930kmpt.com Open in urlscan Pro
192.229.233.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://930kmpt.com/
Effective URL:
https://930kmpt.com/
Submission: On August 08 via api (August 8th 2021, 3:29:02 am UTC) from US

Summary HTTP 180 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 73 IPs in 10 countries across 67 domains to perform 180 HTTP transactions. The main IP is 192.229.233.160, located in United States and belongs to EDGECAST, US. The main domain is 930kmpt.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 8th 2021. Valid for: 4 months.

This is the only time 930kmpt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	192.229.233.160 192.229.233.160	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
16	192.229.233.181 192.229.233.181	15133 (EDGECAST) (EDGECAST)
1	2600:9000:219... 2600:9000:2190:c600:0:b015:b300:21	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.35 13.224.96.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
1	52.207.40.92 52.207.40.92	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 5	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.195.223.2 18.195.223.2	16509 (AMAZON-02) (AMAZON-02)
7	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
1	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	13.224.96.105 13.224.96.105	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.57.38.203 52.57.38.203	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	104.111.247.126 104.111.247.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	13.33.244.122 13.33.244.122	16509 (AMAZON-02) (AMAZON-02)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.96.37 13.224.96.37	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
11 14	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 3	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:6c00:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	3.124.93.74 3.124.93.74	16509 (AMAZON-02) (AMAZON-02)
5 7	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
10	54.235.253.176 54.235.253.176	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.159.140.98 18.159.140.98	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
7 7	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 7	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.166.11 3.127.166.11	16509 (AMAZON-02) (AMAZON-02)
2 3	52.17.150.98 52.17.150.98	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
180	73

18 192.229.233.160 (United States) 1 redirects

ASN15133 (EDGECAST, US)

930kmpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.229.233.181 (United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:c600:0:b015:b300:21 (United States)

ASN16509 (AMAZON-02, US)

dbejeqv8nk3po.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-35.zrh50.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.218 (United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.40.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-40-92.compute-1.amazonaws.com

embed.air.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn-sp-s3.air.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.223.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-223-2.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

townsquaremedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-105.zrh50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.38.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-38-203.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.247.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.244.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-244-122.hel50.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.34 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.233 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6c00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.93.74 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-93-74.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.244 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.235.253.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-253-176.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.140.98 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.216 (United Kingdom) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.81 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.135.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-135-160.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.166.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-166-11.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.150.98 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-150-98.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.63 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	pubmatic.com 17 redirects hbopenbid.pubmatic.com ads.pubmatic.com image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com image6.pubmatic.com simage2.pubmatic.com Failed simage4.pubmatic.com	37 KB
19	doubleclick.net 11 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	116 KB
18	930kmpt.com 1 redirects 930kmpt.com	409 KB
16	townsquare.media townsquare.media	729 KB
12	undertone.com hb.undertone.com cdn.undertone.com usr.undertone.com	5 KB
10	openx.net 1 redirects townsquaremedia-d.openx.net eu-u.openx.net us-u.openx.net	3 KB
8	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	6 KB
7	consensu.org cdn.conversant.mgr.consensu.org api.conversant.mgr.consensu.org	182 KB
7	3lift.com 1 redirects tlx.3lift.com eb2.3lift.com	4 KB
7	gumgum.com g2.gumgum.com rtb.gumgum.com	7 KB
6	google-analytics.com www.google-analytics.com	19 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	facebook.com www.facebook.com	494 B
5	adsrvr.org 2 redirects match.adsrvr.org	2 KB
5	facebook.net connect.facebook.net	239 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	37 KB
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	adform.net 2 redirects c1.adform.net	1 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	1 KB
3	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com ssum-sec.casalemedia.com	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	google.com apis.google.com www.google.com	22 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	896 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	solutionshindsight.net static.solutionshindsight.net	23 KB
2	youtube.com www.youtube.com	43 KB
2	media.net prebid.media.net contextual.media.net	8 KB
2	google.de www.google.de	214 B
2	fastclick.net secure.cdn.fastclick.net	19 KB
2	clean.gg i.clean.gg	104 B
2	air.tv embed.air.tv cdn-sp-s3.air.tv	103 KB
2	indexww.com js-sec.indexww.com	14 KB
1	simpli.fi um.simpli.fi	609 B
1	criteo.com dis.criteo.com	360 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	464 B
1	quantserve.com 1 redirects pixel.quantserve.com	499 B
1	admanmedia.com 1 redirects cs.admanmedia.com	413 B
1	scorecardresearch.com sb.scorecardresearch.com	2 KB
1	media6degrees.com action.media6degrees.com	231 B
1	dstillery.com 1 redirects action.dstillery.com	254 B
1	btloader.com btloader.com	11 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	rackcdn.com 2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com	62 KB
1	dotomi.com proc.ad.cpe.dotomi.com	619 B
1	googlesyndication.com pagead2.googlesyndication.com	49 KB
1	teads.tv a.teads.tv	245 B
1	sonobi.com apex.go.sonobi.com	772 B
1	serverbid.com e.serverbid.com	165 B
1	kargo.com krk.kargo.com	674 B
1	rlcdn.com api.rlcdn.com	218 B
1	townsquareblogs.com cdn.production.townsquareblogs.com	93 KB
1	googletagservices.com www.googletagservices.com	25 KB
1	sharethrough.com native.sharethrough.com	70 KB
1	net. dbejeqv8nk3po.cloudfront.net.	37 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	tapad.com Failed pixel.tapad.com Failed
0	digitaloceanspaces.com Failed serverbid-sync.nyc3.cdn.digitaloceanspaces.com Failed
180	67

	Domain	Requested by
18	930kmpt.com	1 redirects 930kmpt.com dbejeqv8nk3po.cloudfront.net.
16	townsquare.media	930kmpt.com dbejeqv8nk3po.cloudfront.net.
14	cm.g.doubleclick.net	11 redirects dbejeqv8nk3po.cloudfront.net. eu-u.openx.net eb2.3lift.com
10	usr.undertone.com	cdn.undertone.com ads.pubmatic.com
7	image4.pubmatic.com	5 redirects ads.pubmatic.com
7	image8.pubmatic.com	7 redirects
7	ib.adnxs.com	4 redirects cdn.production.townsquareblogs.com eb2.3lift.com
6	eb2.3lift.com	1 redirects dbejeqv8nk3po.cloudfront.net. eb2.3lift.com
6	www.google-analytics.com	930kmpt.com www.google-analytics.com
5	image2.pubmatic.com	5 redirects
5	eu-u.openx.net	dbejeqv8nk3po.cloudfront.net. eu-u.openx.net
5	www.facebook.com	dbejeqv8nk3po.cloudfront.net. 930kmpt.com
5	g2.gumgum.com	cdn.production.townsquareblogs.com
5	match.adsrvr.org	2 redirects js-sec.indexww.com eu-u.openx.net eb2.3lift.com
5	connect.facebook.net	dbejeqv8nk3po.cloudfront.net.
4	us-u.openx.net	1 redirects eu-u.openx.net
4	x.bidswitch.net	3 redirects
4	cdn.conversant.mgr.consensu.org	dbejeqv8nk3po.cloudfront.net. cdn.conversant.mgr.consensu.org
4	fonts.gstatic.com	fonts.googleapis.com
3	pixel.onaudience.com	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	match.prod.bidr.io	2 redirects eu-u.openx.net
3	ups.analytics.yahoo.com	3 redirects
3	sync.mathtag.com	3 redirects
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	c.amazon-adsystem.com	dbejeqv8nk3po.cloudfront.net. c.amazon-adsystem.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	sync.crwdcntrl.net	2 redirects
2	d5p.de17a.com	2 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	prod.perf-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	pixel.advertising.com	2 redirects
2	eus.rubiconproject.com	cdn.undertone.com eus.rubiconproject.com
2	ads.pubmatic.com	dbejeqv8nk3po.cloudfront.net. ads.pubmatic.com
2	rtb.gumgum.com	dbejeqv8nk3po.cloudfront.net.
2	static.solutionshindsight.net	dbejeqv8nk3po.cloudfront.net.
2	www.youtube.com	dbejeqv8nk3po.cloudfront.net.
2	platform.twitter.com	dbejeqv8nk3po.cloudfront.net.
2	securepubads.g.doubleclick.net	dbejeqv8nk3po.cloudfront.net. www.googletagservices.com
2	www.google.de	930kmpt.com
2	www.google.com	930kmpt.com
2	secure.cdn.fastclick.net	930kmpt.com dbejeqv8nk3po.cloudfront.net.
2	i.clean.gg	dbejeqv8nk3po.cloudfront.net.
2	www.instagram.com	1 redirects 930kmpt.com
2	js-sec.indexww.com	930kmpt.com dbejeqv8nk3po.cloudfront.net.
1	simage4.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	pixel.quantserve.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	cs.admanmedia.com	1 redirects
1	pixel.rubiconproject.com	cdn.undertone.com
1	secure-assets.rubiconproject.com	1 redirects
1	secure.adnxs.com	1 redirects
1	cdn.undertone.com	dbejeqv8nk3po.cloudfront.net.
1	contextual.media.net	dbejeqv8nk3po.cloudfront.net.
1	sb.scorecardresearch.com	dbejeqv8nk3po.cloudfront.net.
1	action.media6degrees.com	930kmpt.com
1	action.dstillery.com	1 redirects
1	btloader.com	dbejeqv8nk3po.cloudfront.net.
1	www.googletagmanager.com	dbejeqv8nk3po.cloudfront.net.
1	syndication.twitter.com	platform.twitter.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com	930kmpt.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	pagead2.googlesyndication.com	dbejeqv8nk3po.cloudfront.net.
1	a.teads.tv	cdn.production.townsquareblogs.com
1	prebid.media.net	cdn.production.townsquareblogs.com
1	hbopenbid.pubmatic.com	cdn.production.townsquareblogs.com
1	tlx.3lift.com	cdn.production.townsquareblogs.com
1	apex.go.sonobi.com	cdn.production.townsquareblogs.com
1	hb.undertone.com	cdn.production.townsquareblogs.com
1	townsquaremedia-d.openx.net	cdn.production.townsquareblogs.com
1	e.serverbid.com	cdn.production.townsquareblogs.com
1	krk.kargo.com	cdn.production.townsquareblogs.com
1	htlb.casalemedia.com	cdn.production.townsquareblogs.com
1	cdn-sp-s3.air.tv	dbejeqv8nk3po.cloudfront.net.
1	api.rlcdn.com	js-sec.indexww.com
1	platform.instagram.com	1 redirects
1	apis.google.com	930kmpt.com
1	embed.air.tv	930kmpt.com
1	cdn.production.townsquareblogs.com	930kmpt.com
1	www.googletagservices.com	930kmpt.com
1	native.sharethrough.com	930kmpt.com
1	dbejeqv8nk3po.cloudfront.net.	930kmpt.com
1	fonts.googleapis.com	930kmpt.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	pixel.tapad.com Failed
0	serverbid-sync.nyc3.cdn.digitaloceanspaces.com Failed	dbejeqv8nk3po.cloudfront.net.
180	97

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.losttrail.com
www.seizethedeal.com
publicfiles.fcc.gov
www.townsquaremedia.com

Subject Issuer	Validity	Valid
www4.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-08` - `2021-10-26`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-09` - `2021-10-26`	7 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-09` - `2021-10-27`	5 months	crt.sh
*.air.tv Amazon	`2021-07-18` - `2022-08-16`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-06-19` - `2021-09-17`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn-sp-s3.air.tv R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
e.serverbid.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.undertone.com Amazon	`2020-11-03` - `2021-12-02`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
cdn.conversant.mgr.consensu.org R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
solutionshindsight.net Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2020-03-31` - `2022-06-06`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-06` - `2021-10-06`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2020-11-18` - `2021-12-18`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://930kmpt.com/
Frame ID: 443C9F47D87C36CE98FFD5EECEF9A569
Requests: 120 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2F930kmpt.com
Frame ID: 5E08FC1D0241B09A69B04DDCAEDE248B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A6DAEACBA174F4F6E085D86447AD61F7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 62205E1ADB882DA62D0ED021932F50A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: FDED9509931F269A63EF2F5E65C1A37F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=
Frame ID: D22E7F32B178C50A4A29B4A09BC8D262
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Frame ID: 185A1DE21E5B8DA1E2263683E82D60E0
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A1C39C14EAC9189400BA4EE7CDFB347A
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FD889623C33E94AEFB826F03DCE9CA41
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: A0ACF8CC8FA4C2E069C0D8EB4543A556
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: F383A00CCED3AF6F37A76DB17236FEC8
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 398971951FD264AFE819FC8C46EBDCE1
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPKmRo3PKmRo3AXADAENBmCgAAAAAH_AAAAAAAAQTAJMNS-gC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXAAAAA.YAAAAAAAAAAA&d=https://930kmpt.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 534707CD8CF9BF8100C9B4D7385E9CC8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Frame ID: 84ADE82D0BCAE8D0816FD21D33D4DA97
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Frame ID: E0FDC804D07BA062CED3F0FAB3EAD91B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4E6BDC2B09521AD123E00B1EB5B4D547
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://930kmpt.com/ HTTP 301
https://930kmpt.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

180
Requests

97 %
HTTPS

30 %
IPv6

67
Domains

97
Subdomains

73
IPs

10
Countries

2668 kB
Transfer

7481 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/930kmpt
Title: INSTAGRAM

Search URL Search Domain Scan URL

URL: http://www.losttrail.com/
Title: Lost Trail Powder Mountain

Search URL Search Domain Scan URL

URL: https://www.seizethedeal.com/deals/four-class-sweatcycle-punch-pass-from-the-sweat-shop?utm_campaign=sitewidget&utm_medium=website&utm_source=139&d=d

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/kmpt
Title: Public File

Search URL Search Domain Scan URL

URL: http://www.townsquaremedia.com/
Title: Townsquare Media

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://930kmpt.com/ HTTP 301
https://930kmpt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 105

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 121

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=

Request Chain 125

https://sync.serverbid.com/ss/2000775.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Request Chain 128

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9FXifx8ljXVgbsBd9ihbQ1UCq2O6ObaA1n3CeA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9FXifx8ljXVgbsBd9ihbQ1UCq2O6ObaA1n3CeA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/8/2.gif?puid=b5123249-0e28-4d7e-a272-e97e89efb3a1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F7%2F3.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1 HTTP 302
https://id5-sync.com/c/441/487/7/3.gif?puid=ed363edb-9f70-4276-8409-6a89a74dc926&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/6/4.gif?puid=b237379a090e1ca967a861910d28d02c&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/101/5/5.gif?puid=cdef7ad9-826d-4ac7-ae7b-dfe776072222&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 129

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=8997836919010231883

Request Chain 130

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 131

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8997836919010231883

Request Chain 132

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=81d819ed-772b-046b-1cc5-1302d7500ef5

Request Chain 133

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-22ukjyhE2uH38kS2S3syUkc0DqjZCkHa~A~UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a

Request Chain 134

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4064679e-c42b-4863-98e4-8ca857c45aaf&ttl=1630985326

Request Chain 136

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c8f9cdb7cb99bffd79c16d4217a9bc47cf7271e

Request Chain 137

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDgwMDlBNTktMzRBQy00QTg0LTgwMDYtQTFBNEVGMEMzRDIx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Request Chain 140

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=uKPvvLSY1Mczuu5

Request Chain 141

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=a7639098-8dd5-4fca-afbc-99d0b9ceebc8&ssp=openx&user_group=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7b20bef4-4536-445b-bd50-ef1abfc58c2c

Request Chain 142

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8997836919010231883

Request Chain 143

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdVowN0NIcDhBQUZtOXQxWk9NUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 144

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=32ca610f-4f6e-4500-92f8-8dd02d3ac741

Request Chain 145

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=b2EqFW02LBZ0MnlDP2Q3Sm8yKRZ0ZihGa2U5RWLw

Request Chain 146

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=423370009886033464

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3&google_tc=

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-jz744EjHwlC3mJdoCOy4&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPeADpPSXtDgHoqWRY0Zs4g&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 152

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzEyNzg1Nzk4NDk4NzMyNDY2Mg%3D%3D

Request Chain 154

https://pr-bh.ybp.yahoo.com/sync/triplelift/7127857984987324662?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sgrAOO5E2oTxLZc0D27ZyTPjiPurCiweu4Ot87F3LA--~A&dongle=0883

Request Chain 155

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8997836919010231883&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 156

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7127857984987324662 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7127857984987324662&dcc=t

Request Chain 157

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 161

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4687951747761239121 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EFWHDqCETVqK3i-EabOwdw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 164

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32ca610f-4f6e-4500-92f8-8dd02d3ac741

Request Chain 165

https://pixel.onaudience.com/?partner=214&mapped=1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b237379a090e1ca967a861910d28d02c HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=4064679e-c42b-4863-98e4-8ca857c45aaf&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=e4aa3df174f6e0d9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd665faab8c&zcluid=e4aa3df174f6e0d9&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEG4VMrIanAl37lq9X2Lpq98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd665faab8c&zcluid=e4aa3df174f6e0d9&zdid=1332

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTA1NTg3MEUtQTA4NC00RDVBLThBREUtMkY4NDY5QjNCMDc3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIp60qugmIIyyEHAWFLiME0&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Request Chain 169

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=0&gdpr_consent=

Request Chain 170

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=423370009886033464

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4064679e-c42b-4863-98e4-8ca857c45aaf

Request Chain 172

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8997836919010231883&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Request Chain 174

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UWfwA.FE2uVZar3ja0ZWzqxNMERYCtU-~A&gdpr=0&gdpr_consent=

Request Chain 175

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b20bef4-4536-445b-bd50-ef1abfc58c2c&gdpr=0&gdpr_consent=&gdpr_pd=

180 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
930kmpt.com/
Redirect Chain

http://930kmpt.com/
https://930kmpt.com/

58 KB
14 KB

390ms
299ms

Document
text/html

192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

0fb0bfede4f6c469ed8a416a596f63676c7c86547463982400af9cca57f74d19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: 930kmpt.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr-source=DK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 0
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 08 Aug 2021 03:28:41 GMT
etag: W/"e7bb-gi4S0aJzcI8kswNCc40xJA"
expires: Sun, 08 Aug 2021 03:28:40 GMT
gdpr-source: DK
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: MISS
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 2988716475
content-length: 13877

Redirect headers

Cache-Control: no-cache
Content-Type: text/html
Date: Sun, 08 Aug 2021 03:28:41 GMT
Expires: Sun, 08 Aug 2021 03:28:40 GMT
gdpr-source: DK
Location: https://930kmpt.com/
Server: nginx
Set-Cookie: gdpr-source=DK
X-Frame-Options: SAMEORIGIN
Content-Length: 178

GET
H2 200 base.css
930kmpt.com/styles/desktop/ 520 KB
113 KB 31ms
31ms Stylesheet
text/css 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F713) / Express

Resource Hash

f2fdb2edb2efa261b3054b84e1c632cf28597b4266ee677db7eb170ee00cf82b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
pragma: no-cache
cookie: gdpr-source=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29938
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 115778
last-modified: Fri, 06 Aug 2021 13:59:14 GMT
server: ECS (ska/F713)
etag: W/"8210e-SM1LAO1qJcCayaByBJ6O3A"
x-frame-options: SAMEORIGIN
x-varnish: 2033184483
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Sun, 08 Aug 2021 03:28:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88202b7d4aa0af217e4e1a913095f30ed7e4f29777632db674cb740f3e052f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 02:27:20 GMT
server: ESF
date: Sun, 08 Aug 2021 03:28:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 900
date: Sun, 08 Aug 2021 03:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 08 Aug 2021 05:13:41 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 125ms
31ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F710) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 28704
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 20:12:19 GMT
server: ECS (ska/F710)
etag: W/"119a-16d93407ae3"
x-frame-options: SAMEORIGIN
x-varnish: 2036224770 2033406436
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:40 GMT

GET
H2 200 script.js Show response
dbejeqv8nk3po.cloudfront.net./ 111 KB
37 KB 54ms
14ms Script
application/javascript 2600:9000:2190:c600:0:b015:b300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c600:0:b015:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7a90656e029a7ed801ac897a6661d9b3c2dfb11cccf2a6d971462c95ad24ecd

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:06 GMT
content-encoding: gzip
last-modified: Fri, 06 Aug 2021 16:43:38 GMT
server: AmazonS3
age: 396
etag: W/"3b32f47a4841d128b18a6ed4620c9e8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: e_RM2ugZ3vPaJK3Zdn_jMnnMCfHfUfR3LvKJ3APQbA_Au9HpOAtXLg==

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 255 KB
70 KB 140ms
57ms Script
application/javascript 13.224.96.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-35.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f835e998c429b43b3cb2c4ab9d0b675c2fe5062072b2c14146e4664acfe6ce7

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 18:27:37 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"1c9499f644da46abff1572f35f5601b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: XTM9kwPg6z_vdzBvXz9gpcF827KiM3gIBAcVMkmYX1M0mJn9YGDWZA==
expires: Thu, 05 Aug 2021 19:27:35 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "952 / 362 of 1000 / last-modified: 1628287704"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24935
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H/1.1 200
OK 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 598ms
526ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:28:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Aug 2021 03:26:13 GMT
Server: Apache
ETag: "763590-930b-5c903d4a28a47"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12790
Expires: Sun, 08 Aug 2021 04:28:42 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 310 KB
93 KB 669ms
530ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d4bf26e6de45bb6bbbc6b60f5ed39d73d36ae97c9b28d177a4fb492537f8a79d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-powered-by: Express
x-cache: MISS
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 95345
access-control-allow-origin: *
server: nginx
etag: W/"4d82d-jD1Kc6ruqwh0afgWgrrXsQ"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-varnish: 2038408151, 2038408149
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 twoview_bootstrap.js Show response
embed.air.tv/v1/ 3 KB
2 KB 392ms
139ms Script
text/javascript 52.207.40.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.air.tv/v1/twoview_bootstrap.js?organization=AQIWQ5-rSHOajREf3hV1Fg
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.40.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-40-92.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 6888f8900b031e8d6936059a87e4ab9b16d3378c0d969fc7140973c22afef330

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding
access-control-allow-methods: GET, PATCH, POST, PUT, DELETE, OPTIONS
content-type: text/javascript
access-control-expose-headers: Authorization,Location
cache-control: max-age=0, private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
22 KB 68ms
44ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z41aoSaiQP8SW8x7Z5QGUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-z41aoSaiQP8SW8x7Z5QGUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

13ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 19:08:01 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Sun, 08 Aug 2021 03:28:42 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 256.png
townsquare.media/site/121/files/2021/01/ 42 KB
42 KB 65ms
62ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/121/files/2021/01/256.png
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F6FE) / Express
Resource Hash: 1826ba540ce8f27c2dd8f6cdc16d32df1bd16fe0dfc827c404b7ab004464390e

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 varnish
age: 16621569
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 43259
last-modified: Wed, 27 Jan 2021 16:47:56 GMT
server: ECS (ska/F6FE)
x-varnish: 663164548
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/png
expires: Sun, 08 Aug 2021 03:28:41 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 191ms
126ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://930kmpt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sun, 08 Aug 2021 03:28:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 cogitoergosum Show response
930kmpt.com/rest/high/api/ 128 B
476 B 148ms
147ms XHR
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/rest/high/api/cogitoergosum

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

13aaaacb1e7c2518f6eccbcdf38ea1ecd040cd79a8763f0fb611c99401a9b5f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://930kmpt.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: gdpr-source=DK; abgroup=A
content-length: 323
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 08 Aug 2021 03:28:41 GMT
etag: W/"80-L0Gr7BZlgzYOHx+x0aN9WA"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DK
x-device: desktop
set-cookie: cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; Max-Age=1800; Path=/; Expires=Sun, 08 Aug 2021 03:58:41 GMT connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; Path=/; Expires=Tue, 07 Sep 2021 03:28:41 GMT; HttpOnly
vary: Accept-Encoding
content-length: 128
expires: Sun, 08 Aug 2021 03:28:40 GMT

GET
H2 200 cmp.bundle.js Show response
townsquare.media/public/resources/js/ 185 KB
46 KB 34ms
31ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/cmp.bundle.js

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F70E) / Express

Resource Hash

9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 33853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 46582
last-modified: Mon, 26 Oct 2020 18:28:53 GMT
server: ECS (ska/F70E)
etag: W/"2e534-175662b957a"
x-frame-options: SAMEORIGIN
x-varnish: 2037821955 2032489755
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 123ms
35ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Sun, 08 Aug 2021 03:43:42 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 129ms
129ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-19114803-9&cid=1515879848.1628393322&jid=336348920&gjid=1113548838&_gid=702454023.1628393322&_u=aGBAgAADAAAAAE~&z=511500944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-19109753-1&cid=1515879848.1628393322&jid=1239727759&gjid=1335442476&_gid=702454023.1628393322&_u=aGDAgAADAAAAAE~&z=1833504982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-19114803-8&cid=1515879848.1628393322&jid=1571334979&gjid=469600686&_gid=702454023.1628393322&_u=aGDAgAADAAAAAE~&z=325247402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1159602285&t=pageview&_s=1&dl=https%3A%2F%2F930kmpt.com%2F&ul=en-us&de=UTF-8&dt=930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAD~&jid=336348920&gjid=1113548838&cid=1515879848.1628393322&tid=UA-19114803-9&_gid=702454023.1628393322&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Fri%20Nov%2017%202017&cd6=11%3A55&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&did=i5iSjo&z=1151019902

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 06:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74909
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
13ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1159602285&t=pageview&_s=1&dl=https%3A%2F%2F930kmpt.com%2F&ul=en-us&de=UTF-8&dt=930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=1239727759&gjid=1335442476&cid=1515879848.1628393322&tid=UA-19109753-1&_gid=702454023.1628393322&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Fri%20Nov%2017%202017&cd6=11%3A55&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&did=i5iSjo&z=1183201515

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 06:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74909
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1159602285&t=pageview&_s=1&dl=https%3A%2F%2F930kmpt.com%2F&ul=en-us&de=UTF-8&dt=930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=1571334979&gjid=469600686&cid=1515879848.1628393322&tid=UA-19114803-8&_gid=702454023.1628393322&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Fri%20Nov%2017%202017&cd6=11%3A55&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&did=i5iSjo&z=295509933

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 06:40:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74909
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-19114803-9&cid=1515879848.1628393322&jid=336348920&_u=aGBAgAADAAAAAE~&z=273871257

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-19114803-9&cid=1515879848.1628393322&jid=336348920&_u=aGBAgAADAAAAAE~&z=273871257

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-19109753-1&cid=1515879848.1628393322&jid=1239727759&_u=aGDAgAADAAAAAE~&z=286946151

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
15ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-19109753-1&cid=1515879848.1628393322&jid=1239727759&_u=aGDAgAADAAAAAE~&z=286946151

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021080301.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 136ms
69ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 08:37:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116108
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 89 B
739 B 192ms
67ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=930kmpt.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

49cd7994fafd4471f20547092f846f6620e79b9298f555b15e3b367fb82f262a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 134ms
47ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:17 GMT
content-encoding: gzip
server: Server
age: 324
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
x-amz-cf-id: qvebXJOwOBzZ3F_qQP9s_BnDNt7_hqlPVmHSRj6jpv5dLV8dyfcwyw==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:28:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6713)
Age: 431
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9bb68845e5283036af883c68c3a342a7aa423749e1e0d814e99a70c0f8af1770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uA1mlQoORmQoxb2dP7yC0w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 0NNMY/dATy0sB4zV6GqlyX5GCnSi/K6iHAmxFUEOzMIyajn931BKBfcxhTaxbail8smzgqJV+twMNuzhczQrqA==
x-fb-trip-id: 686109401
x-fb-content-md5: 256e7606fa78729d7b04d2a751c35249
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:28:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d7cba569a5df53bb0ff2d14d7c46c3d9"
timing-allow-origin: *
expires: Sun, 08 Aug 2021 03:33:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: cmNmkwf8jh7knBi50dYTfR6KgOj+79V9MqyOqRZVoEUioLIaobozHENB/8vWfGxyJNmwUxFK6KTX4MCRgo7w9g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:28:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 kmptam-bg.jpg
townsquare.media/site/121/files/2017/11/ 90 KB
90 KB 79ms
79ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/121/files/2017/11/kmptam-bg.jpg
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71C) / Express
Resource Hash: 0eaec000f47b9ddf25cd78b03d12fae99c5d572b3537988b69da421dfda5cf40

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 varnish
age: 21542330
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 91868
last-modified: Wed, 06 Nov 2019 21:30:42 GMT
server: ECS (ska/F71C)
x-varnish: 2910271706
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 instagram-icon.png
930kmpt.com/public/assets/img/nav/ 9 KB
9 KB 31ms
31ms Image
image/png 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://930kmpt.com/public/assets/img/nav/instagram-icon.png
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F712) / Express
Resource Hash: 64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e

Request headers

:path: /public/assets/img/nav/instagram-icon.png
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 930kmpt.com
referer: https://930kmpt.com/styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/styles/desktop/base.css?ver=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 varnish
age: 21546210
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 9483
last-modified: Thu, 03 Oct 2019 21:28:36 GMT
server: ECS (ska/F712)
etag: W/"250b-16d938652cb"
x-varnish: 2910271716 2909610214
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/png
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 31.jpg
930kmpt.com/public/assets/weather/bgs/ 223 KB
223 KB 70ms
69ms Image
image/jpeg 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://930kmpt.com/public/assets/weather/bgs/31.jpg
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D66) / Express
Resource Hash: 2c7900d95a9afb295efa723f1b7933e3a833a55d34e9cbd2a1b669aff10990d4

Request headers

:path: /public/assets/weather/bgs/31.jpg
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 varnish
age: 17762309
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 228195
last-modified: Wed, 30 Dec 2020 02:10:34 GMT
server: ECS (lcy/1D66)
etag: W/"37b63-176b16944bd"
x-varnish: 1589662272 1582635337
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 31.svg
930kmpt.com/public/assets/weather/icons/ 2 KB
1016 B 63ms
63ms Image
image/svg+xml 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://930kmpt.com/public/assets/weather/icons/31.svg
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D75) / Express
Resource Hash: 7a227e1f85fcc6c3bdbf5cbd1bb1c10ecfdc873e2ad91601a6cf7af339dfa97d

Request headers

:path: /public/assets/weather/icons/31.svg
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
age: 17721171
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 890
last-modified: Wed, 30 Dec 2020 02:10:28 GMT
server: ECS (lcy/1D75)
etag: W/"850-176b1692b55"
vary: Accept-Encoding
x-varnish: 1589662311
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/svg+xml
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://930kmpt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 401321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://930kmpt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 464538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://930kmpt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 00:57:00 GMT
x-content-type-options: nosniff
age: 441102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 00:57:00 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Origin: https://930kmpt.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://930kmpt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:52:56 GMT
x-content-type-options: nosniff
age: 452146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:52:56 GMT

GET
H2 200 main.bundle.a2d027010274791a0b625aa4f2991b0c09f8ea6b.js Show response
townsquare.media/public/dist/desktop/ 1 MB
321 KB 31ms
30ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.a2d027010274791a0b625aa4f2991b0c09f8ea6b.js?mver=30&gver=3

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F712) / Express

Resource Hash

5f7018bc95727bb04a7d5e0bf9be5d09a9944b58a75db2e57e4dffa91cea087d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 28530
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 328819
last-modified: Tue, 03 Aug 2021 19:22:06 GMT
server: ECS (ska/F712)
etag: W/"1160c8-17b0d774a0d"
x-frame-options: SAMEORIGIN
x-varnish: 2033438309 2033436128
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H2 200 / Show response
930kmpt.com/ 75 KB
16 KB 280ms
280ms Fetch
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/?initialState=a2d027010274791a0b625aa4f2991b0c09f8ea6b

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

7ebbcb83b38e39351ffaf108a91413ee73887b9f9e18ce668481078b3ef2b893

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /?initialState=a2d027010274791a0b625aa4f2991b0c09f8ea6b
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
age: 0
x-powered-by: Express
x-cache: MISS
x-ua-device: desktop
x-device: desktop
content-length: 16127
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"12af7-7pK8RJOofB+PVc6eME3q4Q"
vary: Accept-Encoding
x-varnish: 2038408235
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Sun, 08 Aug 2021 03:28:41 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 229 KB
67 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b1f57da4291479a24d51cb7dcae75381

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b274ecb390dca4ade5d9cb21fb8c31e4b0190df32b54a583c7fdc30a110436b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://930kmpt.com
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5XJnc/kc1caB1J5E2Yuj8A==
cross-origin-resource-policy: cross-origin
expires: Mon, 08 Aug 2022 03:08:07 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68104
x-fb-rlafr: 0
x-fb-debug: DHzQI4qoeGv3Q4AtJaN9xhxm7m5+gMbKnVfWSY/2/Q517pCwLdBN/nMR/jT8rx51pj7WnCRzexSOzoPPMo2nyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 78488deb063adaeca617df57cb97e678
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 Aug 2021 03:28:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6d085e5d23342ea04a1473852d25ee21"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 631470830669776 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 471ms
470ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/631470830669776?v=2.9.44&r=stable

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d4845eff00850899ddab04d699c88b4f6986d3e079fa2d90ec1c7ed925871ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: lEjAJEyuYHO+2jKY4L4f6zHCZlbox7LEr3Yt3q9nMGOsFQobzgnNVtb6vZ/2Hwo5KirEK5T3NEQ4MRKXjjsU7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:28:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 5E08 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2F930kmpt.com
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://930kmpt.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 201565
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Aug 2021 03:28:42 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 36ms
36ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Sun, 08 Aug 2021 03:43:42 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
300 B 140ms
140ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2F930kmpt.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:42 GMT
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://930kmpt.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: 5mFLj77-4Iv3dRnd1SPeEPe77JQonsVurI8yKaOaUf2Zf5H8BWvPHg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 581ms
496ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:44 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: snQF0LENCOqBRatC5DwQw3KGQZms3EldBx5HG4YytZ0o5naCj-Zyaw==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 227ms
75ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: e32351edad3d2e0f43ad39ba2252cf26b1a80765385363b8d9f41c4e77ce3749

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://930kmpt.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 07 Sep 2021 03:28:43 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
218 B 125ms
58ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://930kmpt.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 twoview-1.0.js Show response
cdn-sp-s3.air.tv/airtv.js/v/2021-08-04_16-06-06/ 427 KB
101 KB 107ms
34ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sp-s3.air.tv/airtv.js/v/2021-08-04_16-06-06/twoview-1.0.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfddb634051dcc3dbf9bd40f94939244869b727f0e19a7dd41d072ef421736e4

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:06:54 GMT
server: AmazonS3
x-amz-request-id: TBQ9C6488FYQKTDK
etag: "368c3609134a7af0b934dec6eb4ecbd2"
x-hw: 1628393323.cds069.sk1.hn,1628393323.cds040.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 102962
x-amz-id-2: 9VMYX6l8shSEYQow8FJp+3HkuhJ66zAti+fljsv9+ol1bBQm8PI4HdW+40w+ZCuYmmiJ1YwNU6w=

POST
H2 200 cogitoergosum Show response
930kmpt.com/rest/high/api/ 128 B
335 B 155ms
155ms Fetch
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a08f135982e4c7b73034da0b592e1d5eed4836f0e3fbe058d980aa273a7d6bfd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://930kmpt.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
content-length: 315
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
etag: W/"80-okIeufK2H/rUuX+DwojxOQ"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DK
x-device: desktop
set-cookie: cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQzIEdNVCJ9; Max-Age=1800; Path=/; Expires=Sun, 08 Aug 2021 03:58:43 GMT
vary: Accept-Encoding
content-length: 128
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 chunk-15.08c265f08f6506fea3b1.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 39 KB
12 KB 31ms
31ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F715) / Express

Resource Hash

5076acf4979c9a4e892b5ab4452c038ba209241dd71397c135e3b4ce0c6431b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29939
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 11690
last-modified: Tue, 03 Aug 2021 19:22:06 GMT
server: ECS (ska/F715)
etag: W/"9a88-17b0d77494f"
x-frame-options: SAMEORIGIN
x-varnish: 2983510104
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 chunk-4.f079555344eee6385632.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 26 KB
8 KB 31ms
31ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-4.f079555344eee6385632.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F713) / Express

Resource Hash

7314a42447dd1f0119fe6f619651595a751ba3e0b8cd77a07dccec03f108885e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-4.f079555344eee6385632.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29939
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7752
last-modified: Tue, 03 Aug 2021 19:22:08 GMT
server: ECS (ska/F713)
etag: W/"669c-17b0d7752dc"
x-frame-options: SAMEORIGIN
x-varnish: 2033184774
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 chunk-31.740605bef5c7c934ce60.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 920 B
992 B 156ms
156ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-31.740605bef5c7c934ce60.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ad82034638b8f63ca7c67adb1e260b4c21c6308009e6697c6e4ee51048565596

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-31.740605bef5c7c934ce60.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 0
x-powered-by: Express
x-cache: MISS
x-ua-device: desktop
x-device: desktop
content-length: 920
last-modified: Tue, 03 Aug 2021 19:22:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"398-17b0d7749af"
vary: Accept-Encoding
x-varnish: 2038408333
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

POST
H2 200 cogitoergosum Show response
930kmpt.com/rest/high/api/ 22 B
85 B 144ms
144ms Fetch
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://930kmpt.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1
content-length: 196
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
etag: W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DK
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Sun, 08 Aug 2021 03:28:42 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1159602285&t=event&_s=1&dl=https%3A%2F%2F930kmpt.com%2F&ul=en-us&de=UTF-8&dt=930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blogroll&ea=impression&el=&_u=6GDAAAADAAAAAG~&jid=431588711&gjid=1792062135&cid=1515879848.1628393322&tid=UA-115003007-4&_gid=702454023.1628393322&_r=1&_slc=1&cd1=&cd2=n%2Fa&cd3=n%2Fa&cd4=no&cd5=no&did=i5iSjo&z=1551624682

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-1.934d06c0b88de1017a9f.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 984 B
1 KB 31ms
31ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F705) / Express

Resource Hash

84f48fdadd6dd953297ed92e921a09fbdb47db1838dc07de111c78408a5778e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1; _gat_UA1150030074=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 29939
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 984
last-modified: Tue, 03 Aug 2021 19:22:08 GMT
server: ECS (ska/F705)
etag: W/"3d8-17b0d77522b"
x-frame-options: SAMEORIGIN
x-varnish: 2033184777
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 chunk-2.039cb2d1580138db5062.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 4 KB
2 KB 32ms
32ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-2.039cb2d1580138db5062.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F709) / Express

Resource Hash

6fc994745da4b7037928f14423ce107f09e1f033a76b9dd0a98cd5492c21d206

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-2.039cb2d1580138db5062.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1; _gat_UA1150030074=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29939
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1501
last-modified: Tue, 03 Aug 2021 19:22:08 GMT
server: ECS (ska/F709)
etag: W/"e0f-17b0d7752cc"
x-frame-options: SAMEORIGIN
x-varnish: 2033184778
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 / Show response
930kmpt.com/internal-ad-api/ 581 B
394 B 339ms
339ms Fetch
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx /

Resource Hash

b4822ba57955b342e173ebd20137dae710d8c35dd991aa9fc89270552156e995

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQxIEdNVCJ9; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1; _gat_UA1150030074=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
age: 0
x-cache: MISS
x-ua-device: desktop
x-device: desktop
content-length: 340
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-varnish: 2038408335
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
368 B 198ms
126ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272476&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22182fa0e69ec1e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F930kmpt.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222d7b63bd6ff7c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236ee82277487ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240b300764dc84e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225d279576f42812%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226e040f272139dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222d7b63bd6ff7c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236ee82277487ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240b300764dc84e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 75fb5deca45d7408e30375a53bb20c089df71799f40675bd63f919c2d3330302

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[37.120.194.212], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://930kmpt.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 10
expires: Sun, 08 Aug 2021 03:28:43 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 728 B
1 KB 126ms
54ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

afed77056ce922b8d1bf704cbf44784226d833d0d0aaf3fa5173de338f182e24

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 08 Aug 2021 03:28:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.120.194.212; 37.120.194.212; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d4cf3197-125e-4f0d-9e3a-f45450653cdc
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://930kmpt.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
674 B 147ms
39ms XHR
application/json 18.195.223.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22f4301788-2db2-46cb-acfc-f6f4418effae%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1628393323198%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%221526a26c87df54f%22%3A%22_aDJRj7ybNG%22%2C%22168136e972d2e43%22%3A%22_aDJRj7ybNG%22%2C%2217eb479499a685%22%3A%22_aDJRj7ybNG%22%2C%2218aab7faadc5285%22%3A%22_wPlmCMrvTH%22%2C%22199d0147d5f4dcf%22%3A%22_wPlmCMrvTH%22%2C%2220a5f9d5249ee74%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%221526a26c87df54f%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22168136e972d2e43%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%2217eb479499a685%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%2218aab7faadc5285%22%3A%5B%5B728%2C90%5D%5D%2C%22199d0147d5f4dcf%22%3A%5B%5B728%2C90%5D%5D%2C%2220a5f9d5249ee74%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300a%22%2C%22transactionId%22%3A%2264ad67fb-119a-433f-95df-581b9a03f0ef%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%221526a26c87df54f%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%222892afb1-3b39-43d8-9d04-9ccebe71b21f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22168136e972d2e43%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%2234a24580-02b3-447a-b973-10865e1d5664%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2217eb479499a685%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%2230702b79-76ce-481f-8158-ac0c4f0ccd41%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2218aab7faadc5285%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22bf092a65-aab6-421e-9300-e5c472321c05%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%22199d0147d5f4dcf%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22dc684f3d-9aa4-4555-a550-f3b60a0c563d%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2220a5f9d5249ee74%22%2C%22bidderRequestId%22%3A%22141efdebcb1e9eb%22%2C%22auctionId%22%3A%22e07682fe-3c16-458f-932b-4d0ac296f1a1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2F930kmpt.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://930kmpt.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 209ms
94ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9149&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F930kmpt.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2F930kmpt.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b5c86d06ea620b54d5481c613cea785f52ea157c255f51437f171a4adf60cc62

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://930kmpt.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 206ms
91ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9150&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F930kmpt.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2F930kmpt.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7bd0c72cbeccb106ff20eb98677d61bcf487a550bab29d1b7f879ae5d653d22d

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://930kmpt.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 204ms
89ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9151&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F930kmpt.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2F930kmpt.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9f454102f64b0eff2018cd60296581c54402220507064eecd1eb82f8baa3cf2d

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://930kmpt.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 205ms
90ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F930kmpt.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2F930kmpt.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ad2779ed577debfe306cf39a7df2b33bdb56424d09faa59425bc66ec85e975de

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://930kmpt.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 204ms
90ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F930kmpt.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2F930kmpt.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d276e7850d00e1be7866b5dc12321b093363f7591eeaac543c8a8d269a2b0913

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://930kmpt.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
165 B 338ms
113ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://930kmpt.com
date: Sun, 08 Aug 2021 03:28:43 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 173 B
556 B 190ms
74ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F930kmpt.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=64ad67fb-119a-433f-95df-581b9a03f0ef%2C2892afb1-3b39-43d8-9d04-9ccebe71b21f%2C34a24580-02b3-447a-b973-10865e1d5664%2C30702b79-76ce-481f-8158-ac0c4f0ccd41%2Cbf092a65-aab6-421e-9300-e5c472321c05%2Cdc684f3d-9aa4-4555-a550-f3b60a0c563d&nocache=1628393323203&aus=300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C728x90%7C970x250&divids=tsm-ad-300a%2Ctsm-ad-300b%2Ctsm-ad-300c%2Ctsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%2C%2C%2C%2C%2C&auid=539829446%2C539829446%2C539829446%2C539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250%2C250%2C250%2C250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: d47b03372ebf10df6db15b03058462ac1050e89647bf53d0d1a384c29e96e1a6

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://930kmpt.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
446 B 235ms
147ms XHR
text/plain 13.224.96.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=930kmpt.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-105.zrh50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://930kmpt.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
x-amz-cf-id: NeN3_uFaXUq_Ye2ywqT5ua03kiF9N92uaA1-8sBHQ7G2zSFm87zyaQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 199 B
772 B 246ms
146ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22551451641858b3c%22%3A%2252385cf1a79895898f27%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%2C%2256d794b7a36d512%22%3A%22810bf2d7e35a61283050%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%2C%2257b5c84eec1bf9%22%3A%227fbd8d4749c511640249%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%2C%22582ec4c699301da%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%2C%22593b47914096a97%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%2C%22606742b0e583dbe%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FMissoula%2FKMPT%2Fhome%22%7D&ref=https%3A%2F%2F930kmpt.com%2F&s=554cdb44-606b-4fed-8de6-906a979e219f&pv=5a093747-8d4d-4980-ad61-79a47512926d&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1d67358f06c9dcc99b67787e06332b74636ff824aa6fa25468658ff23afabcee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:43 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://930kmpt.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 162
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 210ms
136ms XHR
application/json 52.57.38.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2F930kmpt.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.38.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-38-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2b8234dc2b9c24f7659082c4159c3b183bfe218e8e8672584f4e8d3ffd82dc0e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1367
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 223ms
145ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://930kmpt.com
date: Sun, 08 Aug 2021 03:28:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
449 B 267ms
198ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 606f409000d1782f020ea8c574e6f1e95c8bcc5e90f4d7750cb866e9c4ebec77

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
245 B 190ms
105ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=930kmpt.com&v=a2d027010274791a0b625aa4f2991b0c09f8ea6b&mver=30&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://930kmpt.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 08 Aug 2021 03:28:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 50ms
29ms Fetch
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 12364812339251644168
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 03:28:43 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 415 B
619 B 59ms
12ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=336
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://930kmpt.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 415
expires: Sun, 08 Aug 2021 03:58:43 GMT

GET
H2 200 attachment-GettyImages-1231358607-e1628185133633.jpg
townsquare.media/site/125/files/2021/08/ 14 KB
14 KB 32ms
31ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-GettyImages-1231358607-e1628185133633.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F70D) / Express

Resource Hash

b02663d1fa216a8de198b2e3ad20bd02613a404ea0f6eff3ccf1a4b30602e467

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 206873
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 13929
last-modified: Thu, 05 Aug 2021 18:07:26 GMT
server: ECS (ska/F70D)
x-frame-options: SAMEORIGIN
x-varnish: 2001804712 2001718834
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-Credit-Lane-Nordlund.jpg
townsquare.media/site/125/files/2021/08/ 5 KB
5 KB 33ms
31ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-Credit-Lane-Nordlund.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F70A) / Express

Resource Hash

26c2162ba1f53f2a7e34cb0549799c1a0c8183d0359c0003a38a3b9317659761

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 208920
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 5395
last-modified: Thu, 05 Aug 2021 17:25:15 GMT
server: ECS (ska/F70A)
x-frame-options: SAMEORIGIN
x-varnish: 2001296545
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 coronavirus21.png
townsquare.media/site/119/files/2021/01/ 64 KB
65 KB 37ms
35ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/119/files/2021/01/coronavirus21.png?w=300&q=75
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F708) / Express
Resource Hash: 0a66170ad591471a858261a27cfc92c721ce76513f791957d1b9c9c57ea31286

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 16450039
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 66001
last-modified: Fri, 29 Jan 2021 17:44:52 GMT
server: ECS (ska/F708)
x-varnish: 688974292
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/png
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-bigtimberprorodeo_107-e1628106224608.jpg
townsquare.media/site/125/files/2021/08/ 10 KB
10 KB 36ms
34ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-bigtimberprorodeo_107-e1628106224608.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F6FD) / Express

Resource Hash

af95f221f881732fcaee0882e97c0d95fb8bc70eb54ddc532b9b8b00ab5c648a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 280817
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10432
last-modified: Wed, 04 Aug 2021 20:08:17 GMT
server: ECS (ska/F6FD)
x-frame-options: SAMEORIGIN
x-varnish: 1988870316
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-GettyImages-1331350706-e1628100364356.jpg
townsquare.media/site/125/files/2021/08/ 11 KB
11 KB 33ms
31ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-GettyImages-1331350706-e1628100364356.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F70D) / Express

Resource Hash

74b9c729df7b1f4b030e9102e1991fa6030b82010ec81fa4832379962e3fa2b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 288545
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11515
last-modified: Wed, 04 Aug 2021 19:17:58 GMT
server: ECS (ska/F70D)
x-frame-options: SAMEORIGIN
x-varnish: 2937637328
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-GettyImages-1234217767-e1628010048441.jpg
townsquare.media/site/125/files/2021/08/ 19 KB
19 KB 35ms
34ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-GettyImages-1234217767-e1628010048441.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F714) / Express

Resource Hash

09d65ac2752d18df21cbbeaeda2952193f28c56d1e2627e6b3348d29b646d009

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 381968
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19680
last-modified: Tue, 03 Aug 2021 17:21:56 GMT
server: ECS (ska/F714)
x-frame-options: SAMEORIGIN
x-varnish: 2920361882
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-080221-BLS-Street-View-Credit-Google.jpg
townsquare.media/site/125/files/2021/08/ 9 KB
9 KB 35ms
33ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-080221-BLS-Street-View-Credit-Google.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F6FE) / Express

Resource Hash

650df3e3c9168d97f3fd18dadd180a2ab4e5f4a7620418be36fee198be4f542e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 466459
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 9436
last-modified: Mon, 02 Aug 2021 17:53:49 GMT
server: ECS (ska/F6FE)
x-frame-options: SAMEORIGIN
x-varnish: 1954387594
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-attachment-GettyImages-1330501959.jpg
townsquare.media/site/341/files/2021/08/ 17 KB
17 KB 38ms
37ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/341/files/2021/08/attachment-attachment-GettyImages-1330501959.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F70D) / Express

Resource Hash

5664a31fe1e0585a8cb913b233398371e00118c667640b61029f5540450abd04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 487785
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 17458
last-modified: Mon, 02 Aug 2021 11:58:25 GMT
server: ECS (ska/F70D)
x-frame-options: SAMEORIGIN
x-varnish: 2900507887 2900477850
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 attachment-Marnie-Russ-Polson-Fire-1-1.jpg
townsquare.media/site/125/files/2021/08/ 8 KB
8 KB 34ms
33ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/125/files/2021/08/attachment-Marnie-Russ-Polson-Fire-1-1.jpg?w=300&q=75

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F71D) / Express

Resource Hash

60733f2b65f486c24f492456b68ec33ca25cedee0caefc17a25c5e95260fd06e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 489970
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 8413
last-modified: Mon, 02 Aug 2021 11:21:42 GMT
server: ECS (ska/F71D)
x-frame-options: SAMEORIGIN
x-varnish: 2900116128
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 TSI_Promo.png
townsquare.media/site/1/wp-content/uploads/2016/03/ 49 KB
49 KB 32ms
32ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://townsquare.media/site/1/wp-content/uploads/2016/03/TSI_Promo.png?w=300&q=75
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F708) / Express
Resource Hash: e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 varnish
age: 21909211
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 50329
last-modified: Wed, 20 Sep 2017 17:43:47 GMT
server: ECS (ska/F708)
x-varnish: 2643430625 2609727224
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: image/png
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H/1.1 200
OK SpinClass2GIRESIZED.jpg
2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com/medias/58301/mini/ 62 KB
62 KB 216ms
56ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com/medias/58301/mini/SpinClass2GIRESIZED.jpg?w=300&q=75
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b4303542ae882cc36e21ba9fed85566ec4f4b7ae214b17c1cab9a3696d57f287

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:28:43 GMT
Last-Modified: Tue, 16 Apr 2019 18:56:00 GMT
X-Trans-Id: txda0d3712c0684b36bbd7c-00608df86fdfw1
ETag: 35fa61dc4281b5ad35795b3a91dd4555
Content-Type: image/jpeg
X-Timestamp: 1555440959.63484
Cache-Control: public, max-age=242101
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63562
Expires: Tue, 10 Aug 2021 22:43:44 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 54ms
42ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=2857663231154294&input_token&origin=1&redirect_uri=https%3A%2F%2F930kmpt.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: PHmFbRV8L4fpYn3+eW5MPoUNBA+pJcW0jrNfjU4Yw+uTzZBblWIBucSugmpqbPpXKOwIyic77Yolh81+Sw9zVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 Aug 2021 03:28:43 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://930kmpt.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
424 B 115ms
44ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2F930kmpt.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:43 GMT
X-AK-INITIAL-GEO: CC:[DK], RC:[], CN:[EU], CIP:[37.120.194.212], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://930kmpt.com
X-CS-CLIENT-GEO: 10
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 10
Expires: Sun, 08 Aug 2021 03:28:43 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33d28d9afb2e45cf17c816d20f4c9c786c0da2adddaaad3feed8da1689f772c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Sun, 08 Aug 2021 03:28:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
228 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2F930kmpt.com%2F&rl=&if=false&ts=1628393323315&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628393323313.1797549783&it=1628393322747&coo=false&rqm=GET

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 08 Aug 2021 03:28:43 GMT

POST
H2 200 cogitoergosum Show response
930kmpt.com/rest/high/api/ 22 B
85 B 146ms
145ms Fetch
application/json 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/rest/high/api/cogitoergosum

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://930kmpt.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1; _gat_UA1150030074=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQzIEdNVCJ9; _fbp=fb.1.1628393323313.1797549783; blingblocksession=1
content-length: 107
:path: /rest/high/api/cogitoergosum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
etag: W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DK
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Sun, 08 Aug 2021 03:28:42 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1159602285&t=event&_s=1&dl=https%3A%2F%2F930kmpt.com%2F&ul=en-us&de=UTF-8&dt=930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=1860166463&gjid=1241128855&cid=1515879848.1628393322&tid=UA-115003007-7&_gid=702454023.1628393322&_r=1&_slc=1&did=i5iSjo&z=1303010952

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://930kmpt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 318 KB
67 KB 119ms
36ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 160a189978d8d578dbaf912cefefd4125c5569a5d2a7167056fe4afbb6415a34

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 18:44:36 GMT
server: Apache
etag: "4f7ec-5c5876a375030-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 68538

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5E08 232 B
432 B 239ms
153ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=96f7898013213d6269d63dc29304a8e166fed380

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2F930kmpt.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 03:28:43 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 052d8b938533d45295f2c56425227109932115014d3764ddb1abf69ff06ab751
content-length: 166

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/be9c9f3b/www-widgetapi.vflset/ 126 KB
42 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4522695aeea16458299e979a71eaa29dff35b74807467acb9ef34fc86f355d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 02:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 2100
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42958
x-xss-protection: 0
expires: Mon, 08 Aug 2022 02:53:43 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 75 KB
21 KB 125ms
44ms Script
application/javascript 13.33.244.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-244-122.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 611dde88850f70c2fdb8d31f8910427125702e21738cba4b3b324115936213d4

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:25 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 19:33:12 GMT
server: AmazonS3
age: 520
etag: "6ab464720db2ca659ffe60893e8d8a83"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1360936ca0d2a8ac3134ac7c537d0e76.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
accept-ranges: bytes
content-length: 21477
x-amz-cf-id: vp6BajUAJdAHV_uDAo-ARnzqd7ShcbL4so36MisYuZV6t2kaYrVuJg==

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
290 B 142ms
61ms XHR
application/json 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.3.2&c=25638430154
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 21ad52f11ffd40241e74f3dfb2076b1bfacc8d4ce14b155cde20754788d72cf5

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-origin: https://930kmpt.com
date: Sun, 08 Aug 2021 03:28:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
37 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47c29fc80fd72c083c10536cd5efe4d932f88b58c041341824627c02e67a4d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37818
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Aug 2021 03:28:43 GMT

GET
H2 200 tag Show response
btloader.com/ 46 KB
11 KB 29ms
13ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8f93e7e95dcee9817424ab34f5d8c64ad35cbe0904a23bcf42ddadaa6e181e

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cf-ray: 67b5a800bfe14a6e-FRA
date: Sun, 08 Aug 2021 03:28:43 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 550
etag: W/"60b128d3b054b56e5344e9123c90a449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zqpRAOHTxehj8biYJrFzgaAV%2F64SIrqug4sm6Yxw8b3FBv6OGcp4w6rDhyRod3BCHEHnL%2Fnp5geZX%2BwcnyQRjkarvSXJZaS0d6w75UL4Pi4mp0QPiBJEc27ZH0JURwTUnF1bqzmFWr6Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24

5 B
231 B

121ms
120ms

Script
text/html

2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24
Requested by: Host: 930kmpt.com
URL: https://930kmpt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b5a80368c14e6d-FRA
content-language: en-US
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Sun, 08 Aug 2021 03:28:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KMPTAM&ncv=24
cf-ray: 67b5a8014e334e6d-FRA

GET
H3-29 200 613172405857271 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 568ms
568ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/613172405857271?v=2.9.44&r=stable

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44b6e12c5a670831b569338670cf07264f38eea15ddf19b7fa3123016797824e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: PgKgg2U1nxAUeK3TMmKyfsfvaXbG9ZWgRtWX+hNsp58t71mR4GVDSW/tJngmwRXaMSBzwzs3phRoEZmSAnut0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:28:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 OTMwa21wdC5jb20%3D Show response
static.solutionshindsight.net/assets/ 2 KB
1 KB 558ms
486ms Fetch
application/json 13.33.244.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/OTMwa21wdC5jb20%3D
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-244-122.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:45 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 15:53:45 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C1
etag: W/"53c8b086a9dcb1b5720c5d37f381c4df"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
content-type: application/json
x-amz-cf-id: t3jMMLDfcliFR7LSrL20kdZs_5e0skDPaLzZjx13Ef0rmUGcpwpdgA==
via: 1.1 6e524269fea3a56b0e037fecde237b37.cloudfront.net (CloudFront)

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 128ms
41ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:48 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 2mk6suu1YHdOtd1nzzQjSSe1YMgl_IqmzDhQC0AOTkuj9L9Vo3JGwQ==

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 31ms
31ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (ska/F711) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: B
date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 37339
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:34 GMT
server: ECS (ska/F711)
etag: W/"e26f-17880aead61"
x-frame-options: SAMEORIGIN
x-varnish: 2982167150
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:42 GMT

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 284 KB
36 KB 105ms
35ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9009e1bbdf947676af005fda0346cc988899c05c9f98225f2806ca4100da6f0

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 16:15:01 GMT
server: Apache
etag: "4714b-5c8d2389759da-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 36623

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
117 B 89ms
65ms XHR
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://930kmpt.com
date: Sun, 08 Aug 2021 03:28:43 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 289 KB
76 KB 37ms
37ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2d4b82db5678f0d8db66c3f3de0fc55ff36e549cbe8f2ddb7674a06983acf668

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 18:44:36 GMT
server: Apache
etag: "4828e-5c5876a375fd0-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 77499

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 36ms
36ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:43 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 18:44:36 GMT
server: Apache
etag: "f30-5c5876a377b28-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
116 B 62ms
62ms XHR
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://930kmpt.com
date: Sun, 08 Aug 2021 03:28:43 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
90 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=613172405857271&ev=PageView&dl=https%3A%2F%2F930kmpt.com%2F&rl=&if=false&ts=1628393324214&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1628393323313.1797549783&it=1628393322747&coo=false&rqm=GET

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 08 Aug 2021 03:28:44 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=Microdata&dl=https%3A%2F%2F930kmpt.com%2F&rl=&if=false&ts=1628393324215&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio%22%2C%22meta%3Adescription%22%3A%22AM%20930%2C%20KMPT-AM%20Radio%2C%20a%20Townsquare%20Media%20station%2C%20has%20the%20best%20news%20coverage%20in%20Missoula%2C%20Montana.%22%2C%22meta%3Akeywords%22%3A%22AM%20930%20Missoula%2C%20Missoula%20AM%20930%2C%20news%20radio%20Missoula%2C%20Missoula%20news%20radio%2C%20news%20Missoula%2C%20Missoula%20news%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio%22%2C%22og%3Adescription%22%3A%22AM%20930%2C%20KMPT-AM%20Radio%2C%20a%20Townsquare%20Media%20station%2C%20has%20the%20best%20news%20coverage%20in%20Missoula%2C%20Montana.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F930kmpt.com%2F%22%2C%22og%3Asite_name%22%3A%22930%20AM%20KMPT%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22%2F%2Ftownsquare.media%2Fsite%2F121%2Ffiles%2F2021%2F01%2F256.png%3Fw%3D250%26zc%3D1%26s%3D0%26a%3Dt%26q%3D90%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628393323313.1797549783&it=1628393322747&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 930kmpt.com
URL: https://930kmpt.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 08 Aug 2021 03:28:44 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=613172405857271&ev=Microdata&dl=https%3A%2F%2F930kmpt.com%2F&rl=&if=false&ts=1628393324715&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio%22%2C%22meta%3Adescription%22%3A%22AM%20930%2C%20KMPT-AM%20Radio%2C%20a%20Townsquare%20Media%20station%2C%20has%20the%20best%20news%20coverage%20in%20Missoula%2C%20Montana.%22%2C%22meta%3Akeywords%22%3A%22AM%20930%20Missoula%2C%20Missoula%20AM%20930%2C%20news%20radio%20Missoula%2C%20Missoula%20news%20radio%2C%20news%20Missoula%2C%20Missoula%20news%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22930%20AM%20KMPT%20%E2%80%93%20Missoula%27s%20Conservative%20Talk%20Leader%20%E2%80%93%20Missoula%20News%20Radio%22%2C%22og%3Adescription%22%3A%22AM%20930%2C%20KMPT-AM%20Radio%2C%20a%20Townsquare%20Media%20station%2C%20has%20the%20best%20news%20coverage%20in%20Missoula%2C%20Montana.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F930kmpt.com%2F%22%2C%22og%3Asite_name%22%3A%22930%20AM%20KMPT%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22%2F%2Ftownsquare.media%2Fsite%2F121%2Ffiles%2F2021%2F01%2F256.png%3Fw%3D250%26zc%3D1%26s%3D0%26a%3Dt%26q%3D90%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1628393323313.1797549783&it=1628393322747&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 08 Aug 2021 03:28:44 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A6DA 2 KB
1 KB 107ms
35ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://930kmpt.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 08 Aug 2021 03:28:46 GMT
Connection: keep-alive

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6220 21 KB
8 KB 121ms
48ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

03c3efbfc0c36342eb3111223904dadea02ed11fa843ecd7172d7117cd72869a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Wed, 09 Feb 2022 03:28:46 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 10 Aug 2021 03:28:46 GMT
date: Sun, 08 Aug 2021 03:28:46 GMT
content-length: 7781

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame FDED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

117ms
62ms

Document
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

content-type: image/png
date: Sun, 08 Aug 2021 03:28:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date: Sun, 08 Aug 2021 03:28:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 03:43:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D22E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=

35 B
237 B

176ms
62ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=true; loc=2f9dr7Ftc6aplJm8wpy6W2CY06mEuxiW4pTDjwNmQXwmvA0QjXoIBjTHZlL5d2cRSBV7jMHZzL8; vst=e_28016b80-e10c-4e77-be88-2b4ce3b7432e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 08 Aug 2021 03:31:52 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master cdg-pixel-x12
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=32ca610f-4f6e-4500-92f8-8dd02d3ac741; domain=.mathtag.com; path=/; expires=Mon, 05-Sep-2022 03:28:46 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=1&gdpr_consent=
Expires: Sun, 08 Aug 2021 03:31:51 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 185A 1006 B
946 B 128ms
61ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: debbecc511efcfedd5d6865f95212fa1391b729a95294873c1859fa3a330c87b

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=19194193-de03-07ff-2c96-c42d44db1d5a|1628393323
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=19194193-de03-07ff-2c96-c42d44db1d5a|1628393323; Version=1; Expires=Mon, 08-Aug-2022 03:28:46 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628393326|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 23-Aug-2021 03:28:46 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A1C3 38 KB
14 KB 110ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=25650
expires: Sun, 08 Aug 2021 10:36:16 GMT
date: Sun, 08 Aug 2021 03:28:46 GMT
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FD88 1 KB
1 KB 168ms
59ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 9824166f32941045f165e3a50d5d6c834ea42df6720d1fca1672377cc57aaaf9

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=7127857984987324662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQpZG5nrIvCgoIkQIQpZG5nrIvCgoI4gEQpZG5nrIvCgoIkgIQpZG5nrIvCgoI5gEQpZG5nrIvCgoIhwIQpZG5nrIvCgkIOhClkbmesi8KCQgLEKWRuZ6yLwoJCF8QpZG5nrIvCgkIHxClkbmesi8=; Max-Age=7776000; Expires=Sat, 06 Nov 2021 03:28:46 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=7127857984987324662; Max-Age=7776000; Expires=Sat, 06 Nov 2021 03:28:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET

2000775.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame A0AC
Redirect Chain

https://sync.serverbid.com/ss/2000775.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

0
0

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame F383 8 KB
3 KB 62ms
12ms Document
text/html 2600:9000:2156:6c00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://930kmpt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://930kmpt.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id: 6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Aug 2021 20:38:58 GMT
etag: W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tJVMVY0h4SkbpnrDjn_Itc1wlXXyUI9EIyGopwYEb4n9bIpllmNOOw==
age: 24589

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 121ms
37ms Image
image/gif 3.124.93.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.93.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-93-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

check
pixel.tapad.com/idsync/ex/push/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9FXifx8ljXVgbsBd9ihbQ1UCq2O6ObaA1n3CeA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9FXifx8ljXVgbsBd9ihbQ1UCq2O6ObaA1n3CeA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
https://id5-sync.com/cq/441/124/8/2.gif?puid=b5123249-0e28-4d7e-a272-e97e89efb3a1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F7%2F3.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1
https://id5-sync.com/c/441/487/7/3.gif?puid=ed363edb-9f70-4276-8409-6a89a74dc926&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/6/4.gif?puid=b237379a090e1ca967a861910d28d02c&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/101/5/5.gif?puid=cdef7ad9-826d-4ac7-ae7b-dfe776072222&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...

0
0

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=8997836919010231883

35 B
238 B

164ms
62ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=8997836919010231883
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
X-Proxy-Origin: 37.120.194.212; 37.120.194.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 88ff597f-2059-4206-967e-5f3ca8c47efe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=8997836919010231883
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3989
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

1108ms
35ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 08 Aug 2021 03:28:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Sun, 08 Aug 2021 03:28:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8997836919010231883

0
154 B

483ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8997836919010231883
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
X-Proxy-Origin: 37.120.194.212; 37.120.194.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9ffad8c4-1a53-4aaf-aa17-225063001e03
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8997836919010231883
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=81d819ed-772b-046b-1cc5-1302d7500ef5

0
308 B

492ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=81d819ed-772b-046b-1cc5-1302d7500ef5
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Sun, 08 Aug 2021 03:28:46 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=81d819ed-772b-046b-1cc5-1302d7500ef5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-22ukjyhE2uH38kS2S3syUkc0DqjZCkHa~A~UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a

0
154 B

203ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-22ukjyhE2uH38kS2S3syUkc0DqjZCkHa~A~UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 08 Aug 2021 03:28:47 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-22ukjyhE2uH38kS2S3syUkc0DqjZCkHa~A~UPbd7ae5df-f7f8-11eb-a09e-0204e8ab3b9a
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4064679e-c42b-4863-98e4-8ca857c45aaf&ttl=1630985326

0
154 B

416ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4064679e-c42b-4863-98e4-8ca857c45aaf&ttl=1630985326
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4064679e-c42b-4863-98e4-8ca857c45aaf&ttl=1630985326
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame F383 0
239 B 146ms
36ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c8f9cdb7cb99bffd79c16d4217a9bc47cf7271e

0
154 B

371ms
123ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c8f9cdb7cb99bffd79c16d4217a9bc47cf7271e
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c8f9cdb7cb99bffd79c16d4217a9bc47cf7271e
Date: Sun, 08 Aug 2021 03:28:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDgwMDlBNTktMzRBQy00QTg0LTgwMDYtQTFBNEVGMEMzRDIx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

0
308 B

122ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
date: Sun, 08 Aug 2021 03:28:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 5347 54 B
326 B 140ms
66ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPKmRo3PKmRo3AXADAENBmCgAAAAAH_AAAAAAAAQTAJMNS-gC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXAAAAA.YAAAAAAAAAAA&d=https://930kmpt.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Sun, 08 Aug 2021 03:28:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A1C3 3 KB
3 KB 130ms
44ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34048055&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 046a27d1d65a32de1e6d151b03eb59eaccd04429b0140c96c890a2dfe7ac2d35

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=uKPvvLSY1Mczuu5

43 B
106 B

59ms
59ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=uKPvvLSY1Mczuu5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=uKPvvLSY1Mczuu5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=a7639098-8dd5-4fca-afbc-99d0b9ceebc8&ssp=openx&user_group=1
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7b20bef4-4536-445b-bd50-ef1abfc58c2c

43 B
106 B

61ms
60ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=7b20bef4-4536-445b-bd50-ef1abfc58c2c
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:47 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=7b20bef4-4536-445b-bd50-ef1abfc58c2c
date: Sun, 08 Aug 2021 03:28:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8997836919010231883

43 B
106 B

60ms
60ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8997836919010231883
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
X-Proxy-Origin: 37.120.194.212; 37.120.194.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3662453b-7fc6-45c5-9c98-867cb393c7f6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8997836919010231883
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 185A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdVowN0NIcDhBQUZtOXQxWk9NUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

59ms
58ms

Image
image/gif

52.17.150.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.150.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-150-98.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=32ca610f-4f6e-4500-92f8-8dd02d3ac741

43 B
106 B

60ms
59ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=32ca610f-4f6e-4500-92f8-8dd02d3ac741
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 08 Aug 2021 03:31:52 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=32ca610f-4f6e-4500-92f8-8dd02d3ac741
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 08 Aug 2021 03:31:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=b2EqFW02LBZ0MnlDP2Q3Sm8yKRZ0ZihGa2U5RWLw

43 B
172 B

59ms
59ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=b2EqFW02LBZ0MnlDP2Q3Sm8yKRZ0ZihGa2U5RWLw
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=b2EqFW02LBZ0MnlDP2Q3Sm8yKRZ0ZihGa2U5RWLw
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=423370009886033464

43 B
106 B

64ms
60ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=423370009886033464
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=423370009886033464
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 185A 70 B
264 B 163ms
73ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=cab57eca-7784-3808-7640-0cc520fc2ea7&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 185A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3&google_tc=

170 B
188 B

85ms
66ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTZkYWFkMDAtYmVmMy02NmFjLTYzYTAtNTY3Y2VhMWVlMGM3&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 185A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-jz744EjHwlC3mJdoCOy4&google_cver=1

43 B
106 B

62ms
59ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-jz744EjHwlC3mJdoCOy4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-jz744EjHwlC3mJdoCOy4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FD88 70 B
265 B 125ms
73ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame FD88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPeADpPSXtDgHoqWRY0Zs4g&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

66ms
62ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPeADpPSXtDgHoqWRY0Zs4g&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPeADpPSXtDgHoqWRY0Zs4g&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FD88
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzEyNzg1Nzk4NDk4NzMyNDY2Mg%3D%3D

170 B
188 B

57ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzEyNzg1Nzk4NDk4NzMyNDY2Mg%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzEyNzg1Nzk4NDk4NzMyNDY2Mg%3D%3D
date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame FD88 42 B
464 B 49ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=7127857984987324662&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: E240122DD6C049CAAC6D6D1E22929794 Ref B: FRAEDGE1208 Ref C: 2021-08-08T03:28:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame FD88
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/7127857984987324662?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sgrAOO5E2oTxLZc0D27ZyTPjiPurCiweu4Ot87F3LA--~A&dongle=0883

37 B
352 B

62ms
61ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-sgrAOO5E2oTxLZc0D27ZyTPjiPurCiweu4Ot87F3LA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 08 Aug 2021 03:28:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-sgrAOO5E2oTxLZc0D27ZyTPjiPurCiweu4Ot87F3LA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FD88
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=8997836919010231883&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

64ms
60ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8997836919010231883&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:46 GMT
X-Proxy-Origin: 37.120.194.212; 37.120.194.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a114d7d3-4c19-4561-a4a9-565ebfd2ab56
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8997836919010231883&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame FD88
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7127857984987324662
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7127857984987324662&dcc=t

0
0

125ms
124ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7127857984987324662&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 15MFDHJ476NJCJ8V75EP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7127857984987324662&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FD88
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

59ms
59ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sun, 08 Aug 2021 03:28:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame FD88 0
0 76ms
36ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=7127857984987324662
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame FD88 0
0 104ms
36ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=7127857984987324662
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 84AD 35 B
467 B 33ms
32ms Document
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=1055870E-A084-4D5A-8ADE-2F8469B3B077

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=1055870E-A084-4D5A-8ADE-2F8469B3B077
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 08 Aug 2021 03:28:46 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=584023474943947223; expires=Thu, 07 Oct 2021 03:28:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

sync Show response
usr.undertone.com/userPixel/ Frame E0FD
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4687951747761239121
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

0
308 B

122ms
121ms

Document
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usr.undertone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: UID_EXT_39=81d819ed-772b-046b-1cc5-1302d7500ef5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 08 Aug 2021 03:28:48 GMT
server: istio-envoy
set-cookie: UID_EXT_53=1055870E-A084-4D5A-8ADE-2F8469B3B077; Path=/; Domain=undertone.com; Expires=Mon, 08-Aug-2022 09:18:00 GMT; SameSite=None; Secure;
x-envoy-upstream-service-time: 0
Content-Length: 0
Connection: keep-alive

Redirect headers

server: nginx
date: Sun, 08 Aug 2021 03:28:48 GMT
set-cookie: SPugT=1628393328; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 03:28:48 GMT; path=/
location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 4E6B 43 B
360 B 366ms
36ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 08 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1148
x-powered-by: ASP.NET
date: Sun, 08 Aug 2021 03:28:46 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EFWHDqCETVqK3i-EabOwdw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

39ms
35ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66324
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 08 Aug 2021 21:54:10 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32ca610f-4f6e-4500-92f8-8dd02d3ac741

0
128 B

1260ms
44ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32ca610f-4f6e-4500-92f8-8dd02d3ac741
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 08 Aug 2021 03:31:52 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32ca610f-4f6e-4500-92f8-8dd02d3ac741
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 08 Aug 2021 03:31:51 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A1C3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=1055870E-A084-4D5A-8ADE-2F8469B3B077
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b237379a090e1ca967a861910d28d02c
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=4064679e-c42b-4863-98e4-8ca857c45aaf&icm
https://spl.zeotap.com/?zdid=1332&zcluid=e4aa3df174f6e0d9
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd665faab8c&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEG4VMrIanAl37lq9X2Lpq98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd...

95 B
164 B

29ms
22ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEG4VMrIanAl37lq9X2Lpq98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd665faab8c&zcluid=e4aa3df174f6e0d9&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 67b5a8213ddc2b65-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:28:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEG4VMrIanAl37lq9X2Lpq98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28b91c4e-9a11-4454-6050-2da272c30353&reqId=219790cb-8e70-451b-6f33-0fd665faab8c&zcluid=e4aa3df174f6e0d9&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A1C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTA1NTg3MEUtQTA4NC00RDVBLThBREUtMkY4NDY5QjNCMDc3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

0
308 B

123ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A1C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIp60qugmIIyyEHAWFLiME0&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

0
308 B

124ms
123ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
date: Sun, 08 Aug 2021 03:28:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame A1C3 43 B
609 B 1125ms
32ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:28:48 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=423370009886033464

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4064679e-c42b-4863-98e4-8ca857c45aaf

0
0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A1C3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8997836919010231883&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D1055870E-A084-4D5A-8ADE-2F8469B3B077
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077

0
308 B

243ms
122ms

Image
text/plain

54.235.253.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.253.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-253-176.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077
date: Sun, 08 Aug 2021 03:28:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 1055870E-A084-4D5A-8ADE-2F8469B3B077
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A1C3 43 B
563 B 38ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/1055870E-A084-4D5A-8ADE-2F8469B3B077?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1055870E-A084-4D5A-8ADE-2F8469B3B077&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UWfwA.FE2uVZar3ja0ZWzqxNMERYCtU-~A&gdpr=0&gdpr_consent=

0
260 B

954ms
43ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UWfwA.FE2uVZar3ja0ZWzqxNMERYCtU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 08 Aug 2021 03:28:47 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UWfwA.FE2uVZar3ja0ZWzqxNMERYCtU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame A1C3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b20bef4-4536-445b-bd50-ef1abfc58c2c&gdpr=0&gdpr_consent=&gdpr_pd=

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3989 31 KB
10 KB 38ms
38ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 398dc907fd1f7903b7b4bfbdbfa1526874aaa0ad7b11c63076e1dfad01f0ae19

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:28:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67436
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Sun, 08 Aug 2021 22:12:43 GMT

GET
H2 200 chunk-3.a5567a56807692dc8b54.1628007486748.js Show response
930kmpt.com/public/dist/desktop/ 29 KB
8 KB 414ms
68ms Script
application/javascript 192.229.233.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://930kmpt.com/public/dist/desktop/chunk-3.a5567a56807692dc8b54.1628007486748.js

Requested by

Host: dbejeqv8nk3po.cloudfront.net.
URL: https://dbejeqv8nk3po.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D57) / Express

Resource Hash

d17b55de607fcd5fbf70fcf347df51f49acfb2cb3a0d4afd14f2b662ca7fb68a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /public/dist/desktop/chunk-3.a5567a56807692dc8b54.1628007486748.js
pragma: no-cache
cookie: gdpr-source=DK; abgroup=A; _ga=GA1.2.1515879848.1628393322; _gid=GA1.2.702454023.1628393322; connect.sid=s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc; _gat_primary=1; _gat_UA191097531=1; _gat_UA191148038=1; _gat_UA1150030074=1; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQzIEdNVCJ9; _fbp=fb.1.1628393323313.1797549783; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . 104254d0-be7b-4414-81d3-4c4d2a74470f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 930kmpt.com
referer: https://930kmpt.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://930kmpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-abgroup: A
date: Sun, 08 Aug 2021 03:28:48 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29944
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7503
last-modified: Tue, 03 Aug 2021 19:22:11 GMT
server: ECS (lcy/1D57)
etag: W/"7323-17b0d775ce2"
x-frame-options: SAMEORIGIN
x-varnish: 2983510103
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DK
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Aug 2021 03:28:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3989 284 B
536 B 152ms
36ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A1C3 0
260 B 109ms
37ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156725&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:28:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:32ca610f-4f6e-4500-92f8-8dd02d3ac741&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=423370009886033464

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4064679e-c42b-4863-98e4-8ca857c45aaf

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b20bef4-4536-445b-bd50-ef1abfc58c2c&gdpr=0&gdpr_consent=&gdpr_pd=

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.930kmpt.com/	1970-01-19 20:19:53	Name: _gat_UA1150030077 Value: 1
930kmpt.com/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
930kmpt.com/	1970-01-19 20:19:55	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTdW4sIDA4IEF1ZyAyMDIxIDAzOjI4OjQzIEdNVCJ9
.930kmpt.com/	1970-01-19 20:19:53	Name: _gat_UA191097531 Value: 1
.930kmpt.com/	1970-01-19 20:21:19	Name: _gid Value: GA1.2.702454023.1628393322
.930kmpt.com/	1970-01-19 20:19:53	Name: _gat_UA1150030074 Value: 1
.930kmpt.com/	1970-01-19 20:19:53	Name: _gat_UA191148038 Value: 1
930kmpt.com/	1970-01-19 22:29:29	Name: abgroup Value: A
.930kmpt.com/	1970-01-19 22:29:29	Name: _fbp Value: fb.1.1628393323313.1797549783
.930kmpt.com/	1970-01-20 05:41:29	Name: cmp-data Value: . . 104254d0-be7b-4414-81d3-4c4d2a74470f
.930kmpt.com/	1970-01-19 20:19:53	Name: _gat_primary Value: 1
930kmpt.com/	1970-01-19 21:03:05	Name: connect.sid Value: s%3A7aa18mL4YtNYb3Yy2NluoWw4cIe0mmAj.tIYPtHsxNyhXdR5zv93BtG2EAd5hRoBoDdSBGX%2FjrAc
.930kmpt.com/	1970-01-20 13:51:05	Name: _ga Value: GA1.2.1515879848.1628393322
930kmpt.com/	1969-12-31 23:59:59	Name: gdpr-source Value: DK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bd7a77e373a9572610f-dba1f64a3f969774cdd587a3528671a8.ssl.cf1.rackcdn.com
930kmpt.com
a.teads.tv
action.dstillery.com
action.media6degrees.com
ads.pubmatic.com
apex.go.sonobi.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
b1sync.zemanta.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn-sp-s3.air.tv
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.undertone.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.admanmedia.com
d5p.de17a.com
dbejeqv8nk3po.cloudfront.net.
dis.criteo.com
e.serverbid.com
eb2.3lift.com
embed.air.tv
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
krk.kargo.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
native.sharethrough.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
prod.perf-serving.com
rtb.gumgum.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.bidswitch.net
pixel.tapad.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
104.109.78.125
104.111.219.144
104.111.247.126
104.244.42.136
13.224.90.44
13.224.96.105
13.224.96.35
13.224.96.37
13.33.244.122
142.250.186.34
151.139.128.11
159.253.128.183
178.162.133.150
178.250.2.151
18.156.0.31
18.159.140.98
18.195.223.2
184.31.84.150
185.29.135.233
185.33.220.244
185.33.221.88
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.216
185.64.190.78
185.64.190.81
192.229.233.160
192.229.233.181
192.229.233.218
2.18.232.7
2.18.233.180
2.18.233.88
2.18.234.21
2.18.235.93
2.19.35.65
206.189.254.17
213.155.156.185
216.58.212.162
2600:9000:2156:6c00:1f:2473:9080:93a1
2600:9000:2190:c600:0:b015:b300:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:db6
2606:4700:20::681a:78b
2606:4700::6812:b4f
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
2a02:fa8:8806:13::1400
2a02:fa8:8806:13::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
3.124.93.74
3.127.166.11
3.66.135.160
34.107.148.139
34.120.133.55
34.95.69.49
34.98.64.218
35.244.159.8
37.157.2.234
51.210.112.63
52.17.150.98
52.207.40.92
52.30.14.23
52.46.130.91
52.57.38.203
54.235.253.176
54.77.19.59
69.173.144.139
70.42.32.191
76.223.111.131
76.223.111.18
88.214.206.247
03c3efbfc0c36342eb3111223904dadea02ed11fa843ecd7172d7117cd72869a
046a27d1d65a32de1e6d151b03eb59eaccd04429b0140c96c890a2dfe7ac2d35
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09d65ac2752d18df21cbbeaeda2952193f28c56d1e2627e6b3348d29b646d009
0a66170ad591471a858261a27cfc92c721ce76513f791957d1b9c9c57ea31286
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eaec000f47b9ddf25cd78b03d12fae99c5d572b3537988b69da421dfda5cf40
0fb0bfede4f6c469ed8a416a596f63676c7c86547463982400af9cca57f74d19
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13aaaacb1e7c2518f6eccbcdf38ea1ecd040cd79a8763f0fb611c99401a9b5f7
160a189978d8d578dbaf912cefefd4125c5569a5d2a7167056fe4afbb6415a34
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1826ba540ce8f27c2dd8f6cdc16d32df1bd16fe0dfc827c404b7ab004464390e
1d67358f06c9dcc99b67787e06332b74636ff824aa6fa25468658ff23afabcee
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21ad52f11ffd40241e74f3dfb2076b1bfacc8d4ce14b155cde20754788d72cf5
26c2162ba1f53f2a7e34cb0549799c1a0c8183d0359c0003a38a3b9317659761
2b8234dc2b9c24f7659082c4159c3b183bfe218e8e8672584f4e8d3ffd82dc0e
2c7900d95a9afb295efa723f1b7933e3a833a55d34e9cbd2a1b669aff10990d4
2d4b82db5678f0d8db66c3f3de0fc55ff36e549cbe8f2ddb7674a06983acf668
33d28d9afb2e45cf17c816d20f4c9c786c0da2adddaaad3feed8da1689f772c2
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
398dc907fd1f7903b7b4bfbdbfa1526874aaa0ad7b11c63076e1dfad01f0ae19
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7
428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b6e12c5a670831b569338670cf07264f38eea15ddf19b7fa3123016797824e
47c29fc80fd72c083c10536cd5efe4d932f88b58c041341824627c02e67a4d54
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49cd7994fafd4471f20547092f846f6620e79b9298f555b15e3b367fb82f262a
4d4845eff00850899ddab04d699c88b4f6986d3e079fa2d90ec1c7ed925871ca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5076acf4979c9a4e892b5ab4452c038ba209241dd71397c135e3b4ce0c6431b0
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
5664a31fe1e0585a8cb913b233398371e00118c667640b61029f5540450abd04
5f7018bc95727bb04a7d5e0bf9be5d09a9944b58a75db2e57e4dffa91cea087d
606f409000d1782f020ea8c574e6f1e95c8bcc5e90f4d7750cb866e9c4ebec77
60733f2b65f486c24f492456b68ec33ca25cedee0caefc17a25c5e95260fd06e
611dde88850f70c2fdb8d31f8910427125702e21738cba4b3b324115936213d4
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e
650df3e3c9168d97f3fd18dadd180a2ab4e5f4a7620418be36fee198be4f542e
6888f8900b031e8d6936059a87e4ab9b16d3378c0d969fc7140973c22afef330
69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc994745da4b7037928f14423ce107f09e1f033a76b9dd0a98cd5492c21d206
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7314a42447dd1f0119fe6f619651595a751ba3e0b8cd77a07dccec03f108885e
74b9c729df7b1f4b030e9102e1991fa6030b82010ec81fa4832379962e3fa2b9
75fb5deca45d7408e30375a53bb20c089df71799f40675bd63f919c2d3330302
7a227e1f85fcc6c3bdbf5cbd1bb1c10ecfdc873e2ad91601a6cf7af339dfa97d
7bd0c72cbeccb106ff20eb98677d61bcf487a550bab29d1b7f879ae5d653d22d
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7ebbcb83b38e39351ffaf108a91413ee73887b9f9e18ce668481078b3ef2b893
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f48fdadd6dd953297ed92e921a09fbdb47db1838dc07de111c78408a5778e5
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9824166f32941045f165e3a50d5d6c834ea42df6720d1fca1672377cc57aaaf9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb68845e5283036af883c68c3a342a7aa423749e1e0d814e99a70c0f8af1770
9f454102f64b0eff2018cd60296581c54402220507064eecd1eb82f8baa3cf2d
9f835e998c429b43b3cb2c4ab9d0b675c2fe5062072b2c14146e4664acfe6ce7
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08f135982e4c7b73034da0b592e1d5eed4836f0e3fbe058d980aa273a7d6bfd
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9009e1bbdf947676af005fda0346cc988899c05c9f98225f2806ca4100da6f0
ad2779ed577debfe306cf39a7df2b33bdb56424d09faa59425bc66ec85e975de
ad82034638b8f63ca7c67adb1e260b4c21c6308009e6697c6e4ee51048565596
ae8f93e7e95dcee9817424ab34f5d8c64ad35cbe0904a23bcf42ddadaa6e181e
af95f221f881732fcaee0882e97c0d95fb8bc70eb54ddc532b9b8b00ab5c648a
afed77056ce922b8d1bf704cbf44784226d833d0d0aaf3fa5173de338f182e24
b02663d1fa216a8de198b2e3ad20bd02613a404ea0f6eff3ccf1a4b30602e467
b274ecb390dca4ade5d9cb21fb8c31e4b0190df32b54a583c7fdc30a110436b8
b4303542ae882cc36e21ba9fed85566ec4f4b7ae214b17c1cab9a3696d57f287
b4522695aeea16458299e979a71eaa29dff35b74807467acb9ef34fc86f355d0
b4822ba57955b342e173ebd20137dae710d8c35dd991aa9fc89270552156e995
b5c86d06ea620b54d5481c613cea785f52ea157c255f51437f171a4adf60cc62
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfddb634051dcc3dbf9bd40f94939244869b727f0e19a7dd41d072ef421736e4
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17b55de607fcd5fbf70fcf347df51f49acfb2cb3a0d4afd14f2b662ca7fb68a
d276e7850d00e1be7866b5dc12321b093363f7591eeaac543c8a8d269a2b0913
d47b03372ebf10df6db15b03058462ac1050e89647bf53d0d1a384c29e96e1a6
d4bf26e6de45bb6bbbc6b60f5ed39d73d36ae97c9b28d177a4fb492537f8a79d
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
debbecc511efcfedd5d6865f95212fa1391b729a95294873c1859fa3a330c87b
e32351edad3d2e0f43ad39ba2252cf26b1a80765385363b8d9f41c4e77ce3749
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e7a90656e029a7ed801ac897a6661d9b3c2dfb11cccf2a6d971462c95ad24ecd
e88202b7d4aa0af217e4e1a913095f30ed7e4f29777632db674cb740f3e052f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f2fdb2edb2efa261b3054b84e1c632cf28597b4266ee677db7eb170ee00cf82b
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

930kmpt.com Open in urlscan Pro 192.229.233.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

97 %HTTPS

30 %IPv6

67 Domains

97 Subdomains

73 IPs

10 Countries

2668 kBTransfer

7481 kBSize

14 Cookies

6 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

930kmpt.com Open in urlscan Pro
192.229.233.160 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

97 %
HTTPS

30 %
IPv6

67
Domains

97
Subdomains

73
IPs

10
Countries

2668 kB
Transfer

7481 kB
Size

14
Cookies

180 HTTP transactions
1 data transactions