY3MTYyMCIsImRvbWFpbl9pZCI6IjIxNzM2MCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlYXRoZXJfdXNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjM2MzQwMDY4LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiIzZDVmZTRmOS01NWVmLTRkZTQtN2QxMS0xMTAwNGNiYWI5NmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYxNTcxOTEzODE2NzE2MjAiLCJkb21haW5faWQiOiIyMTczNjAiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZWF0aGVyX3VzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYzNjM0MDA2OCwiYWRfcG9zaXRpb24iOjExMDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiM2Q1ZmU0ZjktNTVlZi00ZGU0LTdkMTEtMTEwMDRjYmFiOTZmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTU3MTkxMzgxNjcxNjIwIiwiZG9tYWluX2lkIjoiMjE3MzYwIiwidW5pdCI6ImRpdi1ncHQtYWQtd2VhdGhlcl91c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MzYzNDAwNjgsImFkX3Bvc2l0aW9uIjoxMTA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6IjNkNWZlNGY5LTU1ZWYtNGRlNC03ZDExLTExMDA0Y2JhYjk2ZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.weather-us.com
URL: https://www.weather-us.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1d-5y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cdb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsWqCMrpZpQ2%2BbmcIeuFgbrQ2EGUgHiZnRY10VPJKQNNCkE4zIOQggoGzcoKXH%2BtEGbPe7cZNnbmTpG8YG9XO2UWPAqH%2FgiY1AnzhEbMQOKeH2N83NuuduzT0nu3qMThukuQ%2FPEgLDO9zAp0Hy6AHI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6aab849389091784-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 07 Nov 2021 02:54:38 UTC
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weather-us.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 02:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2465637124299127&correlator=2952653544162569&output=ldjh&impl=fifs&eid=31063405%2C31063414%2C44752540%2C31060032&vrg=2021110201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=1254144%3A3711114%2Cweather_us_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x1050%7C300x600&ris=2&rcs=3&prev_scp=a%3D%257C124%257C%26iid1%3D4268227603691682%26eid%3D4268227603691682%26t%3D134%26d%3D217360%26t1%3D134%26pvc%3D0%26ap%3D1123%26sap%3D1123%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26gala%3D2709606%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dweather_us_com-large-leaderboard-1-4268227603691682%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11307%26asau%3D5789646051%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D3%26br1%3D90%26br2%3D600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C168%2C0%2C67%2C0%2C168%2C66%2C20%2C71%2C30%2C192%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2030%2C783%2C16%2C13%2C14%2C15%2C10%2C11%2C12%2C13%2C14%2C15%2C17%2C19%2C20%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C916%2C915%2C874%2C835%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Dmedianet%26hb_adid%3D33592c222e0f009%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.17%26lb%3D300%26reqt%3D1636340077881&eri=1&cookie=ID%3Db37501380f57a3b0%3AT%3D1636340069%3AS%3DALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ&bc=31&abxe=1&lmt=1636340078&dt=1636340078886&dlt=1636340068760&idt=305&frm=20&biw=1600&bih=1200&oid=2&adxs=1030&adys=1822&adks=68465294&ucis=5&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weather-us.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=355x1050&msz=300x250&ga_vid=1495726912.1636340069&ga_sid=1636340070&ga_hid=1252775448&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js?31063414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
b1eef22bc3a54781f20e42e336a387b50837b64e6913c6192441d24c93cf563d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.weather-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10660
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weather-us.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5963 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2793416786145265000V10%26type%3Dpba%26refUrl%3D%26vid%3D63400784222793416786145265000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:54:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/457/796/1/8.gif?puid=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Domain
fw.adsafeprotected.com
URL
https://fw.adsafeprotected.com/rjss/bs.serving-sys.com/861472/58118884/Serving/adServer.bs?c=28&cn=display&pli=1077258294&gdpr=&gdpr_consent=&w=970&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCP3I7apGIYZW3BbHBjAbb0ZTIB5DR8Ohly5COkO8O79rWqrwBEAEg9PnGJWDJxqmLwKTYD6AB2tHoswHIAQmpAsDnHspZpbY-qAMBqgTxAU_QG7zeRvNaasK-S5XiBemDhXhKagZEBptqCdNhm62POXMKExzkH5NtrDaER5WOz-oDNk09hMMXkr0sGmg57bcR6vUXMQf2dZx1ZTABS-0Whnux1VwmE20cTm2RHZSTSWlYiiI721D18t7ZAJ7tLGzGBg73XRzDmKpZCvwtcfGLS2ewF6i_XVgC6s87p5HAt8D4yDRso3-9NXhPt0cIViFklXQwTMjY7tWgk94uWhFMHXfkdogLDO3eA2HKApPLjfzBTv0fqmej692UXsqD9ZUB7LJnHyeZaAssNf8yWaeuESuvRzD0WatGQI25KBmM8ArABLCSstXWA-AEA5AGAaAGTYAHjq6XzAKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNzM1NDA0NzIxNTE4NTQwN4AKA5gLAcgLAYAMAbATk6KXDdATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotd_Q7x-rLK9TJIeqnFPpwA%26sig%3DAOD64_1aUCvKh611_8v-XxKWrRTuD5gpuA%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BqTeriv55WctoljCT0w43-o0d_ZwNUIrgiNTwYAjbT1TH8SopuhzSs0K-7lKkfcbuuxd69TIQVWPadJ3S-kQJnzhRpklpmv9riBdO3XmHC6RZZLJQ5S5o1Bltgp67snp-L5f3vChumSePgLrw-kaL81C_4MA%26cry%3D1%26dbm_d%3DAKAmf-Co87VLPVLYLe3RJPOabt5BE6GzIp0yDHHGjduJ8ulYfpyiKdDSSarp4ZjZikAzVcm0E7MudB7XX2ddHDBPChGKDsnSrMycx2NpCrDCufSWa0t8DCUkrKYS0qLxFIpzKT6KUiZkB8w-lcBUuAB3mhOaT0vgH0MDtYut4U81FQmKXiT9d5CrBhhjtAOu35Nkb-EhtZqlJU7izOXhz7QKgb9IIdVMNaiahjHyEjPwktNC1IrLNnyahy-mHJwt1waMLHi63tA8BBfVl81xA-ByuzUxA85k_K7XYiDEmCNb_g5Vstooj7xEDTpuqL9iEYZYCwhMxkacgcr1rujRrLJu8yVp_X1vE5J_3x7G_LH0oDoIRNNRZdG9Cx-FmDU_dcKcFzNu7gySuFD5Ias_efH7qqBB6xWDXpCFq2I5-csYoxr3TxcLemfCFMHfLQKrh443apmWQiEZo8JRRXXYtJbPLwhNk9mJuw%26adurl%3D&e=0&ord=1636340074088981&ifrm=-1&ebaddid=$$[Device_Advertising_ID_MACRO]$$&z=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=Zt1MHnxmdEdJcWpJT0hUdmtYc21oeVRuOWUwTjZkcUFwUFNXS1VHbExVbDBBQ0liMDM4SG13UkdlQUVncUk2WVZMUVVwc1VFUkpkYk8xUTJBQlF4enBvTU16RVlleEUvNVRISDlsckUxdHdVNEl1bFQvdVc1UWRzbm5sM3R5WmVEU0xsdytuLy9nZ3Z2MHl1RVhrVUF6YWt4cHhucDZGQjhGbktSeThIckcxUEVLdGpMSUplTjBiNGZ0dHBUMmFyZERPOVY4RnZMWGN1RXhtckRCa1pLZXR2ZUlDVzkwdUFBWGVmL1ZpSjFoalMza0xPbFZkY014TEhxeTFxNlpWMlViaXpyU3YzZHVuNU9mM3oycVRHbXhlK2V4Q1pveDlzSFlSU3FDQnBXZjgzdGxpWT18&cppv=2

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __ez string| __sellerid string| __ez_nid object| __advertiserRule object| ezasVars boolean| ezhbopt object| __ezaps string| __ezapid string| schain_domain function| getAmazonSlotById function| ezapsFetchBids object| apstag object| __banger_pmp_deals object| _ebcids number| ezobv function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById function| ezSetTargetingFromMap object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| __ez_fad_fastd object| __ez_fad_fastdiv object| __ez_fad_fastslots object| __ez_fad_viewslots object| __ez_fad_instaslots object| ezslit_run object| __ez_fad_divs object| __ez_fad_divsd number| __ez_fad_vw number| __ez_fad_vh number| __ez_fad_count function| __ez_fad_invisible function| __ez_fad_position function| __ez_fad_fast function| __ez_fad_csnt boolean| __ez_fad_haspo function| __ez_fad_rdy function| __ez_fad_docht function| __ez_fad_vpht number| __ez_fad_doc_ht number| __ez_fad_vp_ht boolean| __ez_fad_hascp object| ez_ad_units object| ezslots object| ezsrqt object| __ez_fad_divpos object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezoibfh object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd function| __ez_fad_gpt function| __ez_fad_pb function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did number| _ez_fad_vw string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL object| ezomash function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosethbbids function| ezoSyncToDfp function| ezoGetDFPSlot function| ezGetSlotViewedTime function| formatBid function| adjustHbValues function| ezorefgsl function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux function| _ez_TOS_TrackEvent function| ezocfol number| netStartTime function| hashCode function| ezogetrqbykey function| ezorqs function| ezorqe function| _fEzDt object| _ezImgFmt object| metricNameMap function| ezlogVital object| _qevents object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| ES6Promise function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| loadCSS object| ezLazySizesConfig object| ezLazySizes object| webVitals object| mdb number| uidEvent function| ScrollStatus function| Cookies function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| myLazyLoad object| geolocation_feedback function| getLocation function| gotoPosition function| showError function| gtag object| dataLayer boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| __ez_fad_ezpbinit object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __allBidders function| __ez_tkn_evnt function| __ez_fad_scroll number| __ez_fad_scrollint function| __ez_fad_chkpos object| ezRBA function| __ez_addAllListeners number| indexKey undefined| __ez_dims object| ggeac object| google_js_reporting_queue object| google_tag_manager object| __cfBeacon number| ezodomstart number| ezoIint function| uglipop boolean| apstagLOADED object| google_tag_data string| GoogleAnalyticsObject function| ga function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state object| ezslot_interstitial boolean| success object| ID5 object| perf_vals object| ezslot_0 object| ezslot_2 number| i3 object| googleToken object| googleIMState function| processGoogleToken object| head object| style number| google_unique_id object| GoogleGcLKhOms boolean| ezowwinit object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages number| ezouspvv string| slotElName object| parts object| slots string| slot string| slot_key

144 Cookies

Domain/Path Name / Value
.weather-us.com/ Name: ezoadgid_217360
Value: -1
.weather-us.com/ Name: ezoref_217360
Value:
.weather-us.com/ Name: ezosuigeneris-0
Value: 05ada125c1959e87f1b776c96da0ffc1
.weather-us.com/ Name: ezoab_217360
Value: mod1-c
.weather-us.com/ Name: active_template::217360
Value: pub_site.1636340068
.weather-us.com/ Name: ezopvc_217360
Value: 1
.weather-us.com/ Name: ezepvv
Value: 1265
.weather-us.com/ Name: ezovid_217360
Value: 315614937
.weather-us.com/ Name: lp_217360
Value: https://www.weather-us.com/
.weather-us.com/ Name: ezovuuidtime_217360
Value: 1636340068
.weather-us.com/ Name: ezovuuid_217360
Value: c69d948c-1fa5-4b32-5ab3-ebd8ca2fc4f0
.weather-us.com/ Name: ezCMPCCS
Value: true
www.weather-us.com/ Name: ezouspvv
Value: 0
.weather-us.com/ Name: weather_cookie
Value: 2372139|250|36|en
www.weather-us.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.weather-us.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.weather-us.com/ Name: _ga
Value: GA1.2.1495726912.1636340069
.weather-us.com/ Name: _gid
Value: GA1.2.536134134.1636340069
.weather-us.com/ Name: _gat_gtag_UA_87677018_1
Value: 1
.quantserve.com/ Name: mc
Value: 61889165-1a71a-3e9e6-0748d
.weather-us.com/ Name: __qca
Value: P0-13203061-1636340069083
www.weather-us.com/ Name: ezux_lpl_217360
Value: 1636340069118|3d5fe4f9-55ef-4de4-7d11-11004cbab96f|false
.amazon-adsystem.com/ Name: ad-id
Value: A3F7hosNZ0TCgWaLt3NmQ6Y
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 2785380007497343404
.sharethrough.com/ Name: stx_user_id
Value: 3acc04dc-6acc-40a8-b9a4-8e176d1d0775
.lijit.com/ Name: ljt_reader
Value: 9e86f09c58a336b2de16f41b
.3lift.com/ Name: tluid
Value: 13858035297628960634
.gumgum.com/ Name: vst
Value: u_4f43a9e4-d451-482f-b069-3220fe9f0b02
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjKxVLIyNDM2NzWxNDOz1FEyM0PlGxmj8i3Q1BsaIfNrAab4EKk%3D
.yieldmo.com/ Name: yieldmo_id
Value: g10c2658912f7d41b8e9%7C1636340069397%7C0%7C
.casalemedia.com/ Name: CMID
Value: YYiRZdANBuf1s7HSHga2JgAA
.casalemedia.com/ Name: CMPS
Value: 3880
.bidswitch.net/ Name: tuuid
Value: 99c6a788-b1f4-4cbd-ac73-0be497015616
.bidswitch.net/ Name: c
Value: 1636340069
.bidswitch.net/ Name: tuuid_lu
Value: 1636340069
.casalemedia.com/ Name: CMPRO
Value: 149
.casalemedia.com/ Name: CMST
Value: YYiRZWGIkWUA
.outbrain.com/ Name: obuid
Value: af4dc590-b817-4848-9c18-e438da5effc2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D9291E4C-8D31-4382-A60D-4AA6D4E8E034
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1637539200%3A201_197%7C1636934400%3A164%7C1636416000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1637539200%3A22_220_21_13_54%7C1636934400%3A2
.acuityplatform.com/ Name: auid
Value: 620839977313
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQE+Py5/I7SYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBPj8ufyO0j3RoaXJkUGFydHlVc2VySWRXOWU4NmYwOWM1OGEzMzZiMmRlMTZmNDFi+/uGdmVyc2lvbsL7
.openx.net/ Name: i
Value: 333bdb1e-9984-4e7b-a683-12f346a371fe|1636340069
.zemanta.com/ Name: zuid
Value: mKM72fsJRhk3SaY0DUq5
.contextweb.com/ Name: V
Value: 5mWlCotForN0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1acl|7TZ.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1f0805ebdacbdca8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYiRZQAAApSoXQAz
.mathtag.com/ Name: uuid
Value: 8b666188-9165-4600-960d-59187982b791
.emxdgt.com/ Name: uid
Value: 66581636340069510964b9
.ipredictive.com/ Name: cu
Value: 31405679-403f-11ec-87b2-63f22605595d|1636340069506
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1313797a-a5c9-41a8-4ccd-1b38aed22b39.ayzLF2omj7LPQdsL7oxmdBhEWurxpTCw17FfL3KJYzk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-1313797a-a5c9-41a8-4ccd-1b38aed22b39%24ip%2487.101.95.204.ZbtkrPp%2B4blWseNlaAXX%2BFmKtpDaYPhartgxNDEuoXw
.adsrvr.org/ Name: TDID
Value: 8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
.simpli.fi/ Name: suid
Value: 7EDEAC6C997F4AECA88DCAAAA501CD64
.emxdgt.com/ Name: apn_id
Value: 2785380007497343404
.33across.com/ Name: 33x_ps
Value: u%3D1690046945666%3As1%3D1636340069536%3Ats%3D1636340069536
.technoratimedia.com/ Name: tads_uid
Value: 851E40D473E44DD399FF4BFBE8E09D55
.technoratimedia.com/ Name: tads_uid_cd
Value: 20211107215429-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.deepintent.com/ Name: CDIUSER
Value: di_b0f40b6ac50d41d7a4512
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjS3NDQ2Nzc0NjW1MLQ0MjAxNRXiM9QNTnc3t_AvKnA0S86Q4jU0MzYzNjEwMLM0NTcGAHmIrOA0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjS3NDQ2Nzc0NjW1MLQ0MjAxNRXiM9QNTnc3t_AvKnA0S84AAEmj2FQlAAAA
.ads.yieldmo.com/ Name: ptran
Value: 2785380007497343404
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxmbGJgYGZpammwSgyZb24MAOYJCtggAAAA
.id5-sync.com/ Name: id5
Value: 73259669-0e27-3957-b506-14493670de8a#1636340017970#2
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: _ljtrtb_12
Value: 2785380007497343404
.lijit.com/ Name: _ljtrtb_66
Value: 620839977313
.lijit.com/ Name: _ljtrtb_49
Value: oxxSsH4fKVcB
.ads.yieldmo.com/ Name: ptrstk
Value: ExN5eqXJQahMzRs4rtIrOVdlX8w
.360yield.com/ Name: tuuid
Value: ed2029f1-53ff-4c45-9263-0bac84caeb2e
.360yield.com/ Name: tuuid_lu
Value: 1636340069
.ads.yieldmo.com/ Name: ptrpp
Value: 5mWlCotForN0
.tynt.com/ Name: uid
Value: gKyCTWGIkWUGjxGfHOHbKw==
.ads.yieldmo.com/ Name: ptrt
Value: 8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1636340069647%7D%5D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005%22%7D
.adform.net/ Name: C
Value: 1
.owneriq.net/ Name: si
Value: Q6896264691444520069
.owneriq.net/ Name: p2
Value: cc
.adform.net/ Name: uid
Value: 6809213772414941253
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YYiRZQAAApSoXQAz&KRTB&22978-YYiRZQAAApSoXQAz&KRTB&23194-YYiRZQAAApSoXQAz&KRTB&23209-YYiRZQAAApSoXQAz
.pubmatic.com/ Name: PugT
Value: 1636340069
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&KRTB&22918-8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&KRTB&23031-8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27
.rlcdn.com/ Name: rlas3
Value: heaSyRk9W96igLYJpabfLw3VC8FqZD4HwCdzighQTME=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bded5dca-ff8f-429d-b414-24662c4e43c9-005%22%7D
.creativecdn.com/ Name: u
Value: UZ1J5wYKCKHKQGHSpdLF
.creativecdn.com/ Name: ts
Value: 1636340069
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:7EDEAC6C997F4AECA88DCAAAA501CD64
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEIEELg-BHHljPna6z0GMn0A&KRTB&22987-CAESEIEELg-BHHljPna6z0GMn0A&KRTB&23025-CAESEIEELg-BHHljPna6z0GMn0A
.rlcdn.com/ Name: pxrc
Value: COWioowGEgUI6AcQABIFCOhHEAA=
.dotomi.com/ Name: DotomiTest
Value: 3a8c7e4fe951120a
.yahoo.com/ Name: A3
Value: d=AQABBGWRiGECEGtgdImTuzFwTQpmobgEOfoFEgEBAQHiiWGSYQAAAAAA_eMAAA&S=AQAAAuDtBMkRo4loqyx-PS-gj-w
.tapad.com/ Name: TapAd_TS
Value: 1636340069794
.tapad.com/ Name: TapAd_DID
Value: 12785609-8d33-4da7-a7a9-3660d41c8a0f
.analytics.yahoo.com/ Name: IDSYNC
Value: 190u~21eq
.outbrain.com/ Name: bdswch
Value: 99c6a788-b1f4-4cbd-ac73-0be497015616
.rubiconproject.com/ Name: khaos
Value: KVQ2MMK6-15-ANX7
.pippio.com/ Name: did
Value: azOp93sJm1cGQFml
.pippio.com/ Name: didts
Value: 1636340069
.pippio.com/ Name: nnls
Value:
.casalemedia.com/ Name: CMRUM3
Value: 1f6188916505a0&276188916527608f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27&396188916527601791377135581920455&f16188916505a0&c3618891652760av-acc16193-471c-4596-9da9-73c8bf8722e7&2d618891652760CAESENs0ok4d71ambkVACUK0Uzo&e6618891652760&416188916505a0AAAGaE9i-ZOb1QMnPkeaAAAAAAA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7490
pool.admedo.com/ Name: tuuid
Value: 34fb4add-557d-4046-a194-9ac38e1ad026
pool.admedo.com/ Name: c
Value: 1636340069
pool.admedo.com/ Name: tuuid_lu
Value: 1636340069
.turn.com/ Name: uid
Value: 2737178857735877580
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2737178857735877580
.pippio.com/ Name: pxrc
Value: COWioowGEgQIAhAAEgYI3awrEAA=
.ads.yieldmo.com/ Name: ptrbsw
Value: 99c6a788-b1f4-4cbd-ac73-0be497015616
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsInO3t36ObkToQBRIXCghwdWJtYXRpYxILCOKu6OCjm5E6EAUSFAoFdGFwYWQSCwjoq57lo5uROhAFGAEgASgCMgsInvnjkbqbkToQBTgBWgc4aDl1MTFoYAI.
.mathtag.com/ Name: mt_mop
Value: 9:1636340070
.socdm.com/ Name: SOC
Value: YYiRZcCo8YwAAC3mQWEAAAAA
.rubiconproject.com/ Name: audit
Value: 1|Qv1z1IIKp+gqpBgdr0G/T5PEAzhAohPPjDMaplnv6QW2eQz4CLCq6/wCqBlBqahGTgZQJs6HVS/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.krxd.net/ Name: _kuid_
Value: Od_yYgG9
.doubleclick.net/ Name: IDE
Value: AHWqTUndGMiUzlQj5XpFG0ZOawgmhcBgAiJuUeKrTW2BeQsQg_TITys_z9YxEYzfoF0
.weather-us.com/ Name: __gads
Value: ID=b37501380f57a3b0:T=1636340069:S=ALNI_MbNdTk2MewuuS5KoMXZYJUizCfGfQ
.mediarithmics.com/ Name: mics_vid
Value: 22319410907
.mediarithmics.com/ Name: mics_uaid
Value: web:1:ac395926-853b-46de-9dde-869e69575cf2
.mediarithmics.com/ Name: mics_lts
Value: 1636340070484
www.weather-us.com/ Name: ezouspva
Value: 1
.360yield.com/ Name: um
Value: !313,nwBc8fKUu0NVvKgMYibeFNXKkBCbG1YR-73vWr1Q5RmpTYuMY50N5elcs0fSS7EV6qoW42oYB9j-xfXU,1644116070
.360yield.com/ Name: umeh
Value: !313,0,1698548070,-1
.bidswitch.net/ Name: google_push
Value: AYg5qPL3BaaryC-cuphq98lq2OVil7FrXWCUmK8PpcPW-NoO9aHVdzHIju3WZn1jeVGDFlwD-CImPOSuEZdpIRHDB65nFEUjB7g
.blismedia.com/ Name: b
Value: 61889166AF5CAE5DE3A3F34BBLIS
.adkernel.com/ Name: ADKUID
Value: A8908708685674982044
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A8908708685674982044
.bidr.io/ Name: bito
Value: AAC4X07DESMAABMq88SAvw
.bidr.io/ Name: bitoIsSecure
Value: ok
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: 3pi
Value: 2#1636340018299#-1791383510#2785380007497343404|18#1636340019171#-602565118|3#1636340018421#809171347#8b666188-9165-4600-960d-59187982b791|916#1636340019270#1938865769|264#1636340018521#66514687#8f0b9e4c-fd87-43ac-a5e8-c9b5ac9a2a27|155#1636340019429#1452458988#AAC4X07DESMAABMq88SAvw|796#1636340019530#1914433538
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: SPugT
Value: 1636340071

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://id5-sync.com/c/457/796/1/8.gif?puid=31405679-403f-11ec-87b2-63f22605595d&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://www.weather-us.com/
Message:
The resource https://go.ezodn.com/hb/dall.js?b=amx,criteo,gumgum,ix,medianet,onetag,pulsepoint,triplelift,unruly&cb=195-2-30 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYiRZdANBuf1s7HSHga2JgAAAJUAAAAB&google_push=AYg5qPJbye0mLKZd9cA5A8CdIX0FWxoyeJ58F4N0TmncCP4DOU9uSsZvDLOKk5yqizdFvFDnfSxEfUeJrkPs797unVoii3rUi17c&google_cver=1&google_gid=CAESELVhPGZF-uBKE5Ck1zTFPi0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLJaSitkhKfDdptjgDfvbchB4onDEW2qlep7_XUEVeC2laNMJ2PrZT2TSwXibchpEWwb90QYG86NVffyDfy8_PCSx9TeiY&google_hm=6c880aeaed90cadedd7e05b35fff59f3
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://gum.criteo.com/syncframe?topUrl=www.weather-us.com#{%22optout%22:{%22value%22:false,%22origin%22:0},%22uid%22:{%22origin%22:0},%22sid%22:{%22origin%22:0},%22origin%22:%22publishertag%22,%22version%22:105,%22lwid%22:{%22origin%22:0},%22tld%22:%22weather-us.com%22,%22bundle%22:{%22value%22:%2220-LgF9iVHVodHVBV2lvRFFXYnhGWnpMRzhMTHNvRWd5M2E2c1ZwNXF5NThsVVRsUGNEb09mRmV0TU1XV1doRnh4Z2xFM0RWcEV5djNJdkFHQjBrT2hTViUyRnJGQzdmajAzSmhRcEdpVThEWCUyQjhtRUFsUGdTekN2NXg4UVN3ZTJoQmlub2w%22,%22origin%22:3},%22topUrl%22:%22www.weather-us.com%22,%22cw%22:true,%22ifa%22:{%22origin%22:0},%22lsw%22:true}
Message:
Access to fetch at 'https://mug.criteo.com/sid?cpp=Zt1MHnxmdEdJcWpJT0hUdmtYc21oeVRuOWUwTjZkcUFwUFNXS1VHbExVbDBBQ0liMDM4SG13UkdlQUVncUk2WVZMUVVwc1VFUkpkYk8xUTJBQlF4enBvTU16RVlleEUvNVRISDlsckUxdHdVNEl1bFQvdVc1UWRzbm5sM3R5WmVEU0xsdytuLy9nZ3Z2MHl1RVhrVUF6YWt4cHhucDZGQjhGbktSeThIckcxUEVLdGpMSUplTjBiNGZ0dHBUMmFyZERPOVY4RnZMWGN1RXhtckRCa1pLZXR2ZUlDVzkwdUFBWGVmL1ZpSjFoalMza0xPbFZkY014TEhxeTFxNlpWMlViaXpyU3YzZHVuNU9mM3oycVRHbXhlK2V4Q1pveDlzSFlSU3FDQnBXZjgzdGxpWT18&cppv=2' (redirected from 'https://gum.criteo.com/sid/json?origin=publishertag&domain=weather-us.com&sn=ChromeSyncframe&so=3&topUrl=www.weather-us.com&bundle=20-LgF9iVHVodHVBV2lvRFFXYnhGWnpMRzhMTHNvRWd5M2E2c1ZwNXF5NThsVVRsUGNEb09mRmV0TU1XV1doRnh4Z2xFM0RWcEV5djNJdkFHQjBrT2hTViUyRnJGQzdmajAzSmhRcEdpVThEWCUyQjhtRUFsUGdTekN2NXg4UVN3ZTJoQmlub2w&cw=1&lsw=1') from origin 'https://gum.criteo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mug.criteo.com/sid?cpp=Zt1MHnxmdEdJcWpJT0hUdmtYc21oeVRuOWUwTjZkcUFwUFNXS1VHbExVbDBBQ0liMDM4SG13UkdlQUVncUk2WVZMUVVwc1VFUkpkYk8xUTJBQlF4enBvTU16RVlleEUvNVRISDlsckUxdHdVNEl1bFQvdVc1UWRzbm5sM3R5WmVEU0xsdytuLy9nZ3Z2MHl1RVhrVUF6YWt4cHhucDZGQjhGbktSeThIckcxUEVLdGpMSUplTjBiNGZ0dHBUMmFyZERPOVY4RnZMWGN1RXhtckRCa1pLZXR2ZUlDVzkwdUFBWGVmL1ZpSjFoalMza0xPbFZkY014TEhxeTFxNlpWMlViaXpyU3YzZHVuNU9mM3oycVRHbXhlK2V4Q1pveDlzSFlSU3FDQnBXZjgzdGxpWT18&cppv=2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2578640da93bfd71ea64d023b0095fde.safeframe.googlesyndication.com
33across-match.dotomi.com
a.rfihub.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
ap.lijit.com
atemda.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.va.us.criteo.net
csync.loopme.me
de.tynt.com
demand.trafficroots.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
go.ezodn.com
go.ezoic.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
js-sec.indexww.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
match.taboola.com
medianet-match.dotomi.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pb-server.ezoic.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
red.erne.co
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.adriver.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
visitor.fiftyt.com
weather-us.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.weather-us.com
x.bidswitch.net
cm.g.doubleclick.net
fw.adsafeprotected.com
id5-sync.com
mug.criteo.com
104.18.100.194
104.36.115.109
104.36.115.113
104.65.247.96
107.178.246.49
107.178.254.65
107.20.192.231
108.168.159.145
124.146.215.44
129.159.70.95
142.251.32.98
142.251.40.226
147.75.38.124
149.56.26.32
15.197.193.217
151.101.130.49
151.101.65.44
162.254.186.187
162.55.6.211
172.105.232.22
172.98.26.125
173.231.178.81
174.137.133.49
18.204.86.180
18.208.71.32
18.210.218.247
184.29.132.212
184.29.133.6
184.29.133.72
184.50.205.90
185.167.164.39
185.184.8.65
192.35.249.120
195.5.165.20
198.148.27.134
198.148.27.139
199.127.204.142
199.187.193.181
199.187.193.193
199.38.167.129
2001:4998:14:800::1001
207.198.113.176
23.192.31.127
23.208.216.24
23.23.88.115
23.50.66.244
23.50.75.217
23.92.190.74
2600:1f18:444a:4680:5b76:7408:bdd4:1592
2600:1f18:4e9:5a07:7acd:b606:a0b6:34
2600:1f18:612b:4200:9a2f:8341:7f9b:9de
2600:9000:2105:bc00:6:44e3:f8c0:93a1
2600:9000:2105:e000:2:cb38:840:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:bd1
2606:4700:3031::6815:29fd
2606:4700:3031::6815:496e
2606:4700:3033::ac43:cdb1
2606:4700::6810:135e
2606:4700::6810:5814
2606:4700::6810:5f41
2606:4700::6812:d05
2606:ae80:1450:15::1720
2606:ae80:1450:16::2100
2607:f8b0:4006:807::200a
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4023:1404::9a
2620:100:a001::4
2620:100:a001::c
2620:109:c002::6cae:a0e
2620:112:f002:bbbb::21
2620:116:800b:21:559e:e8a8:8a19:7f11
2620:1ec:c11::200
2a04:4e42:600::300
3.128.164.252
3.215.189.212
3.218.90.66
3.95.114.14
34.107.148.139
34.117.239.71
34.194.25.101
34.200.88.28
34.204.64.181
34.206.96.27
34.225.172.55
34.96.105.8
34.98.107.212
34.98.64.218
35.169.48.117
35.190.113.31
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.210.53.219
35.211.118.13
35.211.178.172
35.211.233.246
35.212.101.174
38.27.122.158
38.67.14.233
38.91.45.7
44.193.191.16
44.195.153.149
45.35.192.162
46.105.202.126
50.16.141.46
51.222.39.186
51.79.83.225
51.89.21.10
52.223.22.214
52.4.244.165
52.46.130.91
54.175.176.13
54.210.14.23
54.211.161.228
54.219.152.118
54.84.15.237
54.84.77.52
54.89.57.117
63.251.86.50
64.202.112.159
65.8.197.2
67.202.105.23
67.202.105.33
68.67.179.77
69.173.151.100
69.90.254.78
70.42.32.95
74.119.119.129
74.119.119.139
74.119.119.149
74.119.119.150
74.121.140.14
8.2.111.121
8.28.7.109
8.28.7.83
8.28.7.84
81.222.128.215
99.84.114.16
012200130163b83a065decd7fadce5f66f53aa01a6d479a2045cbf5f56a26346
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
04d9df077ab87f4460cfabfe4c4d0525db46c0c2197ec1f6e56b89ee69eec363
052579673d96ad574716854898fb6bba575e1ec5bde41eac28028408ca7e004c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06e3755ccc6fdaf6fa2e39feb08259ddca154d93ef919ff13d958e5a9d8a13c2
079749576b7b570a05b859cd859d5a92952f7cb3f68de4f3bbfe7d2b3431ba1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1045f8de706d9c4fd02715691730a3474207212364771ea15f366c3f81f78aad
1157e5ceb886381a8cecf1650cdba519e9abd370450e55c626b277f036417ae6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fcc9618ffc8e5844b74749f8331e56f791e5efb434f6bc95e2534c4f79dbd3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b7891bfcf7345d3de0a160ce88395fb9fc01b9c82c6a6a0dea24fe5db9252db
1c733809a15b6fd666d9c4e02e6fbf1382e73b5fbbba07d4cf8c5f33046c035a
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
204b6a9d47419ba8dddf9d28d188a229d885d703e614e90004c467197a9ff303
2078feb70f1dd631eee10ecb19d825b665383b545023b5b73acd5e2b194e2841
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
236cf608ad71b4b998b98ae7567fc81aab74f9b86caeb2cbfee77db3eccb1b8a
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
29902e58b5c35a9d7359ffd55f1e0d2e961e95466754433cdf8981e7263e65c5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f5dbd7e3b226bde177d13cc5bf1a693a46794805a1f2ae18acd12b9c7de2717
314b423bd9d48f1a5e51079dcc83ee6eecad1a276f1ce928fb3454debc9192b8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ab7601ba2118cea8b5a30787fdbf130fd26d619705f699ba838f9072c70469
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3bf52dd37091b459cb892524dafa14e39594406aea17d5f157d85ac70e944586
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f837576363b4db837a9602c15f95f8a25c28efd10a6c93f44bc171fceecc14
4774d67af96daaca25b73f3072ac0c9168145eac4baea5ede56f0b4bc4b5165a
480152f805d808c5ad00c023745fda46556c88b93b4eb3d22e2faa23835abe82
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4cbef60c84c3a9eb0a7c19ff1dd410c37dcbac51c28c1f65550af4646ded4b98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5090e21e77e760e0fdf4caa005a55c7fc7f152a1b87add1afd8bffb25618d2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
51cf452076b681728e1993ae184c7ae424201372265eae0404287054bc99ed78
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560736f6b71577b7ce3fc8f7b3b6662a7c8c7ecaa5177950d278cc29cfb072e3
56a56a0f43adef1acd89668bc23f7dce756898642139fcf99c7d23ad9846d4e4
597596bafb71f426b48dcb8395494adfb25454ba5dff21655ec52c16b25c4499
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
638b6624ab5df37876824e872e08f7555ffa44373b85dc9b71b5044763e470a9
6622c23da94231c74eead1e272ccf546fb07f702dede288e9c01684c691d9e52
67b9627ade2a742e1a99b928ee21ee6977e4db00f55482cafc6929b76741ccbf
6866ab0fbc2d9aa53cd8c9233d3cc6ba2729d94cab57258f689927075961901a
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc4dc0e965cf32146b0ec116e3f816b02201238c5b77fb569175a4f4e2b2712
6de355c79c0d5e8d4c373e4b79a36d59aacca27ecc8c5cbd2e3191ab2871c440
6e88c120a7ece25d960dc24e0e770120611ee5f854effb0cdf344ee7f7f69ea1
71855e2d9e249b85247d1a45e3e138cd0c06a0d2ddfd53a7380a180bfda43a37
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
77dca85fdd22dce0e64348859651b12b8b2317250d821bc756c7aee04600b7a7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aaf963aeec4eae8b6c7555128ec7610a0a8b219c6926a8bb98ca06630178e51
7aeb78b465c12b559de6332855e66d480a8e8d8120d3705a67ccbc63971316e2
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7dc036d1cf00bbe9057ee39d715c0fcb8b023d28731b853b6559e15657a0de09
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805399367df09e2b8ff7cd92cf2e32395e9b146199a5dcd38d9ac94e1d8092fa
817f06c96a24322d481d939bcfe42bda0b5d6e6d60fed74e3cd327325bc0d9dc
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86cd4675fc079eef51155e2ea020a2b8535e2601fb851eedba6ed42675dfd868
8adebcb7022c7e1373b496a7ecf9ca5933dea51519fae02d2165583d86e449a0
8bd132e22ac3a0c3cdf4929fce5802ba69c6078dad69b05d4f6df3fa257a9ac0
93c82ccc39b7e17f1dc209bb315850ce50de6d22967ad754c13405030530bf5b
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
9822f2322eb498794f2b2908c6d3928116eed36e50b80d6e22ec32e1b49881cb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4fd18a833f9f946c365cda52ab99611ac7fa1e24250bda7e67fa1c62cf2959
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b1eef22bc3a54781f20e42e336a387b50837b64e6913c6192441d24c93cf563d
b41c7d662f71f0fa5e93052c53e8fdc01c1e4c40114e5b9d8ee74026f2364a48
b659a71ed1f046d0c48213346001294485687300e61b5f91f1b733e75da15105
b67229a898b0464fde474b8a6966da4dfe548cbe445df2120080333eeb40d37f
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
ba05479353595e7b5b95df4218a9483cae816fddb5cd943c8d361f49f52bab71
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbc44e5ebb0694e2faa4b84737dc33d6b8fa9d0eaa8b5f63ac3537130cb07bf
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bf3a8b9e64e11117664d4ba2ff6a3a110d3b2c1dd8811deb69562c38b13bd86e
c003b66f6e6bfc85740a44018d95208ebec057503d4371d889ce9346a05754cc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2f143a4a7a89a9f986fbc1ca5dbf2696e46dd29a1fadf3116c90486c36b3019
c4d6e6fb7df77ee7bb952b880eed6b1ab9a2593c8525d3a1342c0fd9661653a5
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbeffefe20cffd7e735b9304062d4d689a4e07db8b77a7746c50d36ae83dc2d8
cc3662d59dc02e7a992f8da286146a1b0825d81ca1a9ebaf041a0f080606b0e5
cdecb6992f7d6fcde7f2228297762720a12293340a0fa6827e79aae6013925cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d62a1005ebb91853d8fd2a38512e000f2b6139c97eb1d0e08fdbe3748253b115
d6b0333fc7c632062ed5b5d228f6af483ac7ac1b06a7703908ab434c5606e766
d900c4b1d6455457067835a006261bc7117ca24493d7b7153c3bc31a0cc0820a
dcd43629b63b1680087c336a5e356e5e02e84979836e5aa4a9ee2cec644bfd82
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5c16bf284d1c80ded4f99ea13441acd6683a54c9fff580a6d74e09831dd397
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4
eabc94fc6e6135f976a9a48c6925071e95206ae866fce161824218894aafbe94
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ed14f4bf32c654e56e2691089b4bd954be71dba372c41a77bf2ec76c8afbf8de
ed68221ed719c295927c8acca2cfea320ed0f003e5d9dcfc1947360525eb1177
ee11333ba68c52a046b0f4c557ec466c4766a10f2e8f0267d70aa53009680229
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d8e91173532eeac7817dba09f77b718c0ef7ebcbeef3cad9e3071b379f283b
f87f7d71f86d1a3c0f6a58bac7c587402de05e381198e0c3bdbda5ff1c41b374
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f8f9a55a217714df5081bfd701f447d6f626f42d618e8232f1d65d06146b57cb
fc4f44122a173725d8ba66d29452c62cca073865e4c1510021214bd0d51fc152
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fda287f35d99f6b7b265d15c8bcb838baf24bc72d559ceb070784e1ea0ac3de5