urlscan.io logo urlscan.io
SecurityTrails logo

www.tmz.com Open in urlscan Pro
13.35.147.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tmz.com/person/maryse-ouellet/
Effective URL: https://www.tmz.com/people/maryse-ouellet/
Submission: On December 24 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 12 countries across 112 domains to perform 359 HTTP transactions. The main IP is 13.35.147.3, located in United States and belongs to AMAZON-02, US. The main domain is www.tmz.com. The Cisco Umbrella rank of the primary domain is 36147.
TLS certificate: Issued by Amazon ECDSA 256 M03 on November 7th 2023. Valid for: a year.
This is the only time www.tmz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.67.111.128 16509 (AMAZON-02)
1 4 13.35.147.3 16509 (AMAZON-02)
10 13.35.147.68 16509 (AMAZON-02)
2 142.250.204.2 15169 (GOOGLE)
1 23.198.55.252 16625 (AKAMAI-AS)
3 23.48.96.27 20940 (AKAMAI-ASN1)
4 172.217.24.40 15169 (GOOGLE)
9 151.101.66.132 54113 (FASTLY)
6 151.101.194.132 54113 (FASTLY)
3 151.101.194.137 54113 (FASTLY)
6 142.251.221.66 15169 (GOOGLE)
4 54.148.102.105 16509 (AMAZON-02)
1 3 13.35.147.23 16509 (AMAZON-02)
2 216.239.38.181 15169 (GOOGLE)
1 64.233.170.157 15169 (GOOGLE)
1 142.250.204.14 15169 (GOOGLE)
3 142.250.67.3 15169 (GOOGLE)
1 2 54.252.69.94 16509 (AMAZON-02)
1 5 52.62.193.219 16509 (AMAZON-02)
2 142.250.67.2 15169 (GOOGLE)
2 63.140.56.133 16509 (AMAZON-02)
1 1 18.138.95.106 16509 (AMAZON-02)
3 142.251.221.68 15169 (GOOGLE)
3 18.67.93.11 16509 (AMAZON-02)
1 18.67.111.101 16509 (AMAZON-02)
1 52.3.76.47 14618 (AMAZON-AES)
1 151.101.130.217 54113 (FASTLY)
1 1 172.67.4.231 13335 (CLOUDFLAR...)
1 172.67.41.60 13335 (CLOUDFLAR...)
3 13.35.151.131 16509 (AMAZON-02)
1 13.35.147.7 16509 (AMAZON-02)
1 18.67.114.43 16509 (AMAZON-02)
2 13.250.173.68 16509 (AMAZON-02)
1 34.149.20.76 396982 (GOOGLE-CL...)
2 6 104.18.36.155 13335 (CLOUDFLAR...)
1 67.199.150.87 3257 (GTT-BACKB...)
9 14 103.43.90.178 29990 (ASN-APPNEX)
3 15 35.244.159.8 15169 (GOOGLE)
2 182.161.73.145 55569 (CRITEO-AS...)
1 69.173.158.65 26667 (RUBICONPR...)
1 47.128.190.164 16509 (AMAZON-02)
1 18.138.247.38 16509 (AMAZON-02)
4 4 54.226.177.40 14618 (AMAZON-AES)
16 21 172.217.167.98 15169 (GOOGLE)
12 12 35.71.131.137 16509 (AMAZON-02)
1 1 3.122.160.55 16509 (AMAZON-02)
1 18.134.84.23 16509 (AMAZON-02)
2 13 52.46.151.131 16509 (AMAZON-02)
2 18.67.93.4 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.250.204.6 15169 (GOOGLE)
1 172.217.24.33 15169 (GOOGLE)
13 14 74.118.186.107 6336 (TURN-US-ASN)
5 5 50.116.239.135 6336 (TURN-US-ASN)
4 52.77.167.172 16509 (AMAZON-02)
1 1 23.52.225.82 16625 (AKAMAI-AS)
2 35.79.250.83 16509 (AMAZON-02)
6 52.220.199.193 16509 (AMAZON-02)
1 52.76.6.255 16509 (AMAZON-02)
9 18.67.93.2 16509 (AMAZON-02)
3 3 82.145.213.8 39832 (NO-OPERA)
2 2 138.201.8.249 24940 (HETZNER-AS)
9 172.64.151.101 13335 (CLOUDFLAR...)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 23.48.97.32 20940 (AKAMAI-ASN1)
2 4 104.18.25.173 13335 (CLOUDFLAR...)
14 13.112.54.241 16509 (AMAZON-02)
4 9 35.213.12.39 15169 (GOOGLE)
7 9 185.84.60.20 198622 (ADFORM)
6 6 54.211.244.166 14618 (AMAZON-AES)
4 8 18.140.77.82 16509 (AMAZON-02)
2 2 54.162.157.217 14618 (AMAZON-AES)
3 8.18.47.7 398989 (DEEPINTENT)
4 4 64.74.236.31 19024 (INTERNAP-...)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 2 23.106.127.38 59253 (LEASEWEB-...)
3 3 23.52.255.186 16625 (AKAMAI-AS)
8 23.223.50.11 9443 (VOCUS-RET...)
6 23.198.59.89 16625 (AKAMAI-AS)
2 2 211.120.53.206 4694 (IDCF IDC ...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
2 142.251.221.65 15169 (GOOGLE)
7 184.24.241.42 16625 (AKAMAI-AS)
5 207.65.33.83 62713 (AS-PUBMATIC)
7 18 67.199.150.82 3257 (GTT-BACKB...)
16 31 207.65.33.82 62713 (AS-PUBMATIC)
8 8 89.207.22.140 41041 (VCLK-EU-SE)
1 1 143.244.208.184 14061 (DIGITALOC...)
32 54 69.173.158.64 26667 (RUBICONPR...)
2 151.101.194.133 54113 (FASTLY)
1 152.69.173.77 31898 (ORACLE-BM...)
2 182.161.73.129 55569 (CRITEO-AS...)
7 7 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.32 32748 (STEADFAST)
2 8 35.71.178.8 16509 (AMAZON-02)
1 23.198.57.183 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
2 2 13.224.181.71 16509 (AMAZON-02)
1 1 216.200.232.249 30419 (MEDIAMATH...)
2 7 207.65.33.76 62713 (AS-PUBMATIC)
2 35.84.104.50 16509 (AMAZON-02)
2 2 35.213.93.179 15169 (GOOGLE)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
2 3 13.213.147.200 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
2 3 34.126.167.117 396982 (GOOGLE-CL...)
4 4 18.143.106.89 16509 (AMAZON-02)
2 2 54.82.32.1 14618 (AMAZON-AES)
2 2 18.238.192.40 16509 (AMAZON-02)
2 2 198.8.71.131 54312 (ROCKETFUEL)
4 7 35.244.154.8 15169 (GOOGLE)
4 4 35.72.176.125 16509 (AMAZON-02)
2 2 35.214.187.199 15169 (GOOGLE)
1 6 23.106.127.56 59253 (LEASEWEB-...)
1 2 35.161.37.58 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 13.107.42.14 8068 (MICROSOFT...)
3 4 182.161.73.146 55569 (CRITEO-AS...)
1 67.220.226.234 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 1 18.67.172.126 16509 (AMAZON-02)
1 2 13.35.147.55 16509 (AMAZON-02)
1 131.153.206.102 59210 (PHOENIXNA...)
1 2 63.251.14.3 32475 (SINGLEHOP...)
1 23.1.240.43 20940 (AKAMAI-ASN1)
1 1 64.38.119.42 18568 (BIDTELLECT)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 54.193.221.12 16509 (AMAZON-02)
1 38.133.127.31 22075 (AS-OUTBRAIN)
7 34.117.239.71 396982 (GOOGLE-CL...)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 52.89.208.126 16509 (AMAZON-02)
4 4 98.98.134.242 21859 (ZEN-ECN)
1 54.149.106.49 16509 (AMAZON-02)
3 4 151.101.2.49 54113 (FASTLY)
3 3 52.74.118.249 16509 (AMAZON-02)
2 4 34.96.105.8 396982 (GOOGLE-CL...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 54.255.74.183 16509 (AMAZON-02)
1 96.46.186.182 7979 (SERVERS-COM)
1 142.250.71.66 15169 (GOOGLE)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 34.111.147.92 396982 (GOOGLE-CL...)
1 1 18.176.234.133 16509 (AMAZON-02)
2 35.72.102.184 16509 (AMAZON-02)
1 2 35.227.252.103 15169 (GOOGLE)
2 2 103.229.10.180 16509 (AMAZON-02)
2 2 18.138.18.111 16509 (AMAZON-02)
2 4 35.186.193.173 15169 (GOOGLE)
2 2 103.3.63.48 63949 (AKAMAI-LI...)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 220.150.223.50 4686 (BEKKOAME ...)
1 195.5.165.20 ()
2 2 13.251.208.106 16509 (AMAZON-02)
359 113
1    18.67.111.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-128.syd62.r.cloudfront.net
tmz.com
4    13.35.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-3.syd1.r.cloudfront.net
www.tmz.com
10    13.35.147.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-68.syd1.r.cloudfront.net
static.tmz.com
2    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googletagservices.com
1    23.198.55.252 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-55-252.deploy.static.akamaitechnologies.com
foxkit.fox.com
3    23.48.96.27 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-27.deploy.static.akamaitechnologies.com
strike.fox.com
4    172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f8.1e100.net
www.googletagmanager.com
9    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
global.ketchcdn.com
static.foxnews.com
6    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
imagez.tmz.com
3    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cdn.ketchjs.com
6    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
securepubads.g.doubleclick.net
4    54.148.102.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-102-105.us-west-2.compute.amazonaws.com
prod.pyxis.atp.fox
3    13.35.147.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-23.syd1.r.cloudfront.net
sb.scorecardresearch.com
2    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    64.233.170.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
www.google-analytics.com
3    142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net
www.google.com.au
2    54.252.69.94 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-252-69-94.ap-southeast-2.compute.amazonaws.com
secure-us.imrworldwide.com
5    52.62.193.219 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-193-219.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
fox.demdex.net
2    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
googleads.g.doubleclick.net
2    63.140.56.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-56-133.data.adobedc.net
smetrics.tmz.com
1    18.138.95.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-95-106.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
3    142.251.221.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net
www.google.com
3    18.67.93.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-11.syd62.r.cloudfront.net
prod.fennec.atp.fox
1    18.67.111.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-101.syd62.r.cloudfront.net
cdn.opecloud.com
1    52.3.76.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-76-47.compute-1.amazonaws.com
foxus.tagger.opecloud.com
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
1    172.67.4.231 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    13.35.151.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-151-131.syd1.r.cloudfront.net
c.amazon-adsystem.com
1    13.35.147.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-7.syd1.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
2    13.250.173.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    67.199.150.87 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
14    103.43.90.178 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
15    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
foxnews-d.openx.net
us-u.openx.net
jp-u.openx.net
u.openx.net
eu-u.openx.net
2    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid.bidswitch.net
bidder.criteo.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    47.128.190.164 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-47-128-190-164.ap-southeast-1.compute.amazonaws.com
krk.kargo.com
1    18.138.247.38 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-247-38.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
4    54.226.177.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-177-40.compute-1.amazonaws.com
fox.tagger.opecloud.com
21    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
cm.g.doubleclick.net
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.122.160.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-160-55.eu-central-1.compute.amazonaws.com
tagger.opecloud.com
1    18.134.84.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-23.eu-west-2.compute.amazonaws.com
7bd92.v.fwmrm.net
13    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    18.67.93.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-4.syd62.r.cloudfront.net
prod.xid.atp.fox
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
ad.doubleclick.net
1    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f1.1e100.net
9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com
14    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    52.77.167.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-167-172.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    23.52.225.82 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-225-82.deploy.static.akamaitechnologies.com
cs.media.net
2    35.79.250.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-250-83.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
6    52.220.199.193 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    52.76.6.255 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-6-255.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
9    18.67.93.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-2.syd62.r.cloudfront.net
ms-cookie-sync.presage.io
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
9    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    23.48.97.32 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-97-32.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
14    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
9    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    54.211.244.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-244-166.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    18.140.77.82 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-77-82.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    54.162.157.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-157-217.compute-1.amazonaws.com
sync.ipredictive.com
3    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    64.74.236.31 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    23.52.255.186 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-255-186.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.223.50.11 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a23-223-50-11.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
tpc.googlesyndication.com
7    184.24.241.42 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-241-42.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
5    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
18    67.199.150.82 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
31    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
8    89.207.22.140 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
rubicon-match.dotomi.com
1    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
54    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
pixel-apac.rubiconproject.com
2    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    152.69.173.77 (Bungarribee, Australia)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
7    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
8    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.198.57.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-57-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    13.224.181.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-71.syd1.r.cloudfront.net
cr-p3.ladsp.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.84.104.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-104-50.us-west-2.compute.amazonaws.com
sync-pm.ads.yieldmo.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    13.213.147.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-147-200.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
4    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    54.82.32.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-32-1.compute-1.amazonaws.com
i.liadm.com
2    18.238.192.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-40.sfo53.r.cloudfront.net
live.rezync.com
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
4    35.72.176.125 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-176-125.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    35.214.187.199 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 199.187.214.35.bc.googleusercontent.com
csync.loopme.me
6    23.106.127.56 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
2    35.161.37.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-37-58.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    18.67.172.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-172-126.cgk51.r.cloudfront.net
live.primis.tech
2    13.35.147.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-55.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
2    63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 3.14.251.63.unassigned.ord.singlehop.net
ce.lijit.com
1    23.1.240.43 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-1-240-43.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    64.38.119.42 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    54.193.221.12 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-221-12.us-west-1.compute.amazonaws.com
exchange.mediavine.com
1    38.133.127.31 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
7    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    52.89.208.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-208-126.us-west-2.compute.amazonaws.com
cs.minutemedia-prebid.com
4    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    54.149.106.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-106-49.us-west-2.compute.amazonaws.com
cs.yellowblue.io
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid-s2s.media.net
1    54.255.74.183 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-74-183.ap-southeast-1.compute.amazonaws.com
crb.kargo.com
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net
pagead2.googlesyndication.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    34.111.147.92 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.147.111.34.bc.googleusercontent.com
sync-axelmark-dsp.focas.jp
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
2    35.72.102.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    103.3.63.48 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li819-48.members.linode.com
gocm.c.appier.net
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    13.251.208.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-208-106.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
Apex Domain
Subdomains		 Transfer
68 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image4.pubmatic.com — Cisco Umbrella Rank: 1224
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
65 KB
67 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel-us-apac.rubiconproject.com Failed
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 27785
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
100 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
161 KB
23 tmz.com
tmz.com — Cisco Umbrella Rank: 29324
www.tmz.com — Cisco Umbrella Rank: 36147
static.tmz.com — Cisco Umbrella Rank: 39341
imagez.tmz.com — Cisco Umbrella Rank: 33978
smetrics.tmz.com — Cisco Umbrella Rank: 39289
691 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
85 KB
17 openx.net
foxnews-d.openx.net — Cisco Umbrella Rank: 9419
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
u.openx.net — Cisco Umbrella Rank: 672
eu-u.openx.net — Cisco Umbrella Rank: 2473
rtb.openx.net — Cisco Umbrella Rank: 695
3 KB
16 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
5 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
28 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
10 KB
15 33across.com
ssc.33across.com — Cisco Umbrella Rank: 3699
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
5 KB
14 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1931
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
7 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
5 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
5 KB
9 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 7088
6 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
5 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
5 KB
9 atp.fox
prod.pyxis.atp.fox — Cisco Umbrella Rank: 7693
prod.fennec.atp.fox — Cisco Umbrella Rank: 9357
prod.xid.atp.fox — Cisco Umbrella Rank: 8972
260 KB
8 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
rubicon-match.dotomi.com — Cisco Umbrella Rank: 1918
3 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766 Failed
px.moatads.com — Cisco Umbrella Rank: 594
122 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
4 KB
7 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com — Cisco Umbrella Rank: 711
1 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5099
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 7409
5 KB
7 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5764
foxus.tagger.opecloud.com — Cisco Umbrella Rank: 12412
fox.tagger.opecloud.com — Cisco Umbrella Rank: 9658
tagger.opecloud.com — Cisco Umbrella Rank: 4604
17 KB
7 ketchcdn.com
global.ketchcdn.com — Cisco Umbrella Rank: 4859
5 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
4 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
2 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
2 KB
5 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
fox.demdex.net — Cisco Umbrella Rank: 26191
6 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
869 B
4 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
1 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
527 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
4 googlesyndication.com
9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
74 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 931
api.btloader.com — Cisco Umbrella Rank: 1000
18 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
333 KB
4 fox.com
foxkit.fox.com — Cisco Umbrella Rank: 47029
strike.fox.com — Cisco Umbrella Rank: 17425
291 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
1 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
122 B
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
2 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29909
670 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 ketchjs.com
cdn.ketchjs.com — Cisco Umbrella Rank: 5112
143 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
878 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
871 B
2 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28132
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
75 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
533 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
813 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
516 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
967 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1577
3 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
57 KB
2 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 3598
4 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
974 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727
694 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1381
prebid-s2s.media.net — Cisco Umbrella Rank: 2564
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1018
1 KB
2 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 6691
crb.kargo.com — Cisco Umbrella Rank: 910
1 KB
2 foxnews.com
static.foxnews.com — Cisco Umbrella Rank: 6892
19 KB
2 imrworldwide.com
secure-us.imrworldwide.com — Cisco Umbrella Rank: 2550
1018 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
94 KB
1 iprom.net
core.iprom.net
280 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
405 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12406 Failed
243 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 31561
549 B
1 focas.jp
sync-axelmark-dsp.focas.jp — Cisco Umbrella Rank: 979808
450 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 1642
251 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1547
326 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
326 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1747
449 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
287 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
186 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
350 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
649 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
450 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
557 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
487 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
738 B
1 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 1433
335 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
853 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
695 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
348 B
1 fwmrm.net
7bd92.v.fwmrm.net — Cisco Umbrella Rank: 32272
460 B
1 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4586
211 B
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4264
47 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 nex8.net Failed
cs.nex8.net Failed
359 112
Domain Requested by
41 pixel.rubiconproject.com 24 redirects rtb.gumgum.com
ms-cookie-sync.presage.io
www.tmz.com
22 simage2.pubmatic.com 14 redirects ads.pubmatic.com
rtb.gumgum.com
21 cm.g.doubleclick.net 16 redirects rtb.gumgum.com
jp-u.openx.net
eb2.3lift.com
18 image8.pubmatic.com 7 redirects sync-amz.ads.yieldmo.com
ads.pubmatic.com
14 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
13 s.amazon-adsystem.com 2 redirects scripts.webcontentassessor.com
s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssum-sec.casalemedia.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
match.sharethrough.com
12 token.rubiconproject.com 7 redirects eus.rubiconproject.com
ms-cookie-sync.presage.io
12 match.adsrvr.org 12 redirects
10 static.tmz.com www.tmz.com
static.tmz.com
9 image2.pubmatic.com 2 redirects rtb.gumgum.com
ads.pubmatic.com
9 c1.adform.net 7 redirects ads.pubmatic.com
9 x.bidswitch.net 4 redirects rtb.gumgum.com
www.tmz.com
ads.pubmatic.com
eb2.3lift.com
de.tynt.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssbsync.smartadserver.com
ads.pubmatic.com
9 sync.1rx.io 9 redirects
9 ib.adnxs.com 4 redirects strike.fox.com
acdn.adnxs.com
eb2.3lift.com
ms-cookie-sync.presage.io
8 eb2.3lift.com 2 redirects strike.fox.com
eb2.3lift.com
8 eus.rubiconproject.com ms-cookie-sync.presage.io
rtb.gumgum.com
eus.rubiconproject.com
strike.fox.com
de.tynt.com
8 pr-bh.ybp.yahoo.com 4 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
us-u.openx.net
8 us-u.openx.net 2 redirects jp-u.openx.net
de.tynt.com
us-u.openx.net
7 events-ssc.33across.com s.amazon-adsystem.com
de.tynt.com
us-u.openx.net
ads.pubmatic.com
7 ssc-cms.33across.com 7 redirects
7 global.ketchcdn.com www.tmz.com
cdn.ketchjs.com
6 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
www.tmz.com
6 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
s.amazon-adsystem.com
rtb.gumgum.com
6 px.moatads.com www.tmz.com
6 pubmatic-match.dotomi.com 6 redirects
6 ads.pubmatic.com ms-cookie-sync.presage.io
rtb.gumgum.com
ads.pubmatic.com
strike.fox.com
de.tynt.com
6 sync.srv.stackadapt.com 6 redirects
6 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
ms-cookie-sync.presage.io
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.tmz.com
6 imagez.tmz.com www.tmz.com
5 pixel.tapad.com 3 redirects rtb.gumgum.com
5 image6.pubmatic.com ads.pubmatic.com
5 secure.adnxs.com 5 redirects
5 sync.targeting.unrulymedia.com 4 redirects www.tmz.com
5 ad.turn.com 5 redirects
4 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
4 simage4.pubmatic.com ads.pubmatic.com
4 tr.blismedia.com 2 redirects www.tmz.com
us-u.openx.net
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 dis.criteo.com 3 redirects eb2.3lift.com
4 match.prod.bidr.io 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 jp-u.openx.net strike.fox.com
jp-u.openx.net
us-u.openx.net
4 creativecdn.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 ads.yieldmo.com s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
4 fox.tagger.opecloud.com 4 redirects
4 dpm.demdex.net 1 redirects www.tmz.com
ssum-sec.casalemedia.com
4 prod.pyxis.atp.fox foxkit.fox.com
prod.fennec.atp.fox
4 www.googletagmanager.com www.tmz.com
www.googletagmanager.com
4 www.tmz.com 1 redirects static.tmz.com
foxkit.fox.com
3 cm.adgrx.com 3 redirects
3 um.simpli.fi 2 redirects rtb.gumgum.com
3 sync.crwdcntrl.net 2 redirects rtb.gumgum.com
3 image4.pubmatic.com 2 redirects rtb.gumgum.com
3 secure-assets.rubiconproject.com 3 redirects
3 match.deepintent.com rtb.gumgum.com
ms-cookie-sync.presage.io
ads.pubmatic.com
3 a.tribalfusion.com 1 redirects www.tmz.com
ads.pubmatic.com
3 t.adx.opera.com 3 redirects
3 api.btloader.com c.aaxads.com
3 c.amazon-adsystem.com strike.fox.com
c.amazon-adsystem.com
3 prod.fennec.atp.fox strike.fox.com
prod.fennec.atp.fox
3 www.google.com www.tmz.com
scripts.webcontentassessor.com
3 www.google.com.au www.tmz.com
3 sb.scorecardresearch.com 1 redirects www.tmz.com
3 cdn.ketchjs.com global.ketchcdn.com
3 strike.fox.com www.tmz.com
strike.fox.com
2 pm.w55c.net 2 redirects
2 pippio.com 2 redirects
2 gocm.c.appier.net 2 redirects
2 cm.ambientdsp.com 2 redirects
2 cms.quantserve.com 2 redirects
2 rtb.openx.net 1 redirects us-u.openx.net
2 dps.jp.cinarra.com us-u.openx.net
ads.pubmatic.com
2 rubicon-match.dotomi.com 2 redirects
2 ce.lijit.com 1 redirects rtb.gumgum.com
2 capi.connatix.com 1 redirects rtb.gumgum.com
2 px.ads.linkedin.com eb2.3lift.com
rtb.gumgum.com
2 visitor.omnitagjs.com 1 redirects www.tmz.com
2 csync.loopme.me 2 redirects
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 uipglob.semasio.net 1 redirects rtb.gumgum.com
2 a.sportradarserving.com 2 redirects
2 sync-pm.ads.yieldmo.com ads.pubmatic.com
rtb.gumgum.com
2 cr-p3.ladsp.com 2 redirects
2 de.tynt.com 1 redirects strike.fox.com
2 static.criteo.net strike.fox.com
static.criteo.net
2 cdn.krxd.net z.moatads.com
scripts.webcontentassessor.com
2 tpc.googlesyndication.com scripts.webcontentassessor.com
2 tg.socdm.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects ms-cookie-sync.presage.io
2 sync.ipredictive.com 2 redirects
2 sync.richaudience.com 2 redirects
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 ad-delivery.net www.tmz.com
2 prod.xid.atp.fox prod.fennec.atp.fox
2 c2shb.pubgw.yahoo.com strike.fox.com
2 smetrics.tmz.com www.tmz.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 static.foxnews.com strike.fox.com
2 secure-us.imrworldwide.com 1 redirects www.tmz.com
2 analytics.google.com www.googletagmanager.com
2 www.googletagservices.com www.tmz.com
scripts.webcontentassessor.com
1 core.iprom.net ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 sync-dsp.ad-m.asia us-u.openx.net
ads.pubmatic.com
1 bk.r-ad.ne.jp 1 redirects
1 eu-u.openx.net 1 redirects
1 u.openx.net us-u.openx.net
1 sync-axelmark-dsp.focas.jp 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 pagead2.googlesyndication.com www.googletagservices.com
1 sync.aniview.com www.tmz.com
1 crb.kargo.com www.tmz.com
1 prebid-s2s.media.net www.tmz.com
1 cs.yellowblue.io www.tmz.com
1 cs.minutemedia-prebid.com www.tmz.com
1 s2s.t13.io www.tmz.com
1 sync.outbrain.com s.amazon-adsystem.com
1 exchange.mediavine.com s.amazon-adsystem.com
1 id.rlcdn.com 1 redirects
1 s.seedtag.com ms-cookie-sync.presage.io
1 bttrack.com 1 redirects
1 hb.yahoo.net ms-cookie-sync.presage.io
1 prebid.a-mo.net rtb.gumgum.com
1 sync1.intentiq.com rtb.gumgum.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com rtb.gumgum.com
1 pixel-apac.rubiconproject.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.mathtag.com 1 redirects
1 js-sec.indexww.com strike.fox.com
1 acdn.adnxs.com strike.fox.com
1 mb.moatads.com z.moatads.com
1 sid.storygize.net 1 redirects
1 z.moatads.com scripts.webcontentassessor.com
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ad.doubleclick.net www.tmz.com
1 7bd92.v.fwmrm.net www.tmz.com
1 tagger.opecloud.com 1 redirects
1 tlx.3lift.com strike.fox.com
1 krk.kargo.com strike.fox.com
1 fastlane.rubiconproject.com strike.fox.com
1 bidder.criteo.com strike.fox.com
1 grid.bidswitch.net strike.fox.com
1 foxnews-d.openx.net strike.fox.com
1 hbopenbid.pubmatic.com strike.fox.com
1 htlb.casalemedia.com strike.fox.com
1 ssc.33across.com strike.fox.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 btloader.com www.tmz.com
1 c.aaxads.com 1 redirects
1 scripts.webcontentassessor.com strike.fox.com
1 foxus.tagger.opecloud.com strike.fox.com
1 cdn.opecloud.com strike.fox.com
1 cm.everesttech.net 1 redirects
1 fox.demdex.net www.tmz.com
1 www.google-analytics.com www.tmz.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 foxkit.fox.com www.tmz.com
1 tmz.com 1 redirects
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 cs.nex8.net Failed us-u.openx.net
0 api.rlcdn.com Failed strike.fox.com
0 pixel-us-apac.rubiconproject.com Failed sync-amz.ads.yieldmo.com
359 181
Subject Issuer Validity Valid
tmz.com
Amazon ECDSA 256 M03		 2023-11-07 -
2024-12-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
secure.fox.com
GeoTrust RSA CA 2018		 2023-12-18 -
2024-10-22		 10 months crt.sh
strike.fox.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-14 -
2024-11-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-27 -
2024-02-19		 3 months crt.sh
global.ketchcdn.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.tmz.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
cdn.ketchjs.com
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
prod.pyxis.atp.fox
Amazon RSA 2048 M02		 2023-11-08 -
2024-12-07		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.foxnews.com
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.tmz.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-15 -
2024-09-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
prod.fennec.atp.fox
Amazon RSA 2048 M03		 2023-10-19 -
2024-11-17		 a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02		 2023-12-16 -
2025-01-12		 a year crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M03		 2023-08-29 -
2024-09-26		 a year crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-05-08 -
2024-06-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-01-24		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
prod.xid.atp.fox
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-09		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 74 frames:

Primary Page: https://www.tmz.com/people/maryse-ouellet/
Frame ID: 39A4A15CA1CE7ACCC87094F06D2E455A
Requests: 117 HTTP requests in this frame

Frame: https://fox.demdex.net/dest5.html?d_nsid=0
Frame ID: 9A606866139FBC60DAC9E46726312458
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Frame ID: 6DC986D5289A6B04D1EBD7B363F30C3B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 39CC9ACA735133E67C75AD1B99481A3C
Requests: 3 HTTP requests in this frame

Frame: https://9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE33CE7FB3EF69AAFEE6C03232B79768
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: B0E7A95DD925511A7D38B46B04F97915
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: E4D28EA2D1C6BC2A833A56F4E4573FF2
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 82CCDB24F256A396EFC725042E8D42EB
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: BEA0896131C0B47731A85F0E606F9FAF
Requests: 7 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: 2DB21C586D2ECB2D99C7DC19E0BA5924
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
Frame ID: 5D8A88FA91706303D80A20E9A41CFF6C
Requests: 20 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Frame ID: 3E8F4AD0A0BB6C55B1B565979A0DD7EE
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=5340811211440918759&gdpr=&gdpr_consent=
Frame ID: 97EE4F4651057D55D27841461E7CBBA5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yN2FmMTNhYy05MjM2LTRjOTktYWJjZS0xMDExZGU3NDc4MTI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 3841574ABB6722041B156AA5BAF7DC08
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9A273F107BE888E8F353D5C56CC4631E
Requests: 17 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1e376597-7051-4403-b461-4ee96ad364b3
Frame ID: 26F549036B4C6EC33E7CD3DA9E259DBC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZYeVNcCo5uYAAClfLWgAAAAA
Frame ID: 47A79CE5761F48009BB940B1CC4B5D7D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=U3QL2NYmFI6pXVCvGOmTuYC0NOL-R1Cj4SKebJ4zoF0&pi=gumgum&tc=1
Frame ID: 2CFB9AD7D753F368FE705477A54FD6F6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 32A41C80011B63C25CC92865FE69C4C9
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_u_rnMYxcQyT0gW0vtxpyE1jkIG88Dug2FeS9uJYHT6XqdRCz3ziffvQYXK1N0Mfd1hiuSQtLXFYHhfVywU-KqvrOfEoPuolPsjO4Y3ZKJz1_5MOeGa0RH8KwJGVD-dywYJthIpy1ZCqRWY9ZED8mMc6viSw3WU40THbLV4mkCvZqGATRvlBjUpG8ClwkZGx9jEfCGLZNEkUlsVJlr7IcJexnqK6jkBvS2P2Vyaz7ZjwZ7PdeagzMZgkhv_XFFyHoYPmR5r3BcyAEx3PBKD0xP4FeB6sfUSFzHrsIVPnKYBlr0VS1liVC-M2aBXLI1QnEaRevBQ3rHzabIQoS73K66fckMw_uoJhpo_fpHWWHzuaZD2cE&sai=AMfl-YRZfkcLsV-JMETqzZ3KzzXNrGBNThg0oxQiCjmEMIkQONtOIBU0fwm493w0l0737r5597_KHDNi_av73sWqWFvAK6wVVbgOfBawxib6K8CtEiWobR4AHimq-A46ZF7UBwuvQzN6lyP1LRah7deIWg&sig=Cg0ArKJSzC_KQQxTrAK7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 67F283E3EB89EFFB248BD8B1B10DE500
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Frame ID: 41A2464C0F59A65DCE4FFD3AEC9AF98E
Requests: 4 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Frame ID: 1CF872AFECAF64C2E87A951EFF8D5B3B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Frame ID: 9DD6D5D971191BCACA8C71E368046279
Requests: 3 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Frame ID: F2200BA22C0950AB7CFDB919DC273D4A
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: F71835941DBD7D842C161A2F6DF0EABC
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A08BA39AB1A6B3EB7E3A6461BC5AB3A9
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D1E12D94EE33853168D0201F6EF6BC7C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: E669EA6FE0D4226A031CCAF39FBAC392
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 851B052AFDE4256FF9CD38BDB819460F
Requests: 10 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Frame ID: 0ECF81CD757F3655E00D8629D67B2174
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3061299232830050353&gdpr=0&gdpr_consent=
Frame ID: C98C8436786F7D2B0196D3B11F4911B2
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3d141a3b-a464-47f4-98cf-f30dec6f7687&ssp=pubmatic
Frame ID: 82763364AF298441252C0689EAB46D6B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: 654F48FC42F90C8CB95DABB13558F3F7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 3229B1CF36224D2A0FBB8DF6A746A132
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Frame ID: F28CE5E98174931F27240FDE8AAC2CCB
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Frame ID: 7F372276D1126C1C4C9377AF7ABE87BB
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=undefined
Frame ID: 861ED235B52AC03BF93C7FF46BCDEC18
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AOX4bA_l82IbsfJpDrLtY1KzoWMbsaE9D-Dg37bM
Frame ID: 83F61249A618622912123A18BEEA8FDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmsynn
Frame ID: F72E7C4D07F90DCBB14B54D90731B9D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=undefined&gdpr=1
Frame ID: 483121E0FCC9302F543195553E3EDCB6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Frame ID: AAADB519C8AC7D0C36C5EDEB20DF1F3E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 648E2AFD9DDC6EE822C4322D8F3245C6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4C860D8FA6C6F36097197B2D02E88F71
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Frame ID: 79C4D496E41BAD747F8DF3D0D2FA5117
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 058B86551E82434E0ED8E883AFBC6483
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=E6Y873mICiaqTCdVOZWHZQ
Frame ID: 898E0313BA3D44CFC88D55564EA94B90
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: EFBCDA0BC709CFC3C86D547A6AEA27A3
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: A2DE76E8BF77083567D2E97FF1580B42
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Frame ID: DF16FAB21F33C37248827583789C1BC1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
Frame ID: 549FD74F1C7524D5B79AD7B26A21898F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmnf2c
Frame ID: B707FFB9056354E34E97F941D6D862D5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D48A403760A13AD16F2ED1324A7E4760
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 30805C2EA196705A36598A564107463B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EB4449AC71BE7955C01EBF71647C57FF
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0B928826F87CDBB7DCDE6379496A2E15
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F7A6020104DCEF9721BE6748BF8E6BC2
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 0237A050CA9AFFA8FBBBC93CEFF7C6FA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hl68t8gFDMSltDdeOZWHZQ
Frame ID: 6BC5E6D272A79277EEFB48596D787788
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 26A29C913E8134C97F739FBA9F9C4DA2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: DC03CC7EA2813C461E353EF98BED7E90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e179f308-a202-11ee-be46-8b2898521c37
Frame ID: 157E134EDD8C6CF6174C839678895BD0
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: BC0C2390D85224C929592EDEBBD37BC5
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: D434C7D377A375B6F63349657164759B
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1CA181BCA945F0360B82DDE5E4A6987B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1BE3B6365B07E07DB4AC9D915F1AB038
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CE5075E78117E338BF1A1A0CE84F9BF5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3E514F08DA5F97D84B1B2270D44AA170
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3enfOnRG1Rhe5z5&gdpr=0&gdpr_consent=
Frame ID: 8A6F6F7B3E88EAFCBC33822C816E84CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759399871012125
Frame ID: 921731785AF9BC7C0CB6B18792113AA5
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EB21167BD65A146742F8907E48B78477
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BE841A8197CE5ED7DB14AF098F7005FE
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=25&external_user_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: 06C4569F819F7173E74366824CD8EDFC
Requests: 1 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: EB9B9D01FC7F3921914DD890830B15BA
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=25&external_user_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Frame ID: 3C9F6315D3825AAFF9F7F873623B93C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Maryse OuelletFacebookTwitterYoutubeInstagramTMZSearchTurn on browser notificationsYou have notifications blocked

Page URL History Show full URLs

  1. http://tmz.com/person/maryse-ouellet/ HTTP 301
    https://www.tmz.com/person/maryse-ouellet/ HTTP 301
    https://www.tmz.com/people/maryse-ouellet/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

359
Requests

64 %
HTTPS

0 %
IPv6

112
Domains

181
Subdomains

113
IPs

12
Countries

2662 kB
Transfer

8365 kB
Size

208
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tmz.com/person/maryse-ouellet/ HTTP 301
    https://www.tmz.com/person/maryse-ouellet/ HTTP 301
    https://www.tmz.com/people/maryse-ouellet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541&ja=1
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Ouellet&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Ouellet&c9=
Request Chain 57
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777
Request Chain 64
  • https://cm.everesttech.net/cm/dd?d_uuid=59351209882131674150409854727951110222 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYeVMwAAAMYcBwN7
Request Chain 75
  • https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?o=5735828726743040&upapi=true
Request Chain 94
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&ref=&tref=&tz=-8&screen=1600x1200x24&dcRegion=us-west-1&cmpstatus=notrequired&e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&fpid=cb78ec47-2bf0-40e4-8c5c-8aeb57288a34 HTTP 302
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&tref=&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&tz=-8&trackability-redirect=true&ref=&fpid=cb78ec47-2bf0-40e4-8c5c-8aeb57288a34&screen=1600x1200x24&cmpstatus=notrequired&dcRegion=us-west-1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_hm=MTgwNmU0MzktMDA1OC0zYWM4LTk5NzEtMWFlZTcyMWM2NTk4&google_redir=https%3A%2F%2Ffox.tagger.opecloud.com%2Fdbmhm%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-0VUexPCxgYmrUBkb88YxDP5bZOjmkU0ACKYH&puid=1806e439-0058-3ac8-9971-1aee721c6598 HTTP 302
  • https://fox.tagger.opecloud.com/dbmhm/pbfs.gif?source=fox&state=2-0VUexPCxgYmrUBkb88YxDP5bZOjmkU0ACKYH&puid=1806e439-0058-3ac8-9971-1aee721c6598 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-EIpoFHrX1%252Fv4xX1j2Nc%252FEfwaBwlyMRWk03my%26source%3Dfox&puid=%25%25TDID%25%25 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-EIpoFHrX1%252Fv4xX1j2Nc%252FEfwaBwlyMRWk03my%26source%3Dfox&puid=%25%25TDID%25%25 HTTP 302
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=1e376597-7051-4403-b461-4ee96ad364b3&state=2-EIpoFHrX1%2Fv4xX1j2Nc%2FEfwaBwlyMRWk03my&source=fox HTTP 302
  • https://fox.tagger.opecloud.com/tradedesk/pbfs.gif?puid=1e376597-7051-4403-b461-4ee96ad364b3&state=2-EIpoFHrX1%2Fv4xX1j2Nc%2FEfwaBwlyMRWk03my&source=fox HTTP 302
  • https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-6ak%252B6tUzZXQxsqYu4jRydiRB56MmAm9MFRe4%26puid%3D%23%7Buser.id%7D
Request Chain 95
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Request Chain 111
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703384373530 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4497549352 HTTP 302
  • https://sync.1rx.io/usersync/turn/9026198695857695825?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-68b096c2-d0b1-4e66-8520-94cda07faacf-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Request Chain 112
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3463859732889891000V10
Request Chain 114
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 123
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUe0307269a6d744c68d239a38c6c823bf
Request Chain 124
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined&rd=1 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=b9ee438e-3979-466f-a77b-1zz1703384359&gdpr=0&gdpr_consent=undefined
Request Chain 126
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYeVNayzWsrLUbAa3UP6NQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRfDsuzygNXqChW5u_sW8M&google_cver=1
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMQG43dCLBsRsdHfGjEWG-A&google_cver=1
Request Chain 128
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e376597-7051-4403-b461-4ee96ad364b3&expiration=1705976373&gdpr=0&gdpr_consent=
Request Chain 129
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fcafa3e5-4d11-f0c7-0e3eab71
Request Chain 131
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZYeVNayzWsrLUbAa3UP6NQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZYeVNayzWsrLUbAa3UP6NQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662089353024359
Request Chain 132
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3061299232830050353
Request Chain 134
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=28950485726920138
Request Chain 135
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=9029026832344905921&ssp=gumgum2
Request Chain 136
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d03f0a21-b1cb-04a5-0f5a-e5361e989ae7
Request Chain 137
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2afb57ed-1831-58d4-457a-ee0a70a51006$ip$66.203.112.162
Request Chain 138
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-v4ksJlhE2pdxQqhfJ5fGvfTiNnEQgZdmoO_8~A
Request Chain 139
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1189623c-fb5b-425c-b225-0dc07a993012
Request Chain 141
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_27af13ac-9236-4c99-abce-1011de747812&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=zQvLfQjvq-9SMRQZl5WJ
Request Chain 142
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=mr1UgO39k2rO&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 143
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=834199829011606522
Request Chain 145
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=apac&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
Request Chain 148
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=5340811211440918759&gdpr=&gdpr_consent=
Request Chain 151
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1e376597-7051-4403-b461-4ee96ad364b3
Request Chain 152
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYeVNcCo5uYAAClfLWgAAAAA
Request Chain 153
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=U3QL2NYmFI6pXVCvGOmTuYC0NOL-R1Cj4SKebJ4zoF0&pi=gumgum&tc=1
Request Chain 154
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 167
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=8729540962301528107 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=41904bf267cf1f03&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgmYM_KvwMsz1ivAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 168
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7815545265 HTTP 302
  • https://sync.1rx.io/usersync/turn/8810025913743912017?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-68b096c2-d0b1-4e66-8520-94cda07faacf-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Request Chain 169
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=28950485726920138&pn_id=an
Request Chain 171
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zVi4wwll1wrPjxd_D3W HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=1e376597-7051-4403-b461-4ee96ad364b3
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ODM0NWZlZWQtMDY0Ni00ODUyLWJmYTAtZjdhYTNlNDM1NTgz HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 174
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
Request Chain 175
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 176
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/8345feed-0646-4852-bfa0-f7aa3e435583?gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-zp7zgYBE2oNtkDLQ.zAjJ6O9wqcvkieZBi5ZrJ5WWeHQ~A
Request Chain 185
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Request Chain 198
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8954141101819767889&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 199
  • https://match.adsrvr.org/track/cmf/openx?oxid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0&gdpr_consent=
Request Chain 200
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeVNcCo5uYAAClfLWgAAAAA
Request Chain 201
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYG6TsvLHISrks8AED1M6Vqx8c8AAAGMmZ7cXA
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEOjE-nEQzwn_13wKlNZBgk&google_cver=1
Request Chain 204
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b496587-9537-4300-b413-a27fa59a725b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=48666c15297022a3&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaK9LWaaQMyOQ4fAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC9C48A5B-8ECF-451B-8875-69EA7419C1F6%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Request Chain 205
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3061299232830050353&gdpr=0&gdpr_consent=
Request Chain 206
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3d141a3b-a464-47f4-98cf-f30dec6f7687&ssp=pubmatic
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycSKW47PRRuIdWnqdBnB9g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 209
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%2C%2C
Request Chain 210
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=&ct=y
Request Chain 211
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlDNDhBNUItOEVDRi00NTFCLTg4NzUtNjlFQTc0MTlDMUY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMuAgOuJ1oXqz17JDB7XcU&google_cver=1
Request Chain 216
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
Request Chain 217
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8882083507781839953&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e237733c2351f03&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR6v-GG3YYgMpbBFYAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC9C48A5B-8ECF-451B-8875-69EA7419C1F6%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jc2ya1ZE2uU876zCAysE2LZCo4smpvI-~A&gdpr=0
Request Chain 219
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322&_li_chk=true&gpp_sid=&us_privacy=1---&gpdr=&previous_uuid=fcb93bee99a2432daa935239ceeebc0f HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=fcb93bee-99a2-432d-aa93-5239ceeebc0f&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d50586d9-86d8-4880-9975-bf0741bf4655%3A1703384375.6898718&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd50586d9-86d8-4880-9975-bf0741bf4655%253A1703384375.6898718%26_%3D1703384375.6942315&cb=1703384375.6942735 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759399871012125&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd50586d9-86d8-4880-9975-bf0741bf4655%253A1703384375.6898718%26_%3D1703384375.6942315 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d50586d9-86d8-4880-9975-bf0741bf4655%3A1703384375.6898718&_=1703384375.6942315 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPjLQfhSfbl9EE5vI4YC86Q&google_cver=1
Request Chain 221
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
Request Chain 222
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJ5k7LDyoAABNfPvuH7w&expiration=1704593974&us_privacy=1---
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=yhhld-UvbKQXzXgwAYwKKE6RkDXvL78x1LRWjQjVlqI&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322&tc=1
Request Chain 225
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2f88f627-b5f4-4256-b7a0-f5bac8a91140&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Request Chain 226
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Request Chain 229
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTM5MDQ5NTc3NTkzNjMyNjU3Nw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIjr8rg-B4AoFebT_fPM_C8&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 230
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e5a496bfa17d1f28429fa7ebb2e56296&gdpr=0&gdpr_consent=0
Request Chain 231
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7315980178861455506&gdpr=0&gdpr_consent=
Request Chain 232
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=UHWo0XFUfyUSBjbdIIPp&gdpr=0
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1e376597-7051-4403-b461-4ee96ad364b3&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 234
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMN_nmjnMsAKkcVWfkxSg6U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 236
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D
Request Chain 238
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2185073698838223315138?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ryaeb5JE2oTV_GEolY6VYUHz7BkEi0m4_JPJv_CY7Q--~A&dongle=0883
Request Chain 239
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2185073698838223315138&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5340811211440918759&ssp=triplelift
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3061299232830050353&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LQIV2PU4-W-M0C3 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 245
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&us_privacy=1---&khaos=LQIV2PU4-W-M0C3 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Request Chain 246
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=&expires=30
Request Chain 247
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJVjJQVTQtVy1NMEMz&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU5KOWohWt8wXNFofu8KHk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJVjJQVTQtVy1NMEMz&google_push=
Request Chain 248
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 249
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kY7ZbjkbRLuz1vlfk9u_Bw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kY7ZbjkbRLuz1vlfk9u_Bw
Request Chain 250
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ImU65GwJBLfXO2uO4EMFLg?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pZAAt9JE2oJrWBNCSknQG1AH0wpp2PPXnzHanQ--~A
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiHrltc0hXlwwhlpkKN4BI&google_cver=1
Request Chain 253
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQIV2PU4-W-M0C3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 254
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBiN2M1MDc5YzI2MTRmOWY3OGE1NjdjZTQyNTk1NzJjYmQ5YWZiMA&us_privacy=1---
Request Chain 255
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFidE7LDyoAABNSdNzTsg&expires=30
Request Chain 256
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 257
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1189623c-fb5b-425c-b225-0dc07a993012&expires=30&us_privacy=1---
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIV2PU4-W-M0C3&us_privacy=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3&ckls=true&ci=XXK2tyUK0E&nc=false&trid=-1606461418
Request Chain 260
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1---&dnr=1
Request Chain 263
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIV2PU4-W-M0C3&redir=true&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIV2PU4-W-M0C3&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Td2hqTmgxRTJ1RTlCVlhrZTVrcUxjMHpXZC4uOGd2MH5B&ovsid=LQIV2PU4-W-M0C3&dpid=58160&us_privacy=1---
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Request Chain 266
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Request Chain 267
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c68b58a-4138-40db-807a-dfd8acb6eede
Request Chain 268
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=9029026832344905921
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Request Chain 270
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=b3a1d4a7-14ee-42f2-818c-720de94be299&gdpr_consent=undefined&us_privacy=1---
Request Chain 271
  • https://ad.turn.com/r/cs?pid=6&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8882083507781839953&expires=60&gdpr=&gdpr_consent=undefined
Request Chain 272
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=3061299232830050353&expires=30&gdpr_consent=undefined&us_privacy=1---
Request Chain 273
  • https://sync.1rx.io/usersync2/rubicon?gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-68b096c2-d0b1-4e66-8520-94cda07faacf-004%26expires%3D30%26us_privacy%3D1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004&expires=30&us_privacy=1---
Request Chain 274
  • https://id.rlcdn.com/709414.gif?gdpr_consent=undefined&us_privacy=1--- HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQIV2PU4-W-M0C3&obUid=&initiator=&gdpr_consent=undefined&us_privacy=1---
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 279
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&us_privacy=1--- HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQIV2PU4-W-M0C3?us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Request Chain 280
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1--- HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1--- HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIV2PU4-W-M0C3&name=RUBICON&us_privacy=1---
Request Chain 282
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1--- HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 283
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&us_privacy=1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=b904cbd5-77f4-427e-91f4-28f1349e9267-65879537-5553&expires=360&gdpr=0&gdpr_consent=
Request Chain 284
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1--- HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZYeVMwAAAMYcBwN7&us_privacy=1---
Request Chain 286
  • https://um.simpli.fi/rb_match?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AAC8D408B59A4374A9D391D60E589B74&expires=365
Request Chain 287
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&us_privacy=1--- HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e179f308-a202-11ee-be46-8b2898521c37&expires=60
Request Chain 289
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=8BTL2jb9OaO87k5epvCVKQ&us_privacy=1--- HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=4c24097269dd206f&is_secure=true&networkId=12783&version=1&nuid=8BTL2jb9OaO87k5epvCVKQ&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMTjemn9AKrgMzhtk1AAAAAAA&expiration=1703470776&nuid=8BTL2jb9OaO87k5epvCVKQ&is_secure=true&us_privacy=1---
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet&us_privacy=1--- HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 292
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864&us_privacy=1--- HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 293
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&us_privacy=1--- HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQIV2PU4-W-M0C3&us_privacy=1---
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 299
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.3&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Request Chain 300
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Request Chain 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D1---%2526xi%253D45%2526xu%253De9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3De9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=45&xu=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 303
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=90&external_user_id=3061299232830050353
Request Chain 306
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LQIV2PU4-W-M0C3 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIV2PU4-W-M0C3&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 308
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYeVMwAAAMYcBwN7
Request Chain 309
  • https://sync-axelmark-dsp.focas.jp/sync/opx HTTP 302
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=vIZF6pYy6lc78XDRri4W8ECGTW9v4dN99ZKNkU3o6gAWvM81
Request Chain 310
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65879536E67DA50AFFF006B2BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65879536E67DA50AFFF006B2BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=65879536E67DA50AFFF006B2BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQIV2PU4-W-M0C3
Request Chain 311
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57z2Ja005BDCM006DAZ5
Request Chain 313
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Request Chain 316
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-FQkbTBYhd2OVblsBdGhGw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 325
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AOX4bA_l82IbsfJpDrLtY1KzoWMbsaE9D-Dg37bM
Request Chain 326
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmsynn
Request Chain 327
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=undefined HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=undefined&gdpr=1
Request Chain 328
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Request Chain 329
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7be2627fbd7a4b3286d7ed4eb1996538 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 331
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=undefined&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Request Chain 333
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=E6Y873mICiaqTCdVOZWHZQ
Request Chain 334
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe0307269a6d744c68d239a38c6c823bf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 336
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7a8f7440947866f750a5b1c089f9cd191f22bab4b040455e97b9f5e639c44586791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YThmNzQ0MDk0Nzg2NmY3NTBhNWIxYzA4OWY5Y2QxOTFmMjJiYWI0YjA0MDQ1NWU5N2I5ZjVlNjM5YzQ0NTg2NzkxNDI2YjU0MTdkY2UyMRAAGgwIuaqerAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YThmNzQ0MDk0Nzg2NmY3NTBhNWIxYzA4OWY5Y2QxOTFmMjJiYWI0YjA0MDQ1NWU5N2I5ZjVlNjM5YzQ0NTg2NzkxNDI2YjU0MTdkY2UyMRAAGgwIuaqerAYSBAgCEABCAEoA&google_gid=CAESEFJwV8OK-9qvltZcoVnlb9k&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=11863de4-3c2c-4774-9285-82f3e62d75b6
Request Chain 338
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=72c4d137-5499-0a93-3758-7528ef53fa79
Request Chain 339
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
Request Chain 340
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmnf2c
Request Chain 342
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 343
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b1fa6d3762245fc93071d5c3e0b2073 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 345
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 347
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hl68t8gFDMSltDdeOZWHZQ
Request Chain 348
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe0307269a6d744c68d239a38c6c823bf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 351
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e179f308-a202-11ee-be46-8b2898521c37
Request Chain 356
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 358
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3enfOnRG1Rhe5z5&gdpr=0&gdpr_consent=
Request Chain 359
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759399871012125
Request Chain 360
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6428252964 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1e376597-7051-4403-b461-4ee96ad364b3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-68b096c2-d0b1-4e66-8520-94cda07faacf-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 361
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AAC8D408B59A4374A9D391D60E589B74&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

359 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tmz.com/people/maryse-ouellet/
Redirect Chain
  • http://tmz.com/person/maryse-ouellet/
  • https://www.tmz.com/person/maryse-ouellet/
  • https://www.tmz.com/people/maryse-ouellet/
180 KB
181 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-3.syd1.r.cloudfront.net
Software
Apache /
Resource Hash
736cd4a2ab3f82ac0e12220711d421bea6ac8b29af5713403c13c84fc749e719
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=150, public, s-maxage=300
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 02:19:29 GMT
link
<https://imagez.tmz.com>; rel="preconnect"; crossorigin="anonymous",<https://static.tmz.com>; rel="preconnect"; crossorigin="anonymous",<https://strike.fox.com>; rel="preconnect",<https://foxkit.fox.com>; rel="preconnect"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-mobile=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-platform=*, ch-ua=*
referrer-policy
unsafe-url
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
CloudFront-Viewer-Country
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-id
pbP2WatRfHw4Nblflv0O56f1JKdTWwXXOhba3OBz9GqLcs1vfy4Y3w==
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-fpc
miss
x-fpc-key
73063a2b31a2a88f7243cdc5bdcc6f4f048fbded0aa09735631e7096e542dd50
x-frame-options
SAMEORIGIN
x-node-ref
tmz:person:7181def6-d3c8-5ad3-a6ea-60685e5bac55
x-node-updated-at
1311982047
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
250
content-type
text/html; charset=iso-8859-1
date
Sun, 24 Dec 2023 02:19:28 GMT
location
https://www.tmz.com/people/maryse-ouellet/
server
Apache
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-id
lfTVSLEHcaPbGenK5ANE8u5h_pBqJVlESfkbYT7K1VRHs7kZMXKblQ==
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
main.desktop.8d5dea3eee483df60050.css
static.tmz.com/tmz-web/client/v3.14/ 		658 KB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13cc11faa86705027126cdf77fc30db92be1fc89d708a9da9edf1c300ff6bf68

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:44 GMT
x-amz-version-id
HHGEb2nS0PnEzS7USfpaX8.YVBIk1nqf
content-encoding
gzip
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382206
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
W/"0c50c6cf670026f774787a1fc41a49e3"
vary
Accept-Encoding
content-type
text/css
x-amz-meta-app-build
53d0530
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
lon7cmqvMwOrGu3M0LpjOwwtvwWiFaIdsvNm2b9t-F0nBAS6Y6FOQQ==
main.desktop.bffb1f24239f606b8499.js
static.tmz.com/tmz-web/client/v3.14/ 		623 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.bffb1f24239f606b8499.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ed14d6ef46a6c6770071ec0d3af689ebaec414436f32c5b107e8da392e709c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:44 GMT
x-amz-version-id
AGbkqIrJ1vBoLPyJHQ.xng50lX2bSl_2
content-encoding
gzip
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382206
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
W/"c2692fb4a94993258f578fca0b189e0b"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-app-build
53d0530
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
8Kchs87OO-2ip6X2wXwkaKC9HGJ-94W2mNjQRhpqSm8iQ3VeMi6q4A==
gpt.js
www.googletagservices.com/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1e7186b3a4096f721326036a574e0a527b987def33b75d6a6785abd5227debc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29174
x-xss-protection
0
server
cafe
etag
972 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 02:19:30 GMT
profile.js
foxkit.fox.com/sdk/profile/v2.10.0/ 		86 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxkit.fox.com/sdk/profile/v2.10.0/profile.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.55.252 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-55-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6283a1349f37e7c4ad382fdef3fdf0106b7884dccfb11ff117dcda5529fbc1b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 19:54:21 GMT
x-amz-cf-pop
SYD62-P1
etag
W/"e3ef59ee89acbecc3b62f101da34cbe2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=399211
content-length
23110
x-amz-cf-id
b06gP97XbDD3UsL-D3kDrX0SFoT9RsdXzr-5tGLelTDBK6T8oEyt-g==
loader.js
strike.fox.com/static/tmz/display/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://strike.fox.com/static/tmz/display/loader.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8d01c9bd1747b505f13a0b5882382a113cd5493fdb66e1fb736e7e23d760b4aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
hr6vZZoEPNarnY2MNeG_P1rXhbtmHjIL
content-encoding
gzip
date
Sun, 24 Dec 2023 02:19:30 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
MT23JAYJJHTNA7C0
x-amz-server-side-encryption
AES256
content-length
2477
x-amz-id-2
P336azU45hGys459ztGP+j2ZPBajsCVz22ADDjNi5RF4Q+TKCW2QTt4ExPrG6KAcQx61cjaLurM=
last-modified
Tue, 20 Jun 2023 17:49:09 GMT
server
AmazonS3
etag
"3710680be921b5a0ec54b5567a19d257"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Sun, 24 Dec 2023 02:29:30 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e0cfd53f37429b6217251f172833d092867a8f670f2f1995e3b284f73864c209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 02:19:30 GMT
boot.js
global.ketchcdn.com/web/v2/config/tmz/tmz_web/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2549ebc2830a5c67e1c046ab0dded0c13b4f95cf5239119e7f65903d5b4e64ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
date
Sun, 24 Dec 2023 02:19:30 GMT
age
1112
x-cache
HIT, HIT
request-id
6852c48c-78f3-4ddc-86a1-b1e9dbdda2e6
content-length
860
x-xss-protection
1; mode=block
x-request-id
259eee83-37b9-42cc-8afe-773e3143157f
x-served-by
cache-pdx12332-PDX, cache-bfi-kbfi7400101-BFI
x-timer
S1703384370.121531,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
23, 4
gtm.js
www.googletagmanager.com/ 		329 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTN543J&gtm_cookies_win=x
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bb79e8a32ebcf43e5f0960df08e1960ba1cd267edf70cbb3ae13995bd28fc1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108782
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 02:19:30 GMT
bg-masthead.jpg
static.tmz.com/tmz-web/client/v3.14/img/base/masthead/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tmz.com/tmz-web/client/v3.14/img/base/masthead/bg-masthead.jpg
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:45 GMT
x-amz-version-id
S55UUVd.2yyhl2f8DMCGmcyEBe0SdsGS
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382205
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
13106
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
"57f93a5e84af4b0fad564b3c904eb479"
content-type
image/jpeg
x-amz-meta-app-build
53d0530
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
jzIVv9lLj737m43cdPoHQKMTx-Y0StBAcmQ7As1nYthjKer4i8Z7Wg==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
bg-header.jpg
static.tmz.com/tmz-web/client/v3.14/img/theme/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tmz.com/tmz-web/client/v3.14/img/theme/bg-header.jpg
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57f32b44e6552998b7098e841b61b38cc2f2b1a2e58c9ae45031255caf0281d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:45 GMT
x-amz-version-id
f3kYIzWLlZcEQrtxJpIXgZ36YKzhC5dO
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382204
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
9122
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
"8394aa915b39ac2b31be582958101599"
content-type
image/jpeg
x-amz-meta-app-build
53d0530
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
0v5qUDhmGMy4G2SRHDk_KxG9bCPWCoX2Z6dlD-ODyEUCdZchRLpWsg==
truncated
/ 		127 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		968 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		604 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		468 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
SourceSansPro-Regular..woff2
static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/SourceSansPro-Regular..woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Origin
https://www.tmz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:45 GMT
x-amz-version-id
nXAXVd3GzM56bKRpLLlojwmxx9YdpbhK
via
1.1 dc1a63a7a534969f09f5dd25ee1d95f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382206
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
12960
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
"967c60da0742e7f2bdfbde13accaf519"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
53d0530
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
ikM99N-yVT09HkCbDxcMZoJZjtJA4A-2tCE6gSd3P9dZZLtbOBBBwg==
black-webfont..woff2
static.tmz.com/tmz-web/client/v3.14/fonts/proxima-nova-extra-condensed/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/fonts/proxima-nova-extra-condensed/black-webfont..woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Origin
https://www.tmz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:20:41 GMT
x-amz-version-id
XjdMkpy9k5WYRje93rjP0AsUsizTHNcW
via
1.1 dc1a63a7a534969f09f5dd25ee1d95f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382330
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
17880
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:22 GMT
server
AmazonS3
etag
"66e7b6660a29694e64c02561f9e14490"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
53d0530
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
Qq3yPX2bEouS3ruTLzqT0ajfdI4SltrDWG-R9b_41UKa6s6OCHCFNQ==
Cousine-Regular..woff2
static.tmz.com/tmz-web/client/v3.14/fonts/cousine/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/fonts/cousine/Cousine-Regular..woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Origin
https://www.tmz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:20:41 GMT
x-amz-version-id
NMSZUJuogBYWK85bbIFGiNFWhFGIwkf0
via
1.1 dc1a63a7a534969f09f5dd25ee1d95f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382330
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
8748
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:22 GMT
server
AmazonS3
etag
"c417ddf1b447836f9e8274339f6dfaeb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
53d0530
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
hB-wB9mkhn76pQXy9k9rKqDqobE5z9KCxX-FN6DTqqo7-fZHZX5aCQ==
SourceSansPro-Black..woff2
static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/SourceSansPro-Black..woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Origin
https://www.tmz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:45 GMT
x-amz-version-id
BCPH5v8h8KbI6Ha._Kh8vFgrxZHok1ww
via
1.1 dc1a63a7a534969f09f5dd25ee1d95f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382205
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
12148
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
"435f7b2523c3412a713b3560e07e5f72"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
53d0530
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
nD08FKcKE5h_g7nJ4XtCJXQhIPoWKmgt8a_dmLxX-Fg-zMVDmC9G3w==
SourceSansPro-Bold..woff2
static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.tmz.com/tmz-web/client/v3.14/fonts/sourcesanspro/SourceSansPro-Bold..woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.14/main.desktop.8d5dea3eee483df60050.css
Origin
https://www.tmz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 02:22:45 GMT
x-amz-version-id
KTYQJNliNnuq.y1ay1E_xnuIsWZnjjrn
via
1.1 dc1a63a7a534969f09f5dd25ee1d95f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1382206
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
12600
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:23 GMT
server
AmazonS3
etag
"35c8f8dfc61f476426607c74422b7d17"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
53d0530
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-meta-app-id
tmz-web
x-amz-cf-id
ruOMc7vit_nqoNebBp28h8i8rAL68BHihlQRPnjcSAu7Uwqm1M-Cow==
cbd2f8e37156481898ca6e7409f892a4_sm.jpg
imagez.tmz.com/image/cb/4by3/2022/01/27/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/cb/4by3/2022/01/27/cbd2f8e37156481898ca6e7409f892a4_sm.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c10178f6e4d598b49b516bd20f53d838a61b3bee464d0339a389002e31f61479
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-mnz1300716
age
119767
x-cache
RefreshHit from cloudfront, HIT, MISS
fastly-io-info
ifsz=155010 idim=1200x900 ifmt=jpeg ofsz=17142 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
17142
x-served-by
cache-iad-kiad7000082-IAD, cache-bne12528-BNE
x-timer
S1703384370.172259,VS0,VE215
etag
"M1Mgqqa8Sq4VT8FjOdlDcDlbGcb92HritGG90sfO9oY"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5, 0
aaa0dd732f0e56a887a73d8950e55975_sm.jpg
imagez.tmz.com/image/aa/4by3/2018/08/28/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/aa/4by3/2018/08/28/aaa0dd732f0e56a887a73d8950e55975_sm.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fe1681eff50c09f05e49b7cbceb2ab631be115121172c03143db0e3732d0a71
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-kiad7010250
age
3102788
x-cache
Miss from cloudfront, HIT, MISS
fastly-io-info
ifsz=38592 idim=728x547 ifmt=jpeg ofsz=6748 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
6748
x-served-by
cache-iad-kjyo7100100-IAD, cache-bne12528-BNE
x-timer
S1703384370.172222,VS0,VE231
etag
"R9jDN8PMLiUJIQScGW3L9TwxWDYq9XOPMef/zm92Y6U"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3, 0
74327545324a59718615ba8958781ab5_sm.jpeg
imagez.tmz.com/image/74/4by3/2017/12/19/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/74/4by3/2017/12/19/74327545324a59718615ba8958781ab5_sm.jpeg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a184c92eae08dd020f51a252dea1c9d00f2e9549b60445f57f6c75e17eadda2d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
img01-us-east4
age
182840
x-cache
Miss from cloudfront, HIT, MISS
fastly-io-info
ifsz=66331 idim=728x547 ifmt=jpeg ofsz=14458 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
14458
x-served-by
cache-iad-kcgs7200155-IAD, cache-bne12528-BNE
x-timer
S1703384370.171841,VS0,VE232
etag
"TGAGmuvV3SRzunD4nqYRWtiUeZttKsoizh+em8G+wOQ"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4, 0
c86ad76e07165e07b4e7cb3fe41e5f01_sm.jpg
imagez.tmz.com/image/c8/4by3/2017/10/24/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/c8/4by3/2017/10/24/c86ad76e07165e07b4e7cb3fe41e5f01_sm.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5955c9ba55b9107acb36500912e38a9ad577ecae28f7d59449b9dff4a8d32e5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-mnz1300718
age
984388
x-cache
Hit from cloudfront, HIT, MISS
fastly-io-info
ifsz=39481 idim=728x547 ifmt=jpeg ofsz=6434 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
6434
x-served-by
cache-iad-kiad7000031-IAD, cache-bne12528-BNE
x-timer
S1703384370.171858,VS0,VE214
etag
"MirwdQqiE5dPnKy2pMOv0OVk8Oik0aVOb+ZKM5uHERI"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4, 0
040b58178abc5d65aee7082dfb8dc75a_sm.jpg
imagez.tmz.com/image/04/4by3/2011/08/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/04/4by3/2011/08/03/040b58178abc5d65aee7082dfb8dc75a_sm.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
019b7226eb576f9cea64076ac9abc9357df192a55f1044968bdbb7b1b1843fbd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-mnz1300709
age
119768
x-cache
Miss from cloudfront, HIT, MISS
fastly-io-info
ifsz=16969 idim=550x275 ifmt=jpeg ofsz=9224 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
9224
x-served-by
cache-iad-kjyo7100141-IAD, cache-bne12528-BNE
x-timer
S1703384370.171233,VS0,VE229
etag
"L5EvO9sd+FXCklOW6B0pqA/cDC2Q9b4SvmalNLBLWRQ"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4, 0
5daec46d8fb259ea83dfb678e65209de_sm.jpg
imagez.tmz.com/image/5d/4by3/2011/07/30/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagez.tmz.com/image/5d/4by3/2011/07/30/5daec46d8fb259ea83dfb678e65209de_sm.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a877e107ac086f4e17c1d148871f8c12ee48b5779be7de102e1284287f82d1bd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
fastly-io-served-by
vpop-kiad7010210
age
1791667
x-cache
Hit from cloudfront, MISS, HIT
fastly-io-info
ifsz=26891 idim=550x275 ifmt=jpeg ofsz=11572 odim=420x315 ofmt=webp
fastly-stats
io=1
content-length
11572
x-served-by
cache-iad-kiad7000092-IAD, cache-bne12528-BNE
x-timer
S1703384370.171375,VS0,VE1
etag
"OEEUm/t9ScVLFkqTehq9RG7+BLMe3VZVRuRtnEifWHE"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0, 1
thirtymilezone.svg
static.tmz.com/tmz-web/img/ 		31 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tmz.com/tmz-web/img/thirtymilezone.svg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5152a82a2c9b459270a8dc7caabdba269dd2b15a588ae65a651ad907a8c2cbf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
OvFWV9x3Toh3DjTGXS4OqbvXeIVbT6ml
content-encoding
gzip
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 01:52:24 GMT
x-amz-cf-pop
SYD1-C1
age
1943
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
3.14.0
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Fri, 08 Dec 2023 01:16:19 GMT
server
AmazonS3
etag
W/"f1187274213d449c9f951ca83accf18a"
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-meta-app-build
53d0530
cache-control
max-age=3600
x-amz-meta-app-id
tmz-web
x-amz-cf-id
0b4RhXXTd7P99nDY7ztXGUmYAjYRe1Sn20ScoirQR-CyMUDjMUipRA==
jumbotron.html
www.tmz.com/_/promotion/people-jumbotron-bottom/ 		0
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tmz.com/_/promotion/people-jumbotron-bottom/jumbotron.html
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.14/main.desktop.bffb1f24239f606b8499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-3.syd1.r.cloudfront.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
Apache
x-fpc-key
dcf02cc640e07bacb0b8ed51f05d67acf1b63de8e3d52ff881e1fc718f671f9b
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
x-frame-options
SAMEORIGIN
vary
CloudFront-Viewer-Country
content-type
text/html; charset=UTF-8
cache-control
max-age=321, public, s-maxage=321
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-mobile=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-platform=*, ch-ua=*
x-robots-tag
noindex
x-fpc
miss
x-amz-cf-id
MvvqjmIQQqeqhCFXZMjlfhL4_jzcVx12NRHWCgyBDo1_gL6sYo2Jnw==
lanyard.js
cdn.ketchjs.com/lanyard/v1/ 		312 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ketchjs.com/lanyard/v1/lanyard.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4b06f5383bc9fea0f2f3aaed357a0061d20784e78469b702e4475baec2d57f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
860
date
Sun, 24 Dec 2023 02:19:30 GMT
x-cache
HIT, HIT
request-id
3f471d46-7247-4e69-abee-0ea90cfa49f4
content-length
73456
x-xss-protection
1; mode=block
x-served-by
cache-pdx12329-PDX, cache-bne12526-BNE
last-modified
Wed, 13 Dec 2023 11:48:26 GMT
x-timer
S1703384370.236787,VS0,VE0
etag
"443db3b321faf321c7efea0c0f776a00"
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
262328, 48
plugins.js
cdn.ketchjs.com/plugins/v1/ 		223 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ketchjs.com/plugins/v1/plugins.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e5bbfd8bc200489300d59fc2afbe34c958ffc4f86796a03bb8a8367012e6637
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
689
date
Sun, 24 Dec 2023 02:19:30 GMT
x-cache
HIT, HIT
request-id
d808e8e2-4706-4e22-a9be-86670b85aa33
content-length
46119
x-xss-protection
1; mode=block
x-served-by
cache-pdx12326-PDX, cache-bne12526-BNE
last-modified
Thu, 14 Dec 2023 17:33:27 GMT
x-timer
S1703384370.236999,VS0,VE0
etag
"314d90d867094ccbe9ce9cdfa78f1e8f"
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
51691, 2216
ketch.js
cdn.ketchjs.com/ketchtag/latest/v2.12/ 		101 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Requested by
Host: global.ketchcdn.com
URL: https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc1f94acaa2032845a22acad293387186cc831f8893bd8033229c72b6ed0ce0b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600; includeSubDomains; preload
age
999
date
Sun, 24 Dec 2023 02:19:30 GMT
x-cache
HIT, HIT
request-id
9c2764b6-2364-4d8a-aa23-d0b1a22496e5
content-length
26318
x-xss-protection
1; mode=block
x-served-by
cache-pdx12320-PDX, cache-bne12526-BNE
last-modified
Wed, 13 Dec 2023 11:47:42 GMT
x-timer
S1703384370.236995,VS0,VE0
etag
"ee60fa6881673b1a1a0fa15d4ca20e7e"
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
191370, 47
ip
global.ketchcdn.com/web/v2/ 		51 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/ip
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
a91884c8c46d65f5d1d26858b89ee87646d90367db9e342ec5691682d48baba2
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31557600; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 varnish
content-security-policy
default-src 'self'
strict-transport-security
max-age=31557600; includeSubDomains; preload
x-cache
MISS
request-id
3ecf3101-431a-4ed1-9c52-10056f017c42
content-length
51
x-request-id
3ecf3101-431a-4ed1-9c52-10056f017c42
x-served-by
cache-bne12527-BNE
server
Varnish
x-timer
S1703384370.340041,VS0,VE0
vary
Origin, User-Agent
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
private, max-age=86400
accept-ranges
bytes
retry-after
0
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
8430
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 22 Dec 2024 23:59:00 GMT
xid
www.tmz.com/ 		46 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tmz.com/xid
Requested by
Host: foxkit.fox.com
URL: https://foxkit.fox.com/sdk/profile/v2.10.0/profile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-3.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a58dfece42bbead9f399f364fdfa3c3cfda24d96df8c60f04b8063533950447

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
x-cache
LambdaGeneratedResponse from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
46
x-amz-cf-id
HfR6CU4OkgRrZPZj1Xq6UDwxbE7DMswbvLLHqY6cQHIilO4bQkZGxg==
config.json
global.ketchcdn.com/web/v2/config/tmz/tmz_web/production/1511944166905345758/default/en/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/config/tmz/tmz_web/production/1511944166905345758/default/en/config.json
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb09dea30edefbcf196143f60e757b5c9c140e2ad456a663182860e786547cac
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
date
Sun, 24 Dec 2023 02:19:30 GMT
age
76718
x-cache
HIT, HIT
request-id
2e549f48-2844-4246-97ff-a15f60f1d892
content-length
2616
x-xss-protection
1; mode=block
x-request-id
3d205053-2e47-4c0f-837b-8a345f896d2c
x-served-by
cache-pdx12323-PDX, cache-bne12527-BNE
x-timer
S1703384370.365912,VS0,VE0
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
25, 495
submit
prod.pyxis.atp.fox/pyxis/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.102.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-102-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Length, Content-Type, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
86400
date
Sun, 24 Dec 2023 02:19:31 GMT
submit
prod.pyxis.atp.fox/pyxis/ 		71 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Requested by
Host: foxkit.fox.com
URL: https://foxkit.fox.com/sdk/profile/v2.10.0/profile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.102.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-102-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b55643fd04b3b3169e7cb81fbbb561abd10dc413a19045f7bef446810c4234c8

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 02:19:31 GMT
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Length, Content-Type, Accept-Encoding
content-length
71
get
global.ketchcdn.com/web/v2/consent/tmz/ 		200 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/get
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f61402ae627f17a7a43d8f118a4fd7d85c18ad52b801ad79c0eb0b1b19fd48c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
date
Sun, 24 Dec 2023 02:19:30 GMT
x-cache
MISS, MISS
request-id
f9272f88-90b9-4d9c-ac0e-c2848fe45e10
content-length
178
x-xss-protection
1; mode=block
x-request-id
f25b7d99-f884-403d-bbc2-2349e9bac2ea
x-served-by
cache-pdx12326-PDX, cache-bne12527-BNE
x-timer
S1703384371.591634,VS0,VE192
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-621195757
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bcff69700187a58223480861611dedb6e8775568696146b7acd8d7405d1456e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72389
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 02:19:30 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-23.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:00:20 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
24315
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yuprPz9xDMt_mk71miNdgcD1f40hmFD0bFmrNbnryYWu_w5VyAy36w==
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=45je3bt0v890904141&_p=1703384369763&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2096876388.1703384371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703384370&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&dt=Maryse%20Ouellet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NCN9V8PMQF&cid=2096876388.1703384371&gtm=45je3bt0v890904141&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 01:16:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3772
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Dec 2023 03:16:38 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-621195757&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4a6a747f45437ab55033bc25d96d2cc8ec94cd652903f76338d731116c3b4f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72403
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 02:19:30 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NCN9V8PMQF&cid=2096876388.1703384371&gtm=45je3bt0v890904141&aip=1&dma=0&gcd=11l1l1l1l1&z=619617571
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541&ja=1
44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541&ja=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
54.252.69.94 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-252-69-94.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-404979h&cg=0&cc=1&si=https%3A//www.tmz.com/people/maryse-ouellet/&rp=&ts=compact&rnd=1703384370541&ja=1
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
get
global.ketchcdn.com/web/v2/consent/tmz/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/get
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Authorization
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE
access-control-allow-origin
https://www.tmz.com
content-length
0
content-security-policy
default-src 'self'
date
Sun, 24 Dec 2023 02:19:30 GMT
request-id
38ab0933-dbe3-460a-9ebe-1fd0132b6fd6
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
deny
x-request-id
ef8bb0ca-8f76-4bfe-8e9a-caa0fb78b093
x-served-by
cache-pdx12333-PDX, cache-bne12527-BNE
x-timer
S1703384370.396749,VS0,VE181
x-xss-protection
1; mode=block
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Ouel...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Oue...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Ouellet&c9=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
13.35.147.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-23.syd1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C1
x-amz-cf-id
zbQhI55td53KUIppKarwFDmRoW9WVXOEMpihLmpaeyqn57KSl-4pCQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 24 Dec 2023 02:19:30 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=9013181&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703384370568&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c8=Maryse%20Ouellet&c9=
content-length
0
x-amz-cf-id
g1Wr3cAI0zEFKCJUCTIiHUWh8RWB2qq4QpiOWyI9JMy8-qpUjazIyg==
app.v128.js
strike.fox.com/static/tmz/display/ver/ 		1 MB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://strike.fox.com/static/tmz/display/ver/app.v128.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf4f5ab0045686b26c1cae1052ec838ba10e9807774e88a277c61cba77481ec3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KEUrDy_YIhI6SNtmEMmeg5yvE7ECiyLo
content-encoding
gzip
date
Sun, 24 Dec 2023 02:19:30 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
SJZ3XBSFGEMAQE3C
x-amz-server-side-encryption
AES256
x-amz-id-2
2Ab0P5Aho1amVsbseewF8Ljte+ZrNFv1fVVY5RN8jM/48O2UR6SCxOGFU2X/On+Iva+8CMLbDM4=
last-modified
Tue, 20 Jun 2023 17:49:08 GMT
server
AmazonS3
etag
"63fa2ed4d224254d213b547f7f7bf46e"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Sun, 24 Dec 2023 02:29:30 GMT
geo.js
static.foxnews.com/static/orion/scripts/core/utils/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1703384370661&v=v128
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6e1608fa15daca8c9d84431980be2484196cfd42212e943fc06f0a74dd6f8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bfi-krnt7300046-BFI
date
Sun, 24 Dec 2023 02:19:31 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
x-cache
HIT
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
5080
retry-after
0
x-cache-hits
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777
362 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
52.62.193.219 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-193-219.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
194823d1ffd78b9a9db726ee2f253cfbdc42ca94f7ed4ed5fb322ee81c670589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-041923d1a.edge-apse2.demdex.com 1 ms
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
n4vr8Ym7Q34=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
304
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-apse2-1-v054-0ba2b192b.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
5tcJZxWcSXg=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1703384370777
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/?random=1703384370805&cv=11&fst=1703384370805&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&hn=www.googleadservices.com&frm=0&tiba=Maryse%20Ouellet&us_privacy=1---&auid=1200808611.1703384371&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621195757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
923c3f1f4f37d16eb42edfb911a94796ba3530906cbb1e57341de6748af99410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621195757/?random=1703384370820&cv=11&fst=1703384370820&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&hn=www.googleadservices.com&frm=0&tiba=Maryse%20Ouellet&value=replace%20with%20value&us_privacy=1---&auid=1200808611.1703384371&uamb=0&uaw=0&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621195757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ccb06d74c0fdad67bc043e546264d9dce15106759d41418727bd03eed61857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
update
global.ketchcdn.com/web/v2/consent/tmz/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/update
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Authorization
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE
access-control-allow-origin
https://www.tmz.com
content-length
0
content-security-policy
default-src 'self'
date
Sun, 24 Dec 2023 02:19:31 GMT
request-id
efed0d85-4092-4338-aea9-0979c14526f1
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
deny
x-request-id
977edbdc-63aa-4c94-a208-46e0548b6124
x-served-by
cache-pdx12325-PDX, cache-bne12527-BNE
x-timer
S1703384371.837368,VS0,VE187
x-xss-protection
1; mode=block
update
global.ketchcdn.com/web/v2/consent/tmz/ 		310 B
505 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://global.ketchcdn.com/web/v2/consent/tmz/update
Requested by
Host: cdn.ketchjs.com
URL: https://cdn.ketchjs.com/ketchtag/latest/v2.12/ketch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2bc49db2b0ebf70f73ce45db86755235972412f9a245147c34de90c7759e664
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
date
Sun, 24 Dec 2023 02:19:31 GMT
x-cache
MISS, MISS
request-id
908fead1-1838-4dc4-bff5-734a216891dd
content-length
244
x-xss-protection
1; mode=block
x-request-id
c5cd8578-6e70-478f-a9ce-e503f7625bbb
x-served-by
cache-pdx12333-PDX, cache-bne12527-BNE
x-timer
S1703384371.038582,VS0,VE198
x-frame-options
deny
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
dest5.html
fox.demdex.net/ Frame 9A60 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fox.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.193.219 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-193-219.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 02:19:30 GMT
dcs
dcs-prod-apse2-2-v054-0a71f714b.edge-apse2.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Nov 2023 15:48:13 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
1JAgnaqDRpo=
id
smetrics.tmz.com/ 		48 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.tmz.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&mid=65623027268144044380935669193070254639&ts=1703384370837
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-133.data.adobedc.net
Software
jag /
Resource Hash
5d586ed914b0d1d0843ce877f39cd35b6e5252a0a05cb58e49ec5ff84a65678e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Dec 2023 02:19:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.tmz.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZYeVMwAAAMYcBwN7
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=59351209882131674150409854727951110222
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYeVMwAAAMYcBwN7
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYeVMwAAAMYcBwN7
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
52.62.193.219 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-193-219.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-0d45b6f9c.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
bVB70dNgRpw=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYeVMwAAAMYcBwN7
Date
Sun, 24 Dec 2023 02:19:31 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s06330363080643
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.23.0/ 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.23.0/s06330363080643?AQB=1&ndh=1&pf=1&t=24%2F11%2F2023%2010%3A19%3A30%200%20-480&mid=65623027268144044380935669193070254639&aamlh=8&ce=UTF-8&cdp=3&pageName=Maryse%20Ouellet&g=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&cc=USD&events=event6&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tmz-web&v1=tmz-web&c2=person&v2=person&c3=people&v3=people&c4=news&v4=news&c6=maryse-ouellet&v6=maryse-ouellet&c14=maryse-ouellet&v14=maryse-ouellet&c15=6%3A00PM&v15=6%3A00PM&c16=Saturday&v16=Saturday&c17=Weekend&v17=Weekend&c18=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&v18=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&c27=New&v27=New&c34=desktop&v34=desktop&c43=maryse-ouellet&v43=maryse-ouellet&c44=7181def6-d3c8-5ad3-a6ea-60685e5bac55&v44=7181def6-d3c8-5ad3-a6ea-60685e5bac55&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-133.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 25 Dec 2023 02:19:31 GMT
server
jag
etag
3657990084693032960-4617964204758077149
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 02:19:31 GMT
/
www.google.com/pagead/1p-user-list/621195757/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/621195757/?random=1703384370805&cv=11&fst=1703383200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&frm=0&tiba=Maryse%20Ouellet&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Sk-t8TYHyZTQrZgs1fHzYcADl3hLJA&random=4179805954&rmt_tld=0&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/621195757/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/621195757/?random=1703384370805&cv=11&fst=1703383200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&frm=0&tiba=Maryse%20Ouellet&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Sk-t8TYHyZTQrZgs1fHzYcADl3hLJA&random=4179805954&rmt_tld=1&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/621195757/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/621195757/?random=1703384370820&cv=11&fst=1703383200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&frm=0&tiba=Maryse%20Ouellet&value=replace%20with%20value&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_FgbZJ7GGYiCfWS3b8SdP8Wn4p_JSgg&random=783435934&rmt_tld=0&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/621195757/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/621195757/?random=1703384370820&cv=11&fst=1703383200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&frm=0&tiba=Maryse%20Ouellet&value=replace%20with%20value&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_FgbZJ7GGYiCfWS3b8SdP8Wn4p_JSgg&random=783435934&rmt_tld=1&ipr=y
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lodash.js
static.foxnews.com/static/strike/scripts/libs/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/strike/scripts/libs/lodash.js?v=v128
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:31 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31557600
age
58191
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT, HIT
content-length
14140
x-served-by
cache-iad-kcgs7200034-IAD, cache-iad-kcgs7200153-IAD, cache-bfi-krnt7300046-BFI
last-modified
Mon, 21 Aug 2023 19:45:33 GMT
x-timer
S1703384372.611296,VS0,VE1
etag
"e5b73a0c7c56d44909a07f7f0cd37c3d"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
x-debug-path
/static/strike/scripts/libs/lodash.js
access-control-allow-headers
*
x-cache-hits
0, 3, 211
fennec.js
prod.fennec.atp.fox/js/ 		1 MB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.fennec.atp.fox/js/fennec.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-11.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3ef2c1a2995d026f11ad814a6a7b5a93207de66fa6c27aab3c7c53ce1bbdf33

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
x3yu4Okkg7m6Q1CGKggwt.1qVPjBd7Uf
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 21:59:08 GMT
last-modified
Tue, 05 Dec 2023 21:06:24 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
15625
x-amz-server-side-encryption
AES256
etag
W/"9abe5abad09d6fd3bfde8e05fd12c8ee"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0U_yjGTjYWyDHoHz1ldUEiQR-_ML9kKRwdGYrjO0IHeRFvov9uEOPw==
ope-fox.js
cdn.opecloud.com/ 		72 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.opecloud.com/ope-fox.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-101.syd62.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
f3d08274c194e8f884374183f05abb3b30cbd31e8c789853ba40c7edd2ad049b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:41:32 GMT
content-encoding
gzip
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 10:22:50 GMT
server
nginx/1.24.0
x-amz-cf-pop
SYD62-P2
age
2285
etag
W/"65816efa-121ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
XUfYunxNM6pFu87SglHZ-g1fmvh3lNIZwnYHHKTc_8Sjd7ZRZxsUew==
expires
Sun, 31 Dec 2023 01:41:26 GMT
uid
foxus.tagger.opecloud.com/foxus/v2/ 		0
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://foxus.tagger.opecloud.com/foxus/v2/uid
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.76.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-76-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.tmz.com
date
Sun, 24 Dec 2023 02:19:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
scripts.webcontentassessor.com/scripts/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f35617f3fbecd9fdd66efab4665ca782371816b9d12b59616de0f110989d8e98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
P0p8F.LSMJUghA931zdS25cSED3bP.CI
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 02:19:31 GMT
x-amz-request-id
BR84B2RM96Q88EWT
age
2689
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
47885
x-amz-id-2
pMkDXmR01gqQcJDXpWeB2yxannRJQFgWFXHD2sHhK22L12warZKDjkdqL5YoR6fZ3yzoctgPDZc=
x-served-by
cache-bne12527-BNE
last-modified
Sun, 24 Dec 2023 01:34:34 GMT
server
AmazonS3
x-timer
S1703384372.791250,VS0,VE0
etag
"94477f760a8d4f2e371e548998ff47ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
x-cache-hits
27
tag
btloader.com/
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
  • https://btloader.com/tag?o=5735828726743040&upapi=true
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5735828726743040&upapi=true
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c8bf5352ebbeae43143727ea23acff4db73e2e2c19f59bf70b30c5fd24de0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 02:13:58 GMT
server
cloudflare
age
169
etag
"389c95760bb2f677909c884628a0f2a6"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
83a55c291ce1dfb5-SYD
content-length
17982

Redirect headers

location
https://btloader.com/tag?o=5735828726743040&upapi=true
date
Sun, 24 Dec 2023 02:19:32 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
83a55c2579e0dfc1-SYD
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
prebid.js
strike.fox.com/static/tmz/display/libs/ 		346 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://strike.fox.com/static/tmz/display/libs/prebid.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46a505bc6f5c7c047e4bc61224e6cc94e391216462205d73ff8edd0f62663546
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
OhSZSnJZV6_L861nIm4VQkSzY6oZxQ6b
content-encoding
gzip
date
Sun, 24 Dec 2023 02:19:31 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
4EJJR5N3NNC31FCG
x-amz-server-side-encryption
AES256
x-amz-id-2
x3nMFbZYfr7i7UWSWqRkVhIQ245Vyj2/oDDbQ3ey+RqT5JyfyNZGnZdqPJMXXc2v3b+6CQROX1Q=
last-modified
Tue, 20 Jun 2023 17:49:08 GMT
server
AmazonS3
etag
"c821e2b378b472d1b7ae1cdd03853431"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Sun, 24 Dec 2023 02:29:31 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:02:42 GMT
content-encoding
gzip
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront), 1.1 bc447bebac6752b9d1351a9e5ee7d13a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD1-C1
age
1010
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Q8Ivb6wEDKcQHJU1r4BOgPuw4aDLCAXmxfg3tRj_IScJjVwF_3epZg==
3023
config.aps.amazon-adsystem.com/configs/ 		532 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3023
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-7.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
2b874d2ac71c1b9f89eb9e1bfa6fd77dca55413caba63c028b0beffacb1bbb96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:53:42 GMT
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
1549
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
GjKFc_j20UUAv51kMyUscznZ46kzEeD87Mrnf6_Vtd8cuscSPO4Ahg==
config
c.amazon-adsystem.com/cdn/prod/ 		197 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3023&u=https%3A%2F%2Fwww.tmz.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
Server /
Resource Hash
ab83aad4740edf8edba52ff08ee1f96fb9e04dd6ed361c38384bff5db63865ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:31 GMT
via
1.1 bc447bebac6752b9d1351a9e5ee7d13a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
197
x-amz-cf-id
UBSr47Z2b6DUYJaxXfIT_aYGfmsEhRgfgb0zViUvZXhFd-y5swhZog==
bid
aax.amazon-adsystem.com/e/dtb/ 		145 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3023&u=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&pid=uxaMhmHT44DxV&cb=0&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22ad-header%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
7647eda4133dda622cafa123e7e2a3e906469e8d31573d94ef4c0c563b2ca0f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:31 GMT
via
1.1 74ae22067fef6f6228fb9f864f22f58a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
145
x-amz-cf-id
PKB3xTTWuqymwTU0_ePoUwk5o-9xxji9usu3UzdYOrXNhYMHxqPmMw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d84cce98b6433e191cc61635f56f5108.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 20:17:04 GMT
x-amz-cf-pop
SYD1-C1
age
21747
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0T-NJ6AkEqjNPySZuKmwwS6jDRIqFBNrr5ijG8dz40snuZAQ2vVqGQ==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 24 Dec 2023 02:19:32 GMT
server
ATS/9.1.10.94
hb
ssc.33across.com/api/v1/ 		139 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=ddBfB28VSr7kTZrkHcnlKl
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a6c21364f409500d1fb958db55b234bc652a942d72c054f05b0984b98e94fc25

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=785515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223b14b04a47ab6b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F%22%2C%22err%22%3A%7B%222%22%3A2%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224cd878ca133588%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22785515%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d007701c860c9762eb5487e3a1f025e95d744f47ee9a5ff5bbb0655e7347dd48

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWaevwYuEcq6gDFBcJvE0TaH1jRt3yrPB6f3ORBnygWsZG6xkQyKvJ9JO9ZHRpVFnOGRZ%2BZZ0kL%2BOaZMq8ZHeXqjTsn%2B%2FXrnnil3Cq1KTbhshW5ZuZminv3pKS5kHx6R1MRhEpXp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a55c244b1ca87c-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tmz.com
date
Sun, 24 Dec 2023 02:19:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:32 GMT
an-x-request-uuid
91eb60f2-0c62-4708-9c50-64374e3e73a0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
foxnews-d.openx.net/w/1.0/ 		189 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://foxnews-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8ce6cd8a-7c7f-4c01-bef6-a89e56c0c758&nocache=1703384371865&us_privacy=1---&aus=970x250%2C728x90&divids=ad-header&aucs=&auid=557084240
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
51afc8afb21fcdc397784380d2b7fd617e2435a83e8933964937ff2150345a00

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.tmz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
93902d77edd31b3f7bc96f38e80c5e152a76f079798ff16426c2cb61ffc37ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
1e1f4f2936987378c743934891c147383e819102948f17d11cae6a526882cc9d

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
content-length
84
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.0&cb=81998358204
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tmz.com
date
Sun, 24 Dec 2023 02:19:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13226&site_id=414284&zone_id=2330128&size_id=2&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=8ce6cd8a-7c7f-4c01-bef6-a89e56c0c758&l_pb_bid_id=23f0e53e25f1165&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24830523463259513
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d608f64530cc948ed0ea633649b248b00ebe43d6a1e44bbf6262f59e0640919d

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
krk.kargo.com/api/v2/ 		2 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22afa806c2-4bfc-494b-a84d-6fd80b236db5%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1703384371872%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%222540ed09c19a396%22%3A%22_g0bSSAzdZz%22%7D%2C%22bidSizes%22%3A%7B%222540ed09c19a396%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_g0bSSAzdZz%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22ad-header%22%2C%22transactionId%22%3A%228ce6cd8a-7c7f-4c01-bef6-a89e56c0c758%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%222540ed09c19a396%22%2C%22bidderRequestId%22%3A%2224b8929ce006337%22%2C%22auctionId%22%3A%223deb91a0-8abb-4776-97a7-188d28119184%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.128.190.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-47-128-190-164.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:32 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.tmz.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/ 		19 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.0&referrer=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&tmax=2000&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.138.247.38 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-247-38.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:32 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
u
7bd92.v.fwmrm.net/ad/
Redirect Chain
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&ref=&tref=&tz=-8&screen=1600x1200x24&dcRegion=us-west-1&cmpstatus=notrequired&e=%5B%7B%22...
  • https://fox.tagger.opecloud.com/fox/v2/pixel.gif?e=%5B%7B%22opt-out%22%3Afalse%2C%22business_unit%22%3A%22tmz%22%2C%22type%22%3A%22Opt-out_by_BU%22%7D%5D&tref=&url=https%3A%2F%2Fwww.tmz.com%2Fpeopl...
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_hm=MTgwNmU0MzktMDA1OC0zYWM4LTk5NzEtMWFlZTcyMWM2NTk4&google_redir=https%3A%2F%2Ffox.tagger.opecloud.com%2Fdbmhm%2Fpbfs.gif%3Fsource%3D...
  • https://fox.tagger.opecloud.com/dbmhm/pbfs.gif?source=fox&state=2-0VUexPCxgYmrUBkb88YxDP5bZOjmkU0ACKYH&puid=1806e439-0058-3ac8-9971-1aee721c6598
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-EIpoFHrX1%252Fv4xX1j2Nc%252FEfwaBwlyMRWk03my%26source%3Dfox&puid=%25%25TDID%25%25
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-EIpoFHrX1%252Fv4xX1j2Nc%252FEfwaBwlyMRWk03my%26source%3Dfox&puid=%25%25TDID%25%25
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=1e376597-7051-4403-b461-4ee96ad364b3&state=2-EIpoFHrX1%2Fv4xX1j2Nc%2FEfwaBwlyMRWk03my&source=fox
  • https://fox.tagger.opecloud.com/tradedesk/pbfs.gif?puid=1e376597-7051-4403-b461-4ee96ad364b3&state=2-EIpoFHrX1%2Fv4xX1j2Nc%2FEfwaBwlyMRWk03my&source=fox
  • https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-6ak%252B6tUzZXQxsqYu4jRydiRB56MmAm9MFRe4%26puid%3D%23%7Buser.id%7D
0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-6ak%252B6tUzZXQxsqYu4jRydiRB56MmAm9MFRe4%26puid%3D%23%7Buser.id%7D
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
18.134.84.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-84-23.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
X-Fw-Request-Id
uml016d_1703384375471054700
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
content-encoding
gzip
vary
Accept-Encoding
location
https://7bd92.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Ffox.tagger.opecloud.com%2Ffreewheel%2Fpbfs.gif%3Fsource%3Dfox%26state%3D2-6ak%252B6tUzZXQxsqYu4jRydiRB56MmAm9MFRe4%26puid%3D%23%7Buser.id%7D
cache-control
no-cache, no-store, must-revalidate
content-length
20
expires
0
iu3
s.amazon-adsystem.com/ Frame 6DC9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
315 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c8e84baec8a95f5e12c82dbd7f47dc65dd066f75dc6184601073524101e53429
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
315
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 02:19:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YZ420767J9TAF2668B7X

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 02:19:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7GRYVY7RDWRHDDV6XYYS
boi.json
prod.fennec.atp.fox/config/ 		210 B
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.fennec.atp.fox/config/boi.json
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-11.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9a9d156702e03ffa85433b9eae1403620d5ff8e76b91f32af60821c2ef08b29

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DStAsh9531f0i0xPxibbmFp3o3k7PM.8
date
Sat, 23 Dec 2023 21:57:24 GMT
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
15729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
210
last-modified
Fri, 22 Dec 2023 15:56:15 GMT
server
AmazonS3
etag
"d295070760ccf380e24dd9f80d119bbe"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600, stale-while-revalidate=3600
accept-ranges
bytes
x-amz-cf-id
GjZEUeRy8gpFdmHr0Pu_yXINBb--0g4Yt5KH86ruZdi_k4aIaRKh0w==
tmz.json
prod.fennec.atp.fox/config/ 		309 B
830 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.fennec.atp.fox/config/tmz.json
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-11.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5e18aa0b71e738893788382ee69ef481e2649807ca9b7502d2704f4c3a56000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
xb9.LZWe8VF1SdiUkZMHRBu5RBNxf__i
date
Sat, 23 Dec 2023 22:02:16 GMT
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
15448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
309
last-modified
Fri, 22 Dec 2023 15:56:18 GMT
server
AmazonS3
etag
"f2d9e75b985228cd636aada1e94e4b72"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600, stale-while-revalidate=3600
accept-ranges
bytes
x-amz-cf-id
4yZTy_kq9X0U_qPaw8t0uhPEuYqvMoPdGjUTGG-7ekkIhybJupoF6A==
xid
prod.xid.atp.fox/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.xid.atp.fox/v2/xid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-4.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.tmz.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
date
Sun, 24 Dec 2023 02:19:32 GMT
server
CloudFront
timing-allow-origin
*
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-id
mB-6iwoLWszp9WFztF2tHe7hgKTbri4xQvFJggb1ms1goI1hv6K-0A==
x-amz-cf-pop
SYD62-P1
x-cache
LambdaGeneratedResponse from cloudfront
xid
prod.xid.atp.fox/v2/ 		46 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.xid.atp.fox/v2/xid
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-4.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a58dfece42bbead9f399f364fdfa3c3cfda24d96df8c60f04b8063533950447

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json;

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P1
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.tmz.com
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
46
x-amz-cf-id
-5b6MqL8BbZxzIQuVJ2kK6Oz-qDCA17gzSaR1ra27fVFpRSJGQlFdw==
alt-svc
h3=":443"; ma=86400
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 02:19:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2112218
x-guploader-uploadid
ABPtcPpQ5HG145S3ilTrOZs9D44lEEn01HPXZAcY7gPDQzxPDkG0XTmlPH5JLfDBImt9ecbK9u4YJzsz9w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azLwCdxwTf7IegZzATGdt5JaytF2VTOETaDUAB2rSpv2%2FGDjjzcdU70PlxkYJpxTpvbM4aLCPqhCX%2Bqc1A9RoIrGRohldd5AIl74v%2FhOEJDV%2FlSHb3pK5kpQfE1x5hT4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
83a55c2b29a879d2-SYD
expires
Wed, 29 Nov 2023 16:23:26 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 21:50:32 GMT
px.gif
ad-delivery.net/ 		43 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.36912189895572967
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2112218
x-guploader-uploadid
ABPtcPpQ5HG145S3ilTrOZs9D44lEEn01HPXZAcY7gPDQzxPDkG0XTmlPH5JLfDBImt9ecbK9u4YJzsz9w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fzU2mZbrWAaIws5L6bbj8J9EElbLC8%2B1eqm2Vk2TaujcN2FjZrIjVNezYs01POhzRR7bfcF2JD5KTOxcAzjGudgv9Eol9TRarPzIXmtJkeifsl4eqdPTortLfFszCAf9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
83a55c2b29aa79d2-SYD
expires
Wed, 29 Nov 2023 16:23:26 GMT
pr
s.amazon-adsystem.com/v3/ Frame 39CC 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3ffbb25122eed3203c6b5d0457a1fbd4e2c7845afd95bdab0979f37fc7cf2ff0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1825
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 02:19:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
896BB2Y3RYPM95YQBB8E
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1702795590281796&correlator=512675522675244&eid=31080079&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Cother%2Clb1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703384372998&lmt=1703384372&adxs=315&adys=35&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&vis=1&psz=1600x314&msz=1600x70&fws=4&ohw=1600&ga_vid=2096876388.1703384371&ga_sid=1703384373&ga_hid=153873971&ga_fc=true&dlt=1703384369400&idt=1345&ppid=b1cc2fd0-00cd-4a54-a049-6d3119c0c108&prev_scp=c%3Dpeople%26adtype%3Dfirst%26url%3Dpeople_maryse-ouellet_%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dpeople%26sub_section%3Dnews%26node_label%3Dperson%26node_id%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55%26node_slug%3Dmaryse-ouellet%26vid%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55%26amznbid%3D2%26amznp%3D2&adks=2079650687&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
9d262ac9382b0e99ca6e45e54fc0fd5d7a73e29011c6592a5769197e0f55b492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18427
x-xss-protection
0
google-lineitem-id
6024231078
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138392738672
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		604 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1702795590281796&correlator=512675522675244&eid=31080079&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Cother%2Coop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703384373006&lmt=1703384373&adxs=800&adys=1809&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&vis=1&psz=1600x1808&msz=1600x0&fws=0&ohw=0&ga_vid=2096876388.1703384371&ga_sid=1703384373&ga_hid=153873971&ga_fc=true&dlt=1703384369400&idt=1345&ppid=b1cc2fd0-00cd-4a54-a049-6d3119c0c108&prev_scp=c%3Dpeople%26adtype%3Dfirst%26url%3Dpeople_maryse-ouellet_%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dpeople%26sub_section%3Dnews%26node_label%3Dperson%26node_id%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55%26node_slug%3Dmaryse-ouellet%26vid%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55&adks=2873897042&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
9579d3fe9aefc3de84350249249f4f4399f5a5f21bfd1a6a9eb8f54a57dfda34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		533 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1702795590281796&correlator=512675522675244&eid=31080079&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4145%2Ctmz%2Cdesk%2Cother%2Cskin&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=3x3&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703384373011&lmt=1703384373&adxs=799&adys=599&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&vis=1&psz=1600x1808&msz=1600x-1&fws=512&ohw=0&ga_vid=2096876388.1703384371&ga_sid=1703384373&ga_hid=153873971&ga_fc=true&dlt=1703384369400&idt=1345&ppid=b1cc2fd0-00cd-4a54-a049-6d3119c0c108&prev_scp=c%3Dpeople%26adtype%3Dfirst%26url%3Dpeople_maryse-ouellet_%26app_env%3Dprod%26app_name%3Dweb%26device_view%3Ddesktop%26section%3Dpeople%26sub_section%3Dnews%26node_label%3Dperson%26node_id%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55%26node_slug%3Dmaryse-ouellet%26vid%3D7181def6-d3c8-5ad3-a6ea-60685e5bac55&adks=3145558891&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
aad2463012b8df8f9bad8abf48de42f9f3ac5cf1fa3b36805bc7620a8371e7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
Mon, 23 Dec 2024 02:19:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=tbJf3RPlUq&w=5655392579223552&o=5735828726743040&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&sid=56OKV2oNl&pm=true&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX111JFD&hst=www.tmz.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 02:19:33 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
sync
ads.yieldmo.com/v000/ Frame 39CC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703384373530
  • https://ad.turn.com/r/cs?pid=45&rndcb=4497549352
  • https://sync.1rx.io/usersync/turn/9026198695857695825?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-68b096c2-d0b1-4e66-8520-94cda07faa...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.77.167.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-167-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
date
Sun, 24 Dec 2023 02:19:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX68b096c2d0b14e66852094cda07faacf004
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 39CC
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3463859732889891000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3463859732889891000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0Y8NP8MADP3HXGH8RX63
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:33 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3463859732889891000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 02:19:33 GMT
amzns2s
rtb.gumgum.com/usync/ Frame B0E7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.250.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-250-83.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d47ef7515be475dd1fb82b229c9ba1fcbc16f79890fdcfde736e9ba97acb0e4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 02:19:33 GMT
etag
W/"0e47110a0a9b619cb278d53e447103db5"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9072391952418f5a7f87ff82e54fcff613c5a1f67b2b0a42ddf886608bcf2923

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83a55c2cefd1a87c-SYD
content-encoding
br
content-type
text/html
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1x2iSW%2BEQmoPjk1R3jpR%2BvQxKpqxcv%2FMP%2Fac5ucE3%2F1kNd2mC01DVNc%2BE9KPtGaFGGchHYoGlgeQSYorsHu4ZF2VTzbDb%2BAQjyDiEW%2F8N1NHUwp1quPA0RS9nJ5DkmgbeFxPBu2Vc3aHPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83a55c2c3f65a87c-SYD
content-length
0
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn0Tu1VA7uMuIZbWP9rhs1lFwQvCYku5q5LrDGrUh0qX6hNCNQLDNarxNTOfLpWF%2FaGSYHKhJhpGo1g1LBroeKiwIpIRB2V0ybM1ZeLAqO75peZdIf6miJa%2B06JLLOvAm7nrqfanV%2F%2FU6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 82CC 		627 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
248abdbd3f9da44442bc36cc56b28d3fc8fcb351a655271baed0e1b919095e69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
627
date
Sun, 24 Dec 2023 02:19:33 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame BEA0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.6.255 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-6-255.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
adeac65db6e33de26d9e5ef1c7f747d98cd9cb8cf937e0ae66e0d66712292efc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 24 Dec 2023 02:19:33 GMT
pragma
no-cache
vary
accept-encoding
sync
ms-cookie-sync.presage.io/amazon/ Frame 2DB2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
693ff6901bee8d5e2dd0fb64c10b0edc5fcfca86274ec579da3116ee8892bfe5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Dec 2023 02:19:33 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TeehYCfgkQrPRJbCaUhHbNyfH55d8zDOxYDaeETLNn9CRxQSGTGSNQ==
X-Amz-Cf-Pop
SYD62-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
submit
prod.pyxis.atp.fox/pyxis/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.102.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-102-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tmz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Length, Content-Type, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.tmz.com
access-control-max-age
86400
date
Sun, 24 Dec 2023 02:19:33 GMT
submit
prod.pyxis.atp.fox/pyxis/ 		71 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.pyxis.atp.fox/pyxis/submit
Requested by
Host: prod.fennec.atp.fox
URL: https://prod.fennec.atp.fox/js/fennec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.102.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-102-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ac4b077053576cfb82fc307b0a729cf2f53607b4e00dbd228171d5c759a86d11

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json;

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tmz.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Length, Content-Type, Accept-Encoding
content-length
71
ecm3
s.amazon-adsystem.com/ Frame 2DB2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=23a43930-eeed-4a92-9a9d-ee8f74731ba4
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8K275QE7CSYWCWANVQ7N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 2DB2 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=23a43930-eeed-4a92-9a9d-ee8f74731ba4&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:33 GMT
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
0C3aCZnB-TjXl4JNqlODsJajddFlxD-4PRh1eRagMZ_fSnhCHLEzzA==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 2DB2 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=23a43930-eeed-4a92-9a9d-ee8f74731ba4&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:33 GMT
Via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
fk7eYldc3AEgnHAr24aZxe2RTs1XQJftVVedfzyqCLk5YCiBrFX0FA==
Expires
0
user-sync
ms-cookie-sync.presage.io/ Frame 2DB2
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUe0307269a6d744c68d239a38c6c823bf
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUe0307269a6d744c68d239a38c6c823bf
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
Q72YvMqcAxzmNTW5WjtPDLhpjzF9ApURdlvFTAb9pxtTf2oLZYUWnw==
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUe0307269a6d744c68d239a38c6c823bf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
162
expires
Mon, 01 Jan 1990 00:00:00 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 2DB2
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=b9ee438e-3979-466f-a77b-1zz1703384359&gdpr=0&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?raudience_id=b9ee438e-3979-466f-a77b-1zz1703384359&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
lncZMUoQh-lKcsaoBQZSptFUVKej30aUujnMb5TaKYgkM3z23ZoXSQ==
Expires
0

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?raudience_id=b9ee438e-3979-466f-a77b-1zz1703384359&gdpr=0&gdpr_consent=undefined
date
Sun, 24 Dec 2023 02:19:19 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
dcm
s.amazon-adsystem.com/ Frame E4D2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9CTSAKNJK9RDKP5TQNDW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYeVNayzWsrLUbAa3UP6NQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRfDsuzygNXqChW5u_sW8M&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRfDsuzygNXqChW5u_sW8M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5KX2EpnYuOivqNndWbTd4Ki8ksnOKkTY%2F%2FCOko8x3AgXloS7RTHRjXLognf%2BtWhGkXSTw0M2wODUmHZNcVTHAp5BXSwgSKbz3zobVsLUqLwbLapt0FuxGgptcGuE069TJE%2FTUMEvArp2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c2fe886aafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRfDsuzygNXqChW5u_sW8M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMQG43dCLBsRsdHfGjEWG-A&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMQG43dCLBsRsdHfGjEWG-A&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOAXcOWzhQZ7m%2FOvOCKO5eZpoIZ%2FMQL6Bz5VlYNXktvILTB7gfZTy1exInyVKM6ZcsZT47HIQtAuORabg2X0J66WGtGuR5srjYC%2FcdY2wYEY7ajMUB9X8YlkCpTtgJ9e2EbcZdtqhISAQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c2f5803aafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMQG43dCLBsRsdHfGjEWG-A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e376597-7051-4403-b461-4ee96ad364b3&expiration=1705976373&gdpr=0&gdpr_consent=
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e376597-7051-4403-b461-4ee96ad364b3&expiration=1705976373&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaNK8mvsTqw1qbcbrRabFZngK5LKcU214wJ8H3lZLP1e1%2BoriZt1C%2BJPa0rpnfEiaUIrEJncoQ151C0g7TBn9GZJcZ4z%2FHbpLni0%2BfYbSjg3fBz3LM%2FUb3FvLX%2BBrqt9%2BYdz%2FJ5iyGQyTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c2f08dca87c-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e376597-7051-4403-b461-4ee96ad364b3&expiration=1705976373&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 02:19:33 GMT
server
Kestrel
content-length
323
crum
dsum.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fcafa3e5-4d11-f0c7-0e3eab71
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fcafa3e5-4d11-f0c7-0e3eab71
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9O%2FqfTroSNDadCQV954Z6sPxBAPjMH3DBWCcJ40mlntQmNM4f%2F0BSS35mAK7J9ZidrY0wxCsbE33pyT1sRZ9l42IHiCPK1wquSzBazqsbirvJ7K5zSG7yl7POJbBTQ1pFbS5HzJ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c2ff945a87c-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 24 Dec 2023 02:19:33 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fcafa3e5-4d11-f0c7-0e3eab71
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
user-registering
ads.stickyadstv.com/ Frame E4D2 		43 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.97.32 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-97-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:33 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1703384373598006-39
Expires
Sun, 24 Dec 2023 02:19:33 GMT
crum
dsum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662089353024359
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662089353024359
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFhpRtxArLSbcPI7H1LNcZAe393mqVlXzJEURdu2WTvhhDj51zPEBUOenwtLjvYQWf5EfwgW7%2B7tb3YXJAukHGsYgCHzRqwUnlUQ38Ecb%2B815uy%2BV2KZ0wDeO6QmvUktajVHoBYcgL8U3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c32daa6aafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1131
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662089353024359
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83a55c31cb86aacb-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E4D2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3061299232830050353
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3061299232830050353
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIcngFoCX%2FMuHnEGJyd8ObfEAHzrZHBtHT7TseawPY8LPis0SzBcy%2B28daa8KuxU6T5nH4d1gAE6hV1q9AvbFGldHB2drLX46Qn1Mrix747H4VCiSfbV6Y7jHQ86Vy5my6mgeWUBq2dVAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c31b9e0aafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
an-x-request-uuid
9ba849d0-198e-4c57-8d75-055bce63a75d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3061299232830050353
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E4D2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1ZAJXPF2Q8PG0R25XYHQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=28950485726920138
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=28950485726920138
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
an-x-request-uuid
8d25c003-5086-4f59-9639-1be334f9c4ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=28950485726920138
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame B0E7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=9029026832344905921&ssp=gumgum2
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=9029026832344905921&ssp=gumgum2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=9029026832344905921&ssp=gumgum2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d03f0a21-b1cb-04a5-0f5a-e5361e989ae7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d03f0a21-b1cb-04a5-0f5a-e5361e989ae7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d03f0a21-b1cb-04a5-0f5a-e5361e989ae7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2afb57ed-1831-58d4-457a-ee0a70a51006$ip$66.203.112.162
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2afb57ed-1831-58d4-457a-ee0a70a51006$ip$66.203.112.162
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2afb57ed-1831-58d4-457a-ee0a70a51006$ip$66.203.112.162
Date
Sun, 24 Dec 2023 02:19:34 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-v4ksJlhE2pdxQqhfJ5fGvfTiNnEQgZdmoO_8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-v4ksJlhE2pdxQqhfJ5fGvfTiNnEQgZdmoO_8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-v4ksJlhE2pdxQqhfJ5fGvfTiNnEQgZdmoO_8~A
content-length
0
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1189623c-fb5b-425c-b225-0dc07a993012
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1189623c-fb5b-425c-b225-0dc07a993012
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1189623c-fb5b-425c-b225-0dc07a993012
Date
Sun, 24 Dec 2023 02:19:34 GMT
Connection
keep-alive
X-CI-RTID
114137de-fefa-4cb2-b860-2944e2c7a7ba
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame B0E7 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_27af13ac-9236-4c99-abce-1011de747812&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_27af13ac-9236-4c99-abce-1011de747812&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=zQvLfQjvq-9SMRQZl5WJ
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=zQvLfQjvq-9SMRQZl5WJ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=zQvLfQjvq-9SMRQZl5WJ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame B0E7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=mr1UgO39k2rO&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=mr1UgO39k2rO&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
35.79.250.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-250-83.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
location
https://rtb.gumgum.com/usersync?b=pln&i=mr1UgO39k2rO&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7fc76965fd-4c54b
expires
-1
usersync
usersync.gumgum.com/ Frame B0E7
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=834199829011606522
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=834199829011606522
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=834199829011606522
date
Sun, 24 Dec 2023 02:19:33 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B0E7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_27af13ac-9236-4c99-abce-1011de747812
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X9Q3P0Z094DKKYSD77G9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 02:19:33 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 02:19:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 3E8F 		979 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
b702b437633194e7ee7b19e8e1bc35d930c3c5b8208d3c26fab8be6d915b266e

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
979
content-type
text/html
date
Sun, 24 Dec 2023 02:19:33 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 2DB2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53496
accept-ranges
bytes
content-length
2416
expires
Sun, 24 Dec 2023 17:11:09 GMT
usersync
usersync.gumgum.com/ Frame 97EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=5340811211440918759&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=5340811211440918759&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=5340811211440918759&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 3841 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yN2FmMTNhYy05MjM2LTRjOTktYWJjZS0xMDExZGU3NDc4MTI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A27 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28653
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
Sun, 24 Dec 2023 10:17:06 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 26F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1e376597-7051-4403-b461-4ee96ad364b3
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=1e376597-7051-4403-b461-4ee96ad364b3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 24 Dec 2023 02:19:33 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=1e376597-7051-4403-b461-4ee96ad364b3
server
Kestrel
usersync
usersync.gumgum.com/ Frame 47A7
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYeVNcCo5uYAAClfLWgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZYeVNcCo5uYAAClfLWgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 02:19:33 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZYeVNcCo5uYAAClfLWgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad41.dc4p.scaleout.jp
X-SO-IP
66.203.112.162
X-SO-Key
ZYeVNcCo5uYAAClfLWgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZYeVNcCo5uYAAClfLWgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad41"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad41
usersync
usersync.gumgum.com/ Frame 2CFB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=U3QL2NYmFI6pXVCvGOmTuYC0NOL-R1Cj4SKebJ4zoF0&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=U3QL2NYmFI6pXVCvGOmTuYC0NOL-R1Cj4SKebJ4zoF0&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT Sun, 24 Dec 2023 02:19:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=U3QL2NYmFI6pXVCvGOmTuYC0NOL-R1Cj4SKebJ4zoF0&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 02:19:33 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 02:19:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
view
securepubads.g.doubleclick.net/pcs/ Frame 67F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_u_rnMYxcQyT0gW0vtxpyE1jkIG88Dug2FeS9uJYHT6XqdRCz3ziffvQYXK1N0Mfd1hiuSQtLXFYHhfVywU-KqvrOfEoPuolPsjO4Y3ZKJz1_5MOeGa0RH8KwJGVD-dywYJthIpy1ZCqRWY9ZED8mMc6viSw3WU40THbLV4mkCvZqGATRvlBjUpG8ClwkZGx9jEfCGLZNEkUlsVJlr7IcJexnqK6jkBvS2P2Vyaz7ZjwZ7PdeagzMZgkhv_XFFyHoYPmR5r3BcyAEx3PBKD0xP4FeB6sfUSFzHrsIVPnKYBlr0VS1liVC-M2aBXLI1QnEaRevBQ3rHzabIQoS73K66fckMw_uoJhpo_fpHWWHzuaZD2cE&sai=AMfl-YRZfkcLsV-JMETqzZ3KzzXNrGBNThg0oxQiCjmEMIkQONtOIBU0fwm493w0l0737r5597_KHDNi_av73sWqWFvAK6wVVbgOfBawxib6K8CtEiWobR4AHimq-A46ZF7UBwuvQzN6lyP1LRah7deIWg&sig=Cg0ArKJSzC_KQQxTrAK7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 67F2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:53:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 67F2 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 02:19:33 GMT
moatad.js
z.moatads.com/fxnwsv2L3592D3FC21/ Frame 67F2 		352 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d80fa61b10fbd68b3f91c466635a0eb5ef5663a0798a9f8342a5897bb93e795

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:01 GMT
server
AmazonS3
x-amz-request-id
HANZ7KR319D4Q058
etag
"a0e748e0e456d1897035a1c73a00f6a1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50874
accept-ranges
bytes
content-length
122313
x-amz-id-2
yfiFkLprIKX6v+TroCYIahbuf3PTB+mhEulJZK2vVMzG70tW0Pe2yBibgWXSplRQubqltfHTMLk=
17392694641768506788
tpc.googlesyndication.com/simgad/ Frame 67F2 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17392694641768506788
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
14b2a9ea828843e604666a72815b92472aa89e54a6fccf0edf314460857c8bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 22 Dec 2024 12:48:56 GMT
date
Sat, 23 Dec 2023 12:48:56 GMT
x-content-type-options
nosniff
age
48637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69895
x-xss-protection
0
last-modified
Tue, 24 May 2022 16:13:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 67F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs9q7szs2G8psndDQozfYA8FPy0frGp1FCULfixwpDG2a9tak9gs7xSa9FC-0VvVa_xiB0VcK1m5Nyipx6dwmAyhOUVw
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
truncated
/ Frame 67F2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeb96d9143897c6849c02c99c056c6f73b1a4fd9100bff5335e1bfc8e3a1094f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 5D8A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d965c7d2303d31fc532b2562e2dfa52e848264ecfeea799ca763db40becaf08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=apac&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 14:56:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45428
Connection
keep-alive
Content-Length
13201
Expires
Sun, 24 Dec 2023 14:56:41 GMT
usync.js
eus.rubiconproject.com/ Frame 32A4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d965c7d2303d31fc532b2562e2dfa52e848264ecfeea799ca763db40becaf08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 14:56:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45428
Connection
keep-alive
Content-Length
13201
Expires
Sun, 24 Dec 2023 14:56:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41A2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28653
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 02:19:33 GMT
expires
Sun, 24 Dec 2023 10:17:06 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A27 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25204145&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b2cf56096ddb665989bcb168ce2f6a7d4d0763c977f918741678ff5b2703e289

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 02:19:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame BEA0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3zVi4wwll1wrPjxd_D3W
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KY3F2KD385ZZQ5KTYM4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame BEA0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=8729540962301528107
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=41904bf267cf1f03&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgmYM_KvwMsz1ivAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame BEA0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7815545265
  • https://sync.1rx.io/usersync/turn/8810025913743912017?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-68b096c2-d0b1-4e66-8520-94cda07faa...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.77.167.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-167-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
date
Sun, 24 Dec 2023 02:19:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX68b096c2d0b14e66852094cda07faacf004
content-type
text/html
sync
ads.yieldmo.com/v000/ Frame BEA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=28950485726920138&pn_id=an
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=28950485726920138&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.77.167.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-167-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
an-x-request-uuid
a79ca0e1-624f-4568-8bb8-96ca7fcc475c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=28950485726920138&pn_id=an
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-apac.rubiconproject.com/exchange/ Frame BEA0 		0
0
sync
ads.yieldmo.com/v000/ Frame BEA0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zVi4wwll1wrPjxd_D3W
  • https://ads.yieldmo.com/v000/sync?tdid=1e376597-7051-4403-b461-4ee96ad364b3
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=1e376597-7051-4403-b461-4ee96ad364b3
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.77.167.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-167-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=1e376597-7051-4403-b461-4ee96ad364b3
date
Sun, 24 Dec 2023 02:19:33 GMT
server
Kestrel
content-length
181
ecm3
s.amazon-adsystem.com/ Frame 82CC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=8345feed-0646-4852-bfa0-f7aa3e435583
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6SPNNF174N84YW86MVQM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 82CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ODM0NWZlZWQtMDY0Ni00ODUyLWJmYTAtZjdhYTNlNDM1NTgz
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 82CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 02:19:33 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 82CC
Redirect Chain
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=37cf273d-6031-4a9e-b4c2-17b86d952301
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=37cf273d-6031-4a9e-b4c2-17b86d952301
date
Sun, 24 Dec 2023 02:19:33 GMT
content-length
0
v1
match.sharethrough.com/sync/ Frame 82CC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/8345feed-0646-4852-bfa0-f7aa3e435583?gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-zp7zgYBE2oNtkDLQ.zAjJ6O9wqcvkieZBi5ZrJ5WWeHQ~A
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-zp7zgYBE2oNtkDLQ.zAjJ6O9wqcvkieZBi5ZrJ5WWeHQ~A
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-zp7zgYBE2oNtkDLQ.zAjJ6O9wqcvkieZBi5ZrJ5WWeHQ~A
content-length
0
khaos.json
token.rubiconproject.com/ Frame 32A4 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
khaos.json
token.rubiconproject.com/ Frame 5D8A 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
segments_to_partner.js
cdn.krxd.net/partnerjs/ Frame 67F2 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/segments_to_partner.js?partner=a272cefb-df39-4fcd-beff-79cd6cdf22ec&client=foxnews
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
date
Sun, 24 Dec 2023 02:19:34 GMT
content-encoding
gzip
via
1.1 varnish
age
459
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
3459
x-served-by
cache-bfi-kbfi7400078-BFI
last-modified
Wed, 03 Jun 2020 21:02:49 GMT
x-timer
S1703384374.332221,VS0,VE0
etag
"db6884bae01ad7499be92887e1875ecc"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
11
n.js
mb.moatads.com/ 		0
0
n.js
mb.moatads.com/ 		98 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1703384373899&de=244622739694&m=0&ar=cc84ca2002d-clean&iw=5e57383&q=3&cb=0&ym=0&cu=1703384373899&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1943%3A1943%3A0%3A1929&jm=-1&fs=206701&na=809062617&cs=0&callback=MoatDataJsonpRequest_2846728
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fxnwsv2L3592D3FC21/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.69.173.77 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ab6731a2016973b5b08141995068eb11b42018ee118e10a29854e261879100c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
server
istio-envoy
etag
"9737fa199cf1bcce5c64c2d67edbb689b396ae4e"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
16
timing-allow-origin
*
content-length
98
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1703384373899&de=244622739694&m=0&ar=cc84ca2002d-clean&iw=5e57383&q=4&cb=0&ym=0&cu=1703384373899&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1943%3A1943%3A0%3A1929&jm=-1&fs=206701&na=1056434340&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:34 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 02:19:34 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
/
de.tynt.com/deb/ Frame 1CF8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c2c114541cb2414f164e156ee66d93baba33676771da6f46dae48e25def73893

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1971
content-type
text/html
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9DD6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28652
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Sun, 24 Dec 2023 10:17:06 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
jp-u.openx.net/w/1.0/ Frame F220 		664 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7897c1a9f15cfad3631cd00e4090ae63deaa4d5700d3717d55840ace46009b23

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
394
content-type
text/html
date
Sun, 24 Dec 2023 02:19:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame F718 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
4f688b0f4a76d976cc9fa0b932467afed25904be667cacc197f2fe17d53b17af

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 02:19:34 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame A08B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.57.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-57-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Dec 2023 02:19:34 GMT
ETag
"623de86a-cf34"
Expires
Mon, 25 Dec 2023 02:19:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D1E1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
526
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83a55c32192c558d-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Sun, 24 Dec 2023 06:19:34 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E669 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.tmz.com/people/maryse-ouellet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 02:19:34 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagridus_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 67F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGZFmG4i8yLIW0KDi6cxZXDozso_skAXDX-mYcW5FG8fSCXXWzHx3lTO3SwIDpo5MvXdLKcp9_yLtKP5QMTrke1_YFyXjCqmTfjfgPFclqhH4aAkZdjxBDIhLEcBa8HvkzdGcZOphr_MNTtkAb3jbY827Nrmcg_lGT5uW3mENeKvyapgN8F_gxn93-hY9J1nTlR0pIKqvHMokC0Ll2StEXqDUSkbgfxS4WsMU2mR1m7Tm2F64judDy6621zTfOL0s1GIeHtMoLXvZriObjMwoyxO_LYzof30z0RL5bTp6cLPJTG_7RePjwfI2He631lmECpNJNKqDhBg5BECFKzp6nElVZwo_ncdXTtoPtaSEG6ftPV34QhzA&sai=AMfl-YSE1v2X-ZCg6axDrZAy24k_JSmFfGPwcgGGKCxWkZjIUg_WYPtBBTZ0CT27h2ZAXoFcslz_UTV2r9MlrPWLEHa_U32eFxqN7TGjRkdq1vmw6_nawyfQn1P8htF0TR6xnqvzznmq7evRRG9HJYz4Sg&sig=Cg0ArKJSzMvdd70Rapz4EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 02:19:34 GMT
usync.js
eus.rubiconproject.com/ Frame E669 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d965c7d2303d31fc532b2562e2dfa52e848264ecfeea799ca763db40becaf08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 14:56:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45427
Connection
keep-alive
Content-Length
13201
Expires
Sun, 24 Dec 2023 14:56:41 GMT
khaos.json
token.rubiconproject.com/ Frame E669 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
async_usersync
ib.adnxs.com/ Frame A08B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
an-x-request-uuid
d377d7a6-b3cb-437b-b37e-1b326e0189ea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 851B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1240e39f70b4a93e5d18beeda99a866984682523f4525f11489571f0160052a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83a55c325a43aafb-SYD
content-encoding
br
content-type
text/html
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rW0SKk79Vx6m3g5LI1okZWD0TuK8sGcoerhgMgPBreafjIymFf%2BzSgzQlnVopbvBUeRjKAHJicI5O4ofhf7nWZbcpoPpJRycaftxKNUr2dnIBe%2BjRmYqNtok67CZAbnyjWzooi4uOhi16g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame F220
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8954141101819767889&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8954141101819767889&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8954141101819767889&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame F220
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=2702ae51-99de-3cf3-6821-f5dbd6c89ba1&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame F220
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeVNcCo5uYAAClfLWgAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeVNcCo5uYAAClfLWgAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 24 Dec 2023 02:19:34 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZYeVNcCo5uYAAClfLWgAAAAA","privacy_sensitive":false,"uid":"ZYeVNcCo5uYAAClfLWgAAAAA","upstream_id":"m-ad41"}
X-SO-Key
ZYeVNcCo5uYAAClfLWgAAAAA
X-SO-Upstream-ID
m-ad41
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad41.dc4p.scaleout.jp
X-SO-UID
ZYeVNcCo5uYAAClfLWgAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
66.203.112.162
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeVNcCo5uYAAClfLWgAAAAA
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame F220
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYG6TsvLHISrks8AED1M6Vqx8c8AAAGMmZ7cXA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYG6TsvLHISrks8AED1M6Vqx8c8AAAGMmZ7cXA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 52fa887ba82513d16e3f586c3db681fe.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYG6TsvLHISrks8AED1M6Vqx8c8AAAGMmZ7cXA
cache-control
no-cache
content-length
0
x-amz-cf-id
v3EL5H_S3_jhmQM33mDZ98EWb9eJzWUYlSYLGagOK8LJndW8pPdaVg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame F220 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGI2ZDdkOWItNTBhOS02MjU3LTdkYzEtYWY2MjFjMmE1NWMx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F220
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEOjE-nEQzwn_13wKlNZBgk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEOjE-nEQzwn_13wKlNZBgk&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=821a7a03-0610-4f16-ae68-93099cfd1a23&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEOjE-nEQzwn_13wKlNZBgk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 0ECF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b496587-9537-4300-b413-a27fa59a725b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=48666c15297022a3&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaK9LWaaQMyOQ4fAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC9C48A5B-8ECF-451B-8875-69EA7419C1F6%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
43 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.104.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-104-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Sun, 24 Dec 2023 02:19:36 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 22:36:28 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C98C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3061299232830050353&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3061299232830050353&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 20:23:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ffecdb39-3e20-4003-8bec-e10ebb8074ef
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3061299232830050353&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 8276
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3d141a3b-a464-47f4-98cf-f30dec6f7687&ssp=pubmatic
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3d141a3b-a464-47f4-98cf-f30dec6f7687&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:34 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT
location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3d141a3b-a464-47f4-98cf-f30dec6f7687&ssp=pubmatic
via
1.1 google
usersync
usersync.gumgum.com/ Frame 654F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:34 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycSKW47PRRuIdWnqdBnB9g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28652
accept-ranges
bytes
content-length
5622
expires
Sun, 24 Dec 2023 10:17:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9A27
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%2C%2C
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1e376597-7051-4403-b461-4ee96ad364b3&ttd_puid=9f387e9b-e794-44cd-bab2-875ebd122441%2C%2C
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 9A27
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
13.213.147.200 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-147-200.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.238
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.3.186
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 9A27
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:52 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:52 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlDNDhBNUItOEVDRi00NTFCLTg4NzUtNjlFQTc0MTlDMUY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMuAgOuJ1oXqz17JDB7XcU&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMuAgOuJ1oXqz17JDB7XcU&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 22:36:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMuAgOuJ1oXqz17JDB7XcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9A27 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 23 Dec 2023 02:19:34 GMT
C9C48A5B-8ECF-451B-8875-69EA7419C1F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9A27 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C9C48A5B-8ECF-451B-8875-69EA7419C1F6?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.77.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-77-82.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 9A27
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 23:21:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Kestrel
content-length
355
sync
sync-pm.ads.yieldmo.com/ Frame 9A27
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8882083507781839953&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e237733c2351f03&is_secure=true&networkId=17100&version=1&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR6v-GG3YYgMpbBFYAAAAAAA&expiration=1703470775&nuid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC9C48A5B-8ECF-451B-8875-69EA7419C1F6%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
35.84.104.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-104-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 00:43:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame 9A27
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jc2ya1ZE2uU876zCAysE2LZCo4smpvI-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jc2ya1ZE2uU876zCAysE2LZCo4smpvI-~A&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 00:43:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jc2ya1ZE2uU876zCAysE2LZCo4smpvI-~A&gdpr=0
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 851B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322&_li_chk=true&gpp_sid=&us_privacy=1---&gpdr=&previous_uuid=fcb93bee99a2432daa935239ceeebc0f
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=fcb93bee-99a2-432d-aa93-5239ceeebc0f&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d50586d9-86d8-4880-9975-bf0741bf4655%3A1703384375.6898718&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd50586d9-86d8-4880-9975-bf0741b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759399871012125&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd50586d9-86d8-4880-99...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d50586d9-86d8-4880-9975-bf0741bf4655%3A1703384375.6898718&_=1703384375.6942315
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPjLQfhSfbl9EE5vI4YC86Q&google_cver=1
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPjLQfhSfbl9EE5vI4YC86Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPjLQfhSfbl9EE5vI4YC86Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 851B 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.77.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-77-82.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 851B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.140.77.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-77-82.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 851B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJ5k7LDyoAABNfPvuH7w&expiration=1704593974&us_privacy=1---
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJ5k7LDyoAABNfPvuH7w&expiration=1704593974&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5dBjw57vZb8WhugR353tUZ4aKuIjf6YBqo2EpDgB3687kpDkJb73KqqLOSfbUzt%2FzV5IAIywUCWGfPlS7QJGMLT18cJrb%2FIlwvzfGV2TwXAcD9LqBtn2VHfYzuKoCObz2GScv829DFdHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c36ce0aaafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJ5k7LDyoAABNfPvuH7w&expiration=1704593974&us_privacy=1---
Date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ibs:dpid=23728&dpuuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322
dpm.demdex.net/ Frame 851B 		42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZYeVNayzWsrLUbAa3UP6NQAA%265322?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.193.219 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-193-219.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-041c46350.edge-apse2.demdex.com 1 ms
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
QUEL+6a7QOQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 851B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=yhhld-UvbKQXzXgwAYwKKE6RkDXvL78x1LRWjQjVlqI&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322...
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=yhhld-UvbKQXzXgwAYwKKE6RkDXvL78x1LRWjQjVlqI&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SSYk1DRckdpZNnynjL4tbCpZC4TEwjcp9AVt7dPBrT2tfybbavPRIzTtvijNo1Cs9cDBW%2FH3g236vUvvJgm5dquGUjaU7UMJBVQHK85Wj9Q%2F5EF7T2N20dYjCH3jeqfxe6qx8v4kNm9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c369dedaafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=yhhld-UvbKQXzXgwAYwKKE6RkDXvL78x1LRWjQjVlqI&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYeVNayzWsrLUbAa3UP6NQAA%265322&tc=1
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT, Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 851B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2f88f627-b5f4-4256-b7a0-f5bac8a91140&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2f88f627-b5f4-4256-b7a0-f5bac8a91140&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELm%2FRX7eH9r%2BcRINL5%2BO%2FGtcAzT%2FqYUwG0XyRc%2B3NamsvWTkHlqTWeS6L1lQaAxwB7uU2IxAOq3LWaMR%2FsvvWM9zD1f0PGRufSEgglXToHFLrVzRRxVnZ7X6B9XRWJMMzA8Cj367%2B6hmcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c380ef4aafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2f88f627-b5f4-4256-b7a0-f5bac8a91140&gpp_sid=null&gpp=null&us_privacy=1---&gdpr_consent=null&gdpr=null
date
Sun, 24 Dec 2023 02:19:34 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 851B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVy%2BWWqqgikh7sj%2FGxo1yrH75I4dvWKtXlfcC%2FdC5IrYwJy2QOxoFuFVjYRAQff2yrbB%2FDoHWuKKJlP%2FQvtA2cVZzxdB1gKSAIFD%2FkEnCbJgAn8WjJ%2FAUT1oN3%2F9t4EcypTJLlfI6MTqrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a55c34ac9daafb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Date
Sun, 24 Dec 2023 02:19:34 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 851B 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYeVNayzWsrLUbAa3UP6NQAA%265322=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
41932
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83a55c3319ec558d-SYD
content-length
43
expires
Mon, 25 Dec 2023 02:19:34 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 3E8F 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?equativ_id=5390495775936326577&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
0gnqXL2aIlPOvC7i_YNyhor7gaTyCJQpAkBJ34VcqUhTwwSBSpMYFg==
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 3E8F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTM5MDQ5NTc3NTkzNjMyNjU3Nw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIjr8rg-B4AoFebT_fPM_C8&gdpr=0&gdpr_consent=&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIjr8rg-B4AoFebT_fPM_C8&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIjr8rg-B4AoFebT_fPM_C8&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3E8F
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e5a496bfa17d1f28429fa7ebb2e56296&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e5a496bfa17d1f28429fa7ebb2e56296&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=e5a496bfa17d1f28429fa7ebb2e56296&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
6
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 3E8F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7315980178861455506&gdpr=0&gdpr_consent=
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7315980178861455506&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7315980178861455506&gdpr=0&gdpr_consent=
Date
Sun, 24 Dec 2023 02:19:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame 3E8F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=&s=2
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=UHWo0XFUfyUSBjbdIIPp&gdpr=0
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=UHWo0XFUfyUSBjbdIIPp&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=UHWo0XFUfyUSBjbdIIPp&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame F718
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1e376597-7051-4403-b461-4ee96ad364b3&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1e376597-7051-4403-b461-4ee96ad364b3&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=1e376597-7051-4403-b461-4ee96ad364b3&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame F718
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMN_nmjnMsAKkcVWfkxSg6U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMN_nmjnMsAKkcVWfkxSg6U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMN_nmjnMsAKkcVWfkxSg6U&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F718
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjE4NTA3MzY5ODgzODIyMzMxNTEzOA%3D%3D
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F718 		0
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2185073698838223315138&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F3ABD8FF16C5433FB03B31B27A6E2F9C Ref B: SYD03EDGE1407 Ref C: 2023-12-24T02:19:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOBSS2pf5jUMZC+9DFQ==
xuid
eb2.3lift.com/ Frame F718
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2185073698838223315138?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ryaeb5JE2oTV_GEolY6VYUHz7BkEi0m4_JPJv_CY7Q--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ryaeb5JE2oTV_GEolY6VYUHz7BkEi0m4_JPJv_CY7Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ryaeb5JE2oTV_GEolY6VYUHz7BkEi0m4_JPJv_CY7Q--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame F718
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2185073698838223315138&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5340811211440918759&ssp=triplelift
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=5340811211440918759&ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=5340811211440918759&ssp=triplelift
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame F718 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191079
expires
Sun, 24 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F718
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3061299232830050353&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3061299232830050353&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
an-x-request-uuid
ed03f36d-8122-4236-aacd-2799be0b6bea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3061299232830050353&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame F718 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2185073698838223315138
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
an-x-request-uuid
8f210015-2a88-4519-8be1-824e1dd58039
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
get
cdn.krxd.net/userdata/ Frame 67F2 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LQIV2PU4-W-M0C3
  • https://usersync.gumgum.com/usersync?b=mag&i=LQIV2PU4-W-M0C3&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
user-sync
ms-cookie-sync.presage.io/ Frame 5D8A
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&us_privacy=1---&khaos=LQIV2PU4-W-M0C3
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
V7w98xCgScefJkarqLwEw_zO1YXJPrh5WM3T9mCQO3XDX7KPAnzHjg==
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=&expires=30
91 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
content-length
91
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Dec 2023 02:19:34 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 32A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJVjJQVTQtVy1NMEMz&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAU5KOWohWt8wXNFofu8KHk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJVjJQVTQtVy1NMEMz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJVjJQVTQtVy1NMEMz&google_push=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJVjJQVTQtVy1NMEMz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Expires
0
setuid
px.ads.linkedin.com/ Frame 32A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIV2PU4-W-M0C3&us_privacy=1---
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9F7AA150DD6E461481ECF5798D01A0A8 Ref B: SYD03EDGE1407 Ref C: 2023-12-24T02:19:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOBSU9ty086D/kIo0LA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIV2PU4-W-M0C3&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 32A4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kY7ZbjkbRLuz1vlfk9u_Bw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kY7ZbjkbRLuz1vlfk9u_Bw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kY7ZbjkbRLuz1vlfk9u_Bw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DH5SFGZMKS26QXNRMJ9B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kY7ZbjkbRLuz1vlfk9u_Bw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ImU65GwJBLfXO2uO4EMFLg?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pZAAt9JE2oJrWBNCSknQG1AH0wpp2PPXnzHanQ--~A
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pZAAt9JE2oJrWBNCSknQG1AH0wpp2PPXnzHanQ--~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pZAAt9JE2oJrWBNCSknQG1AH0wpp2PPXnzHanQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiHrltc0hXlwwhlpkKN4BI&google_cver=1
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiHrltc0hXlwwhlpkKN4BI&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiHrltc0hXlwwhlpkKN4BI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 32A4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BMXJ23S5XFAWWNWEJCSD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LQIV2PU4-W-M0C3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQIV2PU4-W-M0C3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G64SVTVASCTFRRQJXMNR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQIV2PU4-W-M0C3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 32A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBiN2M1MDc5YzI2MTRmOWY3OGE1NjdjZTQyNTk1NzJjYmQ5YWZiMA&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBiN2M1MDc5YzI2MTRmOWY3OGE1NjdjZTQyNTk1NzJjYmQ5YWZiMA&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjBiN2M1MDc5YzI2MTRmOWY3OGE1NjdjZTQyNTk1NzJjYmQ5YWZiMA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFidE7LDyoAABNSdNzTsg&expires=30
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFidE7LDyoAABNSdNzTsg&expires=30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFidE7LDyoAABNSdNzTsg&expires=30
Date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
receive
pixel.tapad.com/idsync/ex/ Frame 32A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIV2PU4-W-M0C3&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIV2PU4-W-M0C3&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 32A4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1189623c-fb5b-425c-b225-0dc07a993012&expires=30&us_privacy=1---
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1189623c-fb5b-425c-b225-0dc07a993012&expires=30&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1189623c-fb5b-425c-b225-0dc07a993012&expires=30&us_privacy=1---
Date
Sun, 24 Dec 2023 02:19:35 GMT
Connection
keep-alive
X-CI-RTID
68d517d3-11a1-494f-898a-dfe46bfee321
Content-Length
164
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a55c3e4c155d25-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQIV2PU4-W-M0C3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a55c3d0aa85d25-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIV2PU4-W-M0C3&us_privacy=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3&ckls=true&ci=XXK2tyUK0E&nc=false&trid=-1606461418
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3&ckls=true&ci=XXK2tyUK0E&nc=false&trid=-1606461418
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
13.35.147.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-55.syd1.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:37 GMT
via
1.1 f59bca6f088aed7c4e862f051be29532.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9VAONDzUIOTd9FEVQnC-cd1tCXxnUyyIdj9b6J2Yu9P7fEqNAJ8g1g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:37 GMT
via
1.1 f59bca6f088aed7c4e862f051be29532.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIV2PU4-W-M0C3&ckls=true&ci=XXK2tyUK0E&nc=false&trid=-1606461418
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9ZBnG5kaMAwHRoPTTrUu10Sp3L_SIPe68d46sSG_jEerMuNDtopgew==
expires
Thu, 01 Jan 1970 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIV2PU4-W-M0C3&us_privacy=1---
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
merge
ce.lijit.com/ Frame 32A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1---&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1---&dnr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
3.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sea1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 02:19:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQIV2PU4-W-M0C3&us_privacy=1---&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17392694641768506788&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&f=0&j=&t=1703384373899&de=244622739694&cu=1703384373899&m=648&ar=cc84ca2002d-clean&iw=5e57383&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1873&le=1&lh=42&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1943%3A1943%3A0%3A1929&as=0&ag=11&an=0&gf=11&gg=0&ix=11&ic=11&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=11&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=21&cd=0&ah=21&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-header&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zMoatDfpSlotId=ad-header&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=206701&na=1605009798&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:34 GMT
cksync
hb.yahoo.net/ Frame 5D8A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=undefined&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIV2PU4-W-M0C3&redir=true&gdpr_consent=undefined&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIV2PU4-W-M0C3&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Td2hqTmgxRTJ1RTlCVlhrZTVrcUxjMHpXZC4uOGd2MH5B&ovsid=LQIV2PU4-W-M0C3&dpid=58160&us_privacy=1---
57 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Td2hqTmgxRTJ1RTlCVlhrZTVrcUxjMHpXZC4uOGd2MH5B&ovsid=LQIV2PU4-W-M0C3&dpid=58160&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Server
23.1.240.43 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-1-240-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 24 Dec 2023 02:19:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 02:19:35 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Td2hqTmgxRTJ1RTlCVlhrZTVrcUxjMHpXZC4uOGd2MH5B&ovsid=LQIV2PU4-W-M0C3&dpid=58160&us_privacy=1---
date
Sun, 24 Dec 2023 02:19:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr_consent=undefined&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr_consent=undefined&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
an-x-request-uuid
c57d57f4-2b63-4be3-aa96-b9807f4ff931
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr_consent=undefined&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=KvtX7RgxWNRFeu4KcKUQBkLLcKI
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Date
Sun, 24 Dec 2023 02:19:34 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr_consent=undefined&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c68b58a-4138-40db-807a-dfd8acb6eede
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c68b58a-4138-40db-807a-dfd8acb6eede
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
track006-sjc
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:12 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c68b58a-4138-40db-807a-dfd8acb6eede
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr_consent=undefined&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=9029026832344905921
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=9029026832344905921
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=9029026832344905921
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr_consent=undefined&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr_consent=undefin...
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=b3a1d4a7-14ee-42f2-818c-720de94be299&gdpr_consent=undefined&us_privacy=1---
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=b3a1d4a7-14ee-42f2-818c-720de94be299&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=b3a1d4a7-14ee-42f2-818c-720de94be299&gdpr_consent=undefined&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1418247
content-length
0
expires
Sun, 24 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr_consent=undefined&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8882083507781839953&expires=60&gdpr=&gdpr_consent=undefined
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8882083507781839953&expires=60&gdpr=&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8882083507781839953&expires=60&gdpr=&gdpr_consent=undefined
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr_consent=undefined&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=3061299232830050353&expires=30&gdpr_consent=undefined&us_privacy=1---
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=3061299232830050353&expires=30&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
an-x-request-uuid
cadab46d-901a-4095-8df5-0b02ef132bf9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=3061299232830050353&expires=30&gdpr_consent=undefined&us_privacy=1---
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr_consent=undefined&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-68b096c2-d0b1-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004&expires=30&us_privacy=1---
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004&expires=30&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004&expires=30&us_privacy=1---
date
Sun, 24 Dec 2023 02:19:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX68b096c2d0b14e66852094cda07faacf004
content-type
text/html
esync
token.rubiconproject.com/ Frame 5D8A
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr_consent=undefined&us_privacy=1---
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
redirect
exchange.mediavine.com/usersync/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr_consent=undefined&us_privacy=1---
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
54.193.221.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-221-12.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
143
match.deepintent.com/usersync/ Frame 5D8A 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143?gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
content-length
0
server
b
cookie-sync
sync.outbrain.com/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr_consent=undefined&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQIV2PU4-W-M0C3&obUid=&initiator=&gdpr_consent=undefined&us_privacy=1---
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQIV2PU4-W-M0C3&obUid=&initiator=&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
38.133.127.31 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:36 GMT
Cache-Control
no-cache
X-TraceId
b9a6d075881752cf67c62437bb40337e
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQIV2PU4-W-M0C3&obUid=&initiator=&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
match
events-ssc.33across.com/ Frame 5D8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr_consent=undefined&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIV2PU4-W-M0C3&gdpr_consent=undefined&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
sync.targeting.unrulymedia.com/csync/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&us_privacy=1---
  • https://sync.1rx.io/usersync/rubicon/LQIV2PU4-W-M0C3?us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
setuid
s2s.t13.io/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1---
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
86 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1---
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIV2PU4-W-M0C3&name=RUBICON&us_privacy=1---
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIV2PU4-W-M0C3&name=RUBICON&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
35.161.37.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-37-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQIV2PU4-W-M0C3&name=RUBICON&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
cs
cs.minutemedia-prebid.com/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1---
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQIV2PU4-W-M0C3&us_privacy=1---
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E669
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&us_privacy=1---
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=b904cbd5-77f4-427e-91f4-28f1349e9267-65879537-5553&expires=360&gdpr=0&gdpr_consent=
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=b904cbd5-77f4-427e-91f4-28f1349e9267-65879537-5553&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=b904cbd5-77f4-427e-91f4-28f1349e9267-65879537-5553&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cs
cs.yellowblue.io/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIV2PU4-W-M0C3&us_privacy=1---
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
54.149.106.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-106-49.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E669
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZYeVMwAAAMYcBwN7&us_privacy=1---
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZYeVMwAAAMYcBwN7&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703384375.758737,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZYeVMwAAAMYcBwN7&us_privacy=1---
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame E669
Redirect Chain
  • https://um.simpli.fi/rb_match?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AAC8D408B59A4374A9D391D60E589B74&expires=365
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AAC8D408B59A4374A9D391D60E589B74&expires=365
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 02:19:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AAC8D408B59A4374A9D391D60E589B74&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 23 Dec 2023 02:19:34 GMT
tap.php
pixel.rubiconproject.com/ Frame E669
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&us_privacy=1---
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e179f308-a202-11ee-be46-8b2898521c37&expires=60
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e179f308-a202-11ee-be46-8b2898521c37&expires=60
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
server
Cowboy
content-type
image/gif
location
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=e179f308-a202-11ee-be46-8b2898521c37&expires=60
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
aws-apsoutheast1b-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rubicon
tr.blismedia.com/v1/api/sync/ Frame E669 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon?us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tap.php
pixel.rubiconproject.com/ Frame E669
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&us_privacy=1---
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=8BTL2jb9OaO87k5epvCVKQ&us_privacy=1---
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=4c24097269dd206f&is_secure=true&networkId=12783&version=1&nuid=8BTL2jb9OaO87k5epvCVKQ&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMTjemn9AKrgMzhtk1AAAAAAA&expiration=1703470776&nuid=8BTL2jb9OaO87k5epvCVKQ&is_secure=true&us_privacy=1---
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMTjemn9AKrgMzhtk1AAAAAAA&expiration=1703470776&nuid=8BTL2jb9OaO87k5epvCVKQ&is_secure=true&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMTjemn9AKrgMzhtk1AAAAAAA&expiration=1703470776&nuid=8BTL2jb9OaO87k5epvCVKQ&is_secure=true&us_privacy=1---
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
prebid-s2s.media.net/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet&us_privacy=1---
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
86 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
content-encoding
gzip
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
i.match
a.tribalfusion.com/ Frame E669 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83a55c360efcaacb-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
Rubicon
crb.kargo.com/api/v1/dsync/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864&us_privacy=1---
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQIV2PU4-W-M0C3&us_privacy=1---
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
54.255.74.183 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-74-183.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:36 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&us_privacy=1---
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQIV2PU4-W-M0C3&us_privacy=1---
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame E669
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&us_privacy=1---
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQIV2PU4-W-M0C3&us_privacy=1---
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQIV2PU4-W-M0C3&us_privacy=1---
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQIV2PU4-W-M0C3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 67F2 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvclp3Od7lijcgrkmuLm541ldSNzlHlGAEMe1rSUWnL8dho3vXIdUmMvFz3OKN1-xtw9kFt1Nfduwwy_BUPGhn8ItN5kXqgzdCxQPqQ2wed6EmpWvzfOU9tuDfORkYzmBombiilo2NaU_OZh5pYu2H2hzhC&sig=Cg0ArKJSzDVHIpw3BwYFEAE&id=lidar2&mcvt=1001&p=22,436,112,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2079650687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703384373558&rpt=520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A08B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
an-x-request-uuid
60109ffa-c4ed-4294-b73c-2d63299597e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 02:19:35 GMT
usync.html
eus.rubiconproject.com/ Frame 3229
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 02:19:35 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 02:19:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F28C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.3&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pre...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_...
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28651
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 02:19:35 GMT
expires
Sun, 24 Dec 2023 10:17:06 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000A
cm
us-u.openx.net/w/1.0/ Frame 7F37
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privac...
1 KB
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0e2deffa2baee5a1def6b48db239b8b449d53e7a0fb130663fc2e63eff1a5683

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
591
content-type
text/html
date
Sun, 24 Dec 2023 02:19:35 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 02:19:34 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000A
sync
x.bidswitch.net/ Frame 1CF8 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
events-ssc.33across.com/ Frame 1CF8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1--...
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=45&xu=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=e9179f47-dee9-4497-80c6-cd771c6eeb14-65879537-5553&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1CF8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1703384375285.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=90&external_user_id=3061299232830050353
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=90&external_user_id=3061299232830050353
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
an-x-request-uuid
c07efe56-c874-4ad8-a81c-75ca44b5e5ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=90&external_user_id=3061299232830050353
x-proxy-origin
66.203.112.162; 66.203.112.162; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3229 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.50.11 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a23-223-50-11.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d965c7d2303d31fc532b2562e2dfa52e848264ecfeea799ca763db40becaf08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 02:19:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 14:56:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45426
Connection
keep-alive
Content-Length
13201
Expires
Sun, 24 Dec 2023 14:56:41 GMT
khaos.json
token.rubiconproject.com/ Frame 3229 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LQIV2PU4-W-M0C3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
match
events-ssc.33across.com/ Frame 3229
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=LQIV2PU4-W-M0C3
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQIV2PU4-W-M0C3&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=ddBfB28VSr7kTZrkHcnlKl&gdpr_consent=undefined&us_privacy=1---&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQIV2PU4-W-M0C3&ts=1703384376&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 7F37 		68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=70&external_user_id=5169a23f-4755-0c1c-0416-fa0bdc9c09fe
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 7F37
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYeVMwAAAMYcBwN7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYeVMwAAAMYcBwN7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703384376.694375,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYeVMwAAAMYcBwN7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
u.openx.net/w/1.0/ Frame 7F37
Redirect Chain
  • https://sync-axelmark-dsp.focas.jp/sync/opx
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=vIZF6pYy6lc78XDRri4W8ECGTW9v4dN99ZKNkU3o6gAWvM81
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=vIZF6pYy6lc78XDRri4W8ECGTW9v4dN99ZKNkU3o6gAWvM81
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 24 Dec 2023 02:19:35 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
vary
Accept-Encoding
content-type
text/html
location
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=vIZF6pYy6lc78XDRri4W8ECGTW9v4dN99ZKNkU3o6gAWvM81
x-cloud-trace-context
8e04e1ae1b8292c1840594d9fafec273
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6
tr.blismedia.com/v1/dpusync/ Frame 7F37
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65879536E67DA50AFFF006B2BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65879536E67DA50AFFF0...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=65879536E67DA50AFFF006B2BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQIV2PU4-W-M0C3
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LQIV2PU4-W-M0C3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LQIV2PU4-W-M0C3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
sd
jp-u.openx.net/w/1.0/ Frame 7F37
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57z2Ja005BDCM006DAZ5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57z2Ja005BDCM006DAZ5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sun, 24 Dec 2023 02:19:36 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=57z2Ja005BDCM006DAZ5
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 7F37 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=41b03351-870b-c6bf-6229-478f4554245f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.102.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 7F37
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=KvtX7RgxWNRFeu4KcKUQBkLLcKI
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Date
Sun, 24 Dec 2023 02:19:35 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
b3c5c815-0972-aeba-59f6-e32e299f56e8
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7F37 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/b3c5c815-0972-aeba-59f6-e32e299f56e8?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.77.82 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-77-82.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 7F37 		0
0
dds
rtb.openx.net/sync/ Frame 7F37
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-FQkbTBYhd2OVblsBdGhGw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 7F37 		0
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&f=0&j=&t=1703384373899&de=244622739694&cu=1703384373899&m=1829&ar=cc84ca2002d-clean&iw=5e57383&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1873&le=1&lh=42&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1943%3A1943%3A0%3A1929&as=1&ag=1198&an=11&gi=1&gf=1198&gg=11&ix=1198&ic=1198&ez=1&ck=1198&kw=1007&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=11&ci=1198&jz=1007&dj=1&aa=1&ad=1097&cn=0&gn=1&gk=1097&gl=0&ik=1097&co=1097&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=21&ah=1007&am=21&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-header&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zMoatDfpSlotId=ad-header&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=206701&na=689124825&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:35 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&f=0&j=&t=1703384373899&de=244622739694&cu=1703384373899&m=1830&ar=cc84ca2002d-clean&iw=5e57383&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1873&le=1&lh=42&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1943%3A1943%3A0%3A1929&as=1&ag=1198&an=1198&gi=1&gf=1198&gg=1198&ix=1198&ic=1198&ez=1&ck=1198&kw=1007&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=1198&ci=1198&jz=1007&dj=1&aa=1&ad=1097&cn=1097&gn=1&gk=1097&gl=1097&ik=1097&co=1097&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=1007&ah=1007&am=1007&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-header&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zMoatDfpSlotId=ad-header&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=206701&na=1805331486&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:35 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&f=0&j=&t=1703384373899&de=244622739694&cu=1703384373899&m=1830&ar=cc84ca2002d-clean&iw=5e57383&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1873&le=1&lh=42&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1943%3A1943%3A0%3A1929&as=1&ag=1198&an=1198&gi=1&gf=1198&gg=1198&ix=1198&ic=1198&ez=1&ck=1198&kw=1007&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=1198&ci=1198&jz=1007&dj=1&aa=1&ad=1097&cn=1097&gn=1&gk=1097&gl=1097&ik=1097&co=1097&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=1007&ah=1007&am=1007&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-header&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zMoatDfpSlotId=ad-header&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=206701&na=114938335&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:35 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9A27 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 41A2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91169281&p=163238&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
06ff8f5b5be0775825cd80fda4db5a21a5aef72b1c376b75ec44696082262141

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 02:19:36 GMT
content-length
1807
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A27 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33416605&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2a1e03b4173e0415ce8044ca4658f798594f884bd050831d63d04d47c5a90419

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 02:19:35 GMT
content-length
1762
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 861E 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=undefined
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 83F6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=undefined
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AOX4bA_l82IbsfJpDrLtY1KzoWMbsaE9D-Dg37bM
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AOX4bA_l82IbsfJpDrLtY1KzoWMbsaE9D-Dg37bM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 23:21:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AOX4bA_l82IbsfJpDrLtY1KzoWMbsaE9D-Dg37bM
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F72E
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmsynn
1 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmsynn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 23:21:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 24 Dec 2023 02:19:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmsynn
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4831
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=undefined&gdpr=1
0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=undefined&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 20:23:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=undefined&gdpr=1
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1703384377.919519,VS0,VE229
ImgSync
image8.pubmatic.com/AdServer/ Frame AAAD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=undefined
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=undefined
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 648E
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7be2627fbd7a4b3286d7ed4eb1996538
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 22:55:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 4C86 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 24 Dec 2023 02:19:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 79C4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=undefined&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggy...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=undefined
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 23:21:08 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 058B 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 898E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=E6Y873mICiaqTCdVOZWHZQ
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=E6Y873mICiaqTCdVOZWHZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=E6Y873mICiaqTCdVOZWHZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame EFBC
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe0307269a6d744c68d239a38c6c823bf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 22:55:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
user-sync
ms-cookie-sync.presage.io/ Frame A2DE 		0
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 02:19:36 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Id
b1PZOIsesiUsSGLhfMs2EUbE9MbFi0JloaE911p27BL-ScBO83qsHQ==
X-Amz-Cf-Pop
SYD62-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
458249.gif
idsync.rlcdn.com/ Frame 41A2
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7a8f7440947866f750a5b1c089f9cd191f22bab4b040455e97b9f5e639c44586791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YThmNzQ0MDk0Nzg2NmY3NTBhNWIxYzA4OWY5Y2QxOTFmMjJiYWI0YjA0MDQ1NWU5N2I5ZjVlNjM5YzQ0NTg2NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YThmNzQ0MDk0Nzg2NmY3NTBhNWIxYzA4OWY5Y2QxOTFmMjJiYWI0YjA0MDQ1NWU5N2I5ZjVlNjM5YzQ0NTg2NzkxNDI2YjU0MTdkY2UyMRAAGgwIuaqerAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=11863de4-3c2c-4774-9285-82f3e62d75b6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=11863de4-3c2c-4774-9285-82f3e62d75b6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_ym_n-Ogury_rx_n-MediaNet&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 02:19:37 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=11863de4-3c2c-4774-9285-82f3e62d75b6
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
match
c1.adform.net/serving/cookie/ Frame DF16 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
396846.gif
idsync.rlcdn.com/ Frame 9A27
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=72c4d137-5499-0a93-3758-7528ef53fa79
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=72c4d137-5499-0a93-3758-7528ef53fa79
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 02:19:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=72c4d137-5499-0a93-3758-7528ef53fa79
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 549F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 18:03:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame B707
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmnf2c
1 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmnf2c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 18:03:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tphujmnf2c
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D48A 		85 B
155 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1703384377.943866,VS0,VE229
ImgSync
image8.pubmatic.com/AdServer/ Frame 3080
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:17:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame EB44
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b1fa6d3762245fc93071d5c3e0b2073
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 0B92 		43 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 24 Dec 2023 02:19:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame F7A6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0237 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 6BC5
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hl68t8gFDMSltDdeOZWHZQ
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hl68t8gFDMSltDdeOZWHZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=hl68t8gFDMSltDdeOZWHZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 26A2
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe0307269a6d744c68d239a38c6c823bf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame DC03 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:36 GMT
Expires
0
Pragma
no-cache
PugMaster
image6.pubmatic.com/AdServer/ Frame 9DD6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24439096&p=158583&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a497f3cc5e8aad2bdc0d5a1c84969d3df66ffcef7716c80c6a5434e6898ed330

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 02:19:37 GMT
content-length
1862
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 157E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e179f308-a202-11ee-be46-8b2898521c37
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e179f308-a202-11ee-be46-8b2898521c37
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 22:55:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e179f308-a202-11ee-be46-8b2898521c37
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame BC0C 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:37 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame D434 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.102.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
i.match
a.tribalfusion.com/ Frame 1CA1 		43 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83a55c463c9caacb-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 02:19:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame 1BE3 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 02:19:38 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-5b45aa22abce@version_1.579
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame CE50
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 22:36:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 3E51 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 24 Dec 2023 02:19:37 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 8A6F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3enfOnRG1Rhe5z5&gdpr=0&gdpr_consent=
42 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3enfOnRG1Rhe5z5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 22:55:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 02:19:37 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3enfOnRG1Rhe5z5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02709237e5f898394@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 9217
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759399871012125
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759399871012125
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 23:21:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 24 Dec 2023 02:19:37 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759399871012125
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
ImgSync
image8.pubmatic.com/AdServer/ Frame EB21
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6428252964
  • https://sync.1rx.io/usersync/tradedesk/1e376597-7051-4403-b461-4ee96ad364b3
  • https://sync.targeting.unrulymedia.com/csync/RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 23:21:08 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame BE84
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AAC8D408B59A4374A9D391D60E589B74&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 02:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 22:55:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame F28C 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43639131&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 02:19:38 GMT
content-length
47
content-type
text/html; charset=UTF-8
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=45je3bt0v890904141&_p=1703384369763&gcd=11l1l1l1l1&dma=0&cid=2096876388.1703384371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1703384370&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&dt=Maryse%20Ouellet&en=ad_impression&ep.query_id=CJLl5KOBp4MDFdtiKwodb00E5Q&_et=3074&tfd=10712
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 02:19:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 06C4 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=25&external_user_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Sun, 24 Dec 2023 02:19:38 GMT
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame 41A2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=163238&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 9A27 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 9DD6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158583&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158583&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:19:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ov=0&ak=-&i=FOX3&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&f=0&j=&t=1703384373899&de=244622739694&cu=1703384373899&m=5657&ar=cc84ca2002d-clean&iw=5e57383&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1873&le=1&lh=42&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1943%3A1943%3A0%3A1929&as=1&ag=5027&an=1198&gi=1&gf=5027&gg=1198&ix=5027&ic=5027&ez=1&ck=1198&kw=1007&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5027&bx=1198&ci=1198&jz=1007&dj=1&aa=1&ad=4926&cn=1097&gn=1&gk=4926&gl=1097&ik=4926&co=1097&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4836&cd=1007&ah=4836&am=1007&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&bo=tmz&bd=desk&gw=fxnwsv2L3592D3FC21&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&dfpSlotId=ad-header&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zMoatDfpSlotId=ad-header&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=206701&na=1404831963&cs=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/people/maryse-ouellet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.tmz.com/people/maryse-ouellet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 02:19:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 02:19:39 GMT
user-sync
ms-cookie-sync.presage.io/ Frame EB9B 		0
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync?gdpr=0&gdpr_consent=undefined&pubmatic_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-2.syd62.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 02:19:39 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
X-Amz-Cf-Id
fIs7HXwUKxV2-Q1WMUpjCIsPHbUVRFX6j18Rlh8SYt5ah8N2pbcYeQ==
X-Amz-Cf-Pop
SYD62-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
match
events-ssc.33across.com/ Frame 3C9F 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1---&bidder_id=25&external_user_id=C9C48A5B-8ECF-451B-8875-69EA7419C1F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1---&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1---%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Sun, 24 Dec 2023 02:19:41 GMT
via
1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel-us-apac.rubiconproject.com
URL
https://pixel-us-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
Domain
mb.moatads.com
URL
https://mb.moatads.com/n.js?e=35&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1703384373899&de=244622739694&m=0&ar=cc84ca2002d-clean&iw=5e57383&q=2&cb=0&ym=0&cu=1703384373899&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1943%3A1943%3A0%3A1929&jm=-1&fs=206701&na=998004890&cs=0&ord=1703384373899&jv=1230974515&callback=DOMlessLLDcallback_2846728
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13258
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture string| AMP_BASE_URL string| APP_BUILD string| APP_DEPLOYMENT_ID string| APP_ENV string| APP_NAME string| APP_VENDOR string| APP_VERSION object| CLIENT_PRELOADED_STATE string| CLIENT_PUBLIC_PATH string| CLOUD_PROVIDER string| CLOUD_REGION string| CLOUD_ZONE string| DAM_DEFAULT_BASE_URL string| DAM_IMAGE_BASE_URL string| DAM_VIDEO_BASE_URL string| DEFAULT_LOCALE string| DEVICE_VIEW boolean| GDPR_APPLIES boolean| IS_STAFF string| LOCALE string| SHARE_BASE_URL string| SITE_BASE_URL string| STATIC_BASE_URL string| VIEWER_COUNTRY string| WEB_BASE_URL object| dataLayer object| wbq object| googletag object| foxstrike object| semaphore object| webpackChunk number| uidEvent function| clearImmediate function| setImmediate object| regeneratorRuntime function| __uspapi function| consentsTo function| watchConsent object| wbabt function| jQuery function| $ object| TMZ function| ketch object| ggeac object| google_tag_data object| google_js_reporting_queue object| ProfileSDK object| google_tag_manager function| onYouTubeIframeAPIReady function| gtmVisitorApi function| gtmLoadAppMeasurement object| s object| asq object| _comscore function| gtag object| gaGlobal string| GoogleAnalyticsObject function| ga object| COMSCORE object| ns_p function| _typeof undefined| google_measure_js_timing object| adobe function| Visitor object| s_c_il number| s_c_in function| e function| AppMeasurement_Module_Media number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| gtm string| s_account object| GooglebQhCsO string| x string| y object| s_i_wbrostmz object| gaplugins object| gaData object| FNC function| lodash function| ope boolean| onePlusXEncryptedValueSent object| aax object| apstag function| pre function| onVideoOverlayOpen function| onVideoOverlayClose function| loadAd function| manualRefreshAds function| pageLoadDynamicAdPlacementsReady function| initBidding function| loadDynamicAd function| onDestroy function| correlate function| adRefreshCallback function| reloadAds function| setupAdRefreshTimerLogic function| onAdSlotRendered object| adRefreshTimer object| pbjs object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| Criteo function| parcelRequire94c2 function| Fennec object| fennec object| xf_dl object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am number| google_unique_id boolean| __bt_already_invoked object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 function| DOMlessLLDcallback_2846728 object| MoatDataJsonpRequest_2846728 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123

208 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQrbj7zMkxCgoIkQIQrbj7zMkxCgoItAIQrbj7zMkxCgoI5gEQrbj7zMkxCgoIhwIQrbj7zMkxCgoItwIQrbj7zMkxCgkIOhCtuPvMyTEKCgiMAhCtuPvMyTEKCQhfEK24-8zJMQoJCB8Qrbj7zMkx
prod.xid.atp.fox/v2 Name: xid
Value: b1cc2fd0-00cd-4a54-a049-6d3119c0c108
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDnFg
.tmz.com/ Name: xid
Value: b1cc2fd0-00cd-4a54-a049-6d3119c0c108
www.tmz.com/ Name: wbppid
Value: b1cc2fd0-00cd-4a54-a049-6d3119c0c108
.tmz.com/ Name: usprivacy
Value: 1---
.tmz.com/ Name: us_privacy
Value: 1---
.tmz.com/ Name: _swb
Value: 377e0bbd-51d3-493e-bac3-249be59e452f
.imrworldwide.com/ Name: IMRID
Value: dec08fa0-a202-11ee-b88f-8bd79e0d5674
.scorecardresearch.com/ Name: UID
Value: 1FC410f3ca207ef4c3ecd261703384370
.demdex.net/ Name: demdex
Value: 59351209882131674150409854727951110222
.tmz.com/ Name: _gcl_au
Value: 1.1.1200808611.1703384371
.tmz.com/ Name: _swb_consent_
Value: eyJvcmdhbml6YXRpb25Db2RlIjoidG16IiwicHJvcGVydHlDb2RlIjoidG16X3dlYiIsImVudmlyb25tZW50Q29kZSI6InByb2R1Y3Rpb24iLCJpZGVudGl0aWVzIjp7InN3Yl90bXpfd2ViIjoiMzc3ZTBiYmQtNTFkMy00OTNlLWJhYzMtMjQ5YmU1OWU0NTJmIiwieGlkIjoiYjFjYzJmZDAtMDBjZC00YTU0LWEwNDktNmQzMTE5YzBjMTA4In0sImp1cmlzZGljdGlvbkNvZGUiOiJkZWZhdWx0IiwicHVycG9zZXMiOnsidGFyZ2V0ZWRfYWR2ZXJ0aXNpbmciOnsiYWxsb3dlZCI6InRydWUiLCJsZWdhbEJhc2lzQ29kZSI6ImRpc2Nsb3N1cmUifX0sImNvbGxlY3RlZEF0IjoxNzAzMzg0MzcwfQ%3D%3D
.tmz.com/ Name: _ketch_consent_v1_
Value: eyJ0YXJnZXRlZF9hZHZlcnRpc2luZyI6eyJzdGF0dXMiOiJncmFudGVkIiwiY2Fub25pY2FsUHVycG9zZXMiOlsiYmVoYXZpb3JhbF9hZHZlcnRpc2luZyJdfX0%3D
.tmz.com/ Name: AMCVS_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1
.tmz.com/ Name: s_ecid
Value: MCMID%7C65623027268144044380935669193070254639
.www.tmz.com/ Name: s_nrv
Value: 1703384370993-New
.www.tmz.com/ Name: s_ppn
Value: Maryse%20Ouellet
.www.tmz.com/ Name: s_cc
Value: true
.tmz.com/ Name: _ga
Value: GA1.2.2096876388.1703384371
.tmz.com/ Name: _gid
Value: GA1.2.1110401673.1703384371
.smetrics.tmz.com/ Name: s_ecid
Value: MCMID%7C65623027268144044380935669193070254639
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYeVMwAAAMYcBwN7
.dpm.demdex.net/ Name: dpm
Value: 59351209882131674150409854727951110222
.tmz.com/ Name: AMCV_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19716%7CMCMID%7C65623027268144044380935669193070254639%7CMCAAMLH-1703989170%7C8%7CMCAAMB-1703989170%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1703391570s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19723%7CvVersion%7C4.4.0
www.tmz.com/ Name: FXN_flk
Value: 1
www.tmz.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: f4ae9108-3059-0304-32f7-3d33b2efa85c|1703384371
.3lift.com/ Name: tluid
Value: 2185073698838223315138
.kargo.com/ Name: ktcid
Value: a48a7228-1852-05d4-1a49-eafd88947ab2
.tagger.opecloud.com/ Name: ope_uid
Value: 2-akhWx9MLK0MLfu4+/wqAxobyuwzsDkl7G2778Ap9ju05aayXcZLQwInv+buaVnadiAdJdQ==
.rubiconproject.com/ Name: khaos
Value: LQIV2PU4-W-M0C3
.amazon-adsystem.com/ Name: ad-id
Value: AyaH4auUm0RejTZ0iCjgml0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUlMWm1Ji6_QVEihoo9YGCa7XUDpjdmCseGTMk1TCTQhbdfXKBCXajY0KdaKnFw
.yahoo.com/ Name: A3
Value: d=AQABBDSVh2UCEON2nrDwOXzBWfA0Te_T39YFEgEBAQHmiGWRZdww0iMA_eMAAA&S=AQAAAjDmkwTVbIcKUkIHgmVYO-8
.adsrvr.org/ Name: TDID
Value: 1e376597-7051-4403-b461-4ee96ad364b3
www.tmz.com/ Name: xid
Value: b1cc2fd0-00cd-4a54-a049-6d3119c0c108
.casalemedia.com/ Name: CMID
Value: ZYeVNayzWsrLUbAa3UP6NQAA
.casalemedia.com/ Name: CMPS
Value: 5322
.casalemedia.com/ Name: CMPRO
Value: 5322
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%2223a43930-eeed-4a92-9a9d-ee8f74731ba4%22%7D
.gumgum.com/ Name: vst
Value: a_27af13ac-9236-4c99-abce-1011de747812
.media.net/ Name: visitor-id
Value: 3463859732889891000V10
.tmz.com/ Name: __gads
Value: ID=0dc8db7378b17fa0:T=1703384373:RT=1703384373:S=ALNI_MYqrmWQHGjfNKTojzhZWeJRNJNDXg
.tmz.com/ Name: __gpi
Value: UID=00000cc05fb20d32:T=1703384373:RT=1703384373:S=ALNI_MZCX5K0qvQeY18KvxJPJ22G1mcBPw
.tmz.com/ Name: _ga_NCN9V8PMQF
Value: GS1.1.1703384370.1.0.1703384373.57.0.0
.ads.stickyadstv.com/ Name: UID
Value: b19d84ea460af89b63fb1beb14117
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZYeVNayzWsrLUbAa3UP6NQAAFMoAAAIB
.yieldmo.com/ Name: yieldmo_id
Value: 3zVi4wwll1wrPjxd_D3W%7C1703376000000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1183745%7Cunl%3D1183745%7Ct%3D1183745%7Cpub%3D1183745%7Can%3D1183745
.sharethrough.com/ Name: stx_user_id
Value: 8345feed-0646-4852-bfa0-f7aa3e435583
.brand-display.com/ Name: _knxq_
Value: fcafa3e5-4d11-f0c7-0e3eab71.1703384373.0.1703384373.1703384373
.bidswitch.net/ Name: tuuid
Value: e26ab116-5318-46a7-ae11-c625eda0933a
.bidswitch.net/ Name: c
Value: 1703384373
.bidswitch.net/ Name: tuuid_lu
Value: 1703384373
.socdm.com/ Name: SOC
Value: ZYeVNcCo5uYAAClfLWgAAAAA
.adnxs.com/ Name: uuid2
Value: 3061299232830050353
.contextweb.com/ Name: V
Value: mr1UgO39k2rO
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1opx|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f1edc0cde51abd7d
www.tmz.com/ Name: _lr_retry_request
Value: true
www.tmz.com/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C9C48A5B-8ECF-451B-8875-69EA7419C1F6
.adform.net/ Name: C
Value: 1
.ads.yieldmo.com/ Name: ptran
Value: 28950485726920138
.ads.yieldmo.com/ Name: ptrt
Value: 1e376597-7051-4403-b461-4ee96ad364b3
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAzMzg0Mzc0fQ
.openx.net/ Name: univ_id
Value: 537072971|1e376597-7051-4403-b461-4ee96ad364b3|1703384374249386
.ladsp.com/ Name: cr
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.smartadserver.com/ Name: pid
Value: 834199829011606522
.adx.opera.com/ Name: UID
Value: OPUe0307269a6d744c68d239a38c6c823bf
.ipredictive.com/ Name: cu
Value: 1189623c-fb5b-425c-b225-0dc07a993012|1703384374283
.creativecdn.com/ Name: ts
Value: 1703384374
.tapad.com/ Name: TapAd_TS
Value: 1703384374324
.tapad.com/ Name: TapAd_DID
Value: 9f387e9b-e794-44cd-bab2-875ebd122441
.ladsp.com/ Name: smn_uid
Value: 2i7kSzLWCoKVUh0ObL91PRA9TOlasfE
.ladsp.com/ Name: lum
Value: CNy4-8zJMRIFCAMQ0AU
.adnxs.com/ Name: XANDR_PANID
Value: h9rrsVrtY-q777_1edtfQceuU_pDMk9iTyskDlaeCtMwZ_y3aY2MxVIkBRV-u3HpoaB9Ouiog8CszxnjV2L2mHxG6igyWRscpcsYH1uqjGw.
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC2qp6sBjABOgQ8w7t9QgRKwDSa.oI2NXcRwJHi1Mo3sOnOHQUpCRK8q4vy3B4G%2FtBrX0Io
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC2qp6sBjABOgQ8w7t9QgRKwDSa.oI2NXcRwJHi1Mo3sOnOHQUpCRK8q4vy3B4G%2FtBrX0Io
.turn.com/ Name: uid
Value: 8882083507781839953
.simpli.fi/ Name: suid
Value: AAC8D408B59A4374A9D391D60E589B74
.creativecdn.com/ Name: u
Value: QRZs8Wo9cGU9WxznPhfx
.creativecdn.com/ Name: g
Value: QRZs8Wo9cGU9WxznPhfx_1703384374382
.33across.com/ Name: 33x_ps
Value: u%3D212392931978800%3As1%3D1703384374544%3Ats%3D1703384374544
.richaudience.com/ Name: pdid
Value: b9ee438e-3979-466f-a77b-1zz1703384359
.sportradarserving.com/ Name: zuuid
Value: 3d141a3b-a464-47f4-98cf-f30dec6f7687
.sportradarserving.com/ Name: c
Value: 1703384374
.sportradarserving.com/ Name: zuuid_lu
Value: 1703384374
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8594
.mathtag.com/ Name: uuid
Value: 0b496587-9537-4300-b413-a27fa59a725b
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1703384374
.adform.net/ Name: uid
Value: 9029026832344905921
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3061299232830050353&KRTB&23339-3061299232830050353
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1e376597-7051-4403-b461-4ee96ad364b3&KRTB&22918-1e376597-7051-4403-b461-4ee96ad364b3&KRTB&22926-1e376597-7051-4403-b461-4ee96ad364b3&KRTB&23031-1e376597-7051-4403-b461-4ee96ad364b3
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8882083507781839953&KRTB&23150-8882083507781839953&KRTB&23527-8882083507781839953
.omnitagjs.com/ Name: ayl_visitor
Value: e5a496bfa17d1f28429fa7ebb2e56296
.blismedia.com/ Name: b
Value: 65879536E67DA50AFFF006B2BLIS
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8729540962301528107&KRTB&23263-8729540962301528107&KRTB&23481-8729540962301528107
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: li_sugr
Value: 514ea099-3dd7-4bc7-93ab-653066ec5218
.bidr.io/ Name: bito
Value: AAFidE7LDyoAABNSdNzTsg
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBMuAgOuJ1oXqz17JDB7XcU&KRTB&23025-CAESEBMuAgOuJ1oXqz17JDB7XcU&KRTB&23386-CAESEBMuAgOuJ1oXqz17JDB7XcU
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0b496587-9537-4300-b413-a27fa59a725b
.zemanta.com/ Name: zuid
Value: UHWo0XFUfyUSBjbdIIPp
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 126098747e15be8cf3af3305483da7da
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3jAnZj8gHYCJ1f_9nA4nXLPIrsKOUBocPO5Loa1nh2vnYtTJWr22LjxMJQC4TM1
.linkedin.com/ Name: bcookie
Value: "v=2&331d3ccd-d6ff-47cb-8a8b-c729b868b822"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2845:u=1:x=1:i=1703384374:t=1703470774:v=2:sig=AQGRE8JZCsRZYoJdGNM5EjmBvNebFrcW"
.csync.loopme.me/ Name: viewer_token
Value: 2f88f627-b5f4-4256-b7a0-f5bac8a91140
.criteo.com/ Name: uid
Value: b3a1d4a7-14ee-42f2-818c-720de94be299
.liadm.com/ Name: lidid
Value: fcb93bee-99a2-432d-aa93-5239ceeebc0f
.adfarm1.adition.com/ Name: UserID1
Value: 7315980178861455506
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004%22%7D
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel-apac.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.tynt.com/ Name: uid
Value: FtT2L2WHlTctP33rOphPmw==
.semasio.net/ Name: SEUNCY
Value: 4888DC34C3635C47
.adgrx.com/ Name: ADGRX_UID
Value: e179f308-a202-11ee-be46-8b2898521c37
.ads.yieldmo.com/ Name: ptrunl
Value: RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1703384375285%7D%5D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2fs2:18vk~2fs2:19e0~2fs2"
.adgrx.com/ Name: ADGRX_CM_RUBICON_BRIDGED
Value: 1
.hb.yahoo.net/ Name: visitor-id
Value: 3463859752889832000V10
.hb.yahoo.net/ Name: data-mag
Value: LQIV2PU4-W-M0C3~~63
.adnxs.com/ Name: anj
Value: dTM7k!M4/0EVNsVF']wIg2In7g.=T:!]td48bhzs#DNA_<'.OaUcIt2OwO]9_)mKFOxCBtSl53g[Q0WRcu`<:k!'d#/ky+-%ZBG2v_Q8#+%TacpdEJ#+I<_HGppSy3nXm/!*#xQ(0+a4
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMTg1MDczNjk4ODM4MjIzMzE1MTM4IiwiZXhwaXJlcyI6IjIwMjQtMDMtMjNUMDI6MTk6MzRaIn0sInJ1Ymljb24iOnsidWlkIjoiTFFJVjJQVTQtVy1NMEMzIiwiZXhwaXJlcyI6IjIwMjQtMDMtMjNUMDI6MTk6MzVaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMjRUMDI6MTk6MzRaIn0=
.fwmrm.net/ Name: _uid
Value: uml016d_7315989013940948020
.openx.net/ Name: pd
Value: v2|1703384374.1|lYvOiajEiuhI.wMsnwJuIjIvGlQkqlUvH
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUUlWMlBVNC1XLU0wQzMiLCJleHBpcmVzIjoiMjAyNC0wMS0wN1QwMjoxOTozNS42MzY4OTA2NTFaIn19fQ==
.rezync.com/ Name: zync-uuid
Value: d50586d9-86d8-4880-9975-bf0741bf4655:1703384375.6898718
.sitescout.com/ Name: ssi
Value: e9179f47-dee9-4497-80c6-cd771c6eeb14#1703384375527
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcwMzM4NDM3NTc4OSwiNyI6MTcwMzM4NDM3NTc4OX0
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUUlWMlBVNC1XLU0wQzMiLCJleHBpcmVzIjoiMjAyNC0wMS0wN1QwMjoxOTozNS45MDU3NTI4NzlaIn19LCJiZGF5IjoiMjAyMy0xMi0yNFQwMjoxOTozNS45MDUxNjYxNDlaIiwiaG9zdF91aWRzIjp7Im1lZGlhbmV0Ijp7InVpZCI6IjM0NjM4NTk3MzI4ODk4OTEwMDBWMTAifX19
.connatix.com/ Name: cnx_userId
Value: 6d08ebd4d11948d9af162f03a7ae5209
.r-ad.ne.jp/ Name: r_ad_token
Value: 57z2Ja005BDCM006DAZ5
.dotomi.com/ Name: DotomiTest
Value: 4c24097269dd206f
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2tLQwNzQwNDI0MhXiM9R1T_bO9A93i_dLN8sGAHA66UElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2tLQwNzQwNDI0MhXiM9R1T_bO9A93i_dLN8sGAHA66UElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3EwQ3AMAgDwE_XoQKBsek4UZRBOnl7j3svbjjUe-xPVpLbDGHrOCvWqQaeoGeqkrhbI4Y-NPdYLzoAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwVjEEKwyAQAP-y51jc6Lq7fiY01YC0sSUml4b8vfYyMDDMCdMnb-u95rpD3LcjD_B4lW4N4gmtfNf8hAioyEzqVIXR4ogjwTVAy62Vd51K6k0iSxKSmg4xXsQaVSYzL5Y9zosPRBHZOifeMd2C_GcC1w-VJCTn.ZYeVOA.U_vLgoClktTEImcRv-4Da70Voyk
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALhdgmYM_KvwMsz1ivAAAAAAA&KRTB&22713-AAALhdgmYM_KvwMsz1ivAAAAAAA&KRTB&22715-AAALhdgmYM_KvwMsz1ivAAAAAAA&KRTB&23519-AAALhdgmYM_KvwMsz1ivAAAAAAA
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLObZlO5A59OmsvGr/qdDoV7Uxe4IHQTC5OXg4JZWQ22LqorLnli3GBcpj76PKZXj/7PoJ9DNBEnilW2pO9dA+t8V0kxMR6Y5FfW8pPU411Fg==
.pubmatic.com/ Name: SPugT
Value: 1703370988
.smartadserver.com/ Name: csync
Value: 76:CAESEIjr8rg-B4AoFebT_fPM_C8|104:LQIV2PU4-W-M0C3
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 7a7e0bf5-ce24-4d3f-8faf-90a1f6a9f80a
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7a7e0bf5-ce24-4d3f-8faf-90a1f6a9f80a
.lijit.com/ Name: ljt_reader
Value: H30rKQZHb1ScjL2KRuqC9G1E
.lijit.com/ Name: _ljtrtb_80
Value: LQIV2PU4-W-M0C3
.pubmatic.com/ Name: DPSync3
Value: 1703462400%3A248%7C1704585600%3A197_201_245_226%7C1703980800%3A164
.aniview.com/ Name: 1_C_5
Value: LQIV2PU4-W-M0C3
sync.aniview.com/ Name: 1_C_5
Value: LQIV2PU4-W-M0C3
.ads.yieldmo.com/ Name: ptrpub
Value: C9C48A5B-8ECF-451B-8875-69EA7419C1F6
.ctnsnet.com/ Name: cid_2492afc1f8364411851c1bdc9f66cc4a
Value: 1
.ctnsnet.com/ Name: cid_7be2627fbd7a4b3286d7ed4eb1996538
Value: 1
.ctnsnet.com/ Name: cid_12b05ef147cc41ed9ca57f14d9ad0cba
Value: 1
.ctnsnet.com/ Name: cid_1b1fa6d3762245fc93071d5c3e0b2073
Value: 1
.rlcdn.com/ Name: rlas3
Value: HYyivtDOdoTP0nnadsmCPlRnZzFnfWuUFnjIrPIdLcM=
.rlcdn.com/ Name: pxrc
Value: CLiqnqwGEgYIuuoBEAASBgi46wEQARIPCJC8KxD+//////////8B
.ads.pubmatic.com/ Name: KCCH
Value: YES
.primis.tech/ Name: csuuid
Value: 658795391351d
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-1b1fa6d3762245fc93071d5c3e0b2073&KRTB&23328-1b1fa6d3762245fc93071d5c3e0b2073&KRTB&23427-1b1fa6d3762245fc93071d5c3e0b2073&KRTB&23445-1b1fa6d3762245fc93071d5c3e0b2073
.pippio.com/ Name: did
Value: TKoEjlPbkJaT896j
.pippio.com/ Name: didts
Value: 1703384377
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23334-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23417-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23426-KvtX7RgxWNRFeu4KcKUQBkLLcKI
.pubmatic.com/ Name: SyncRTB3
Value: 1704240000%3A63%7C1708560000%3A69%7C1704672000%3A35%7C1704585600%3A238_234_99_233_220_176_96_8_7_209_264_56_179_231_21_13_3_107_254_165_5_247_22_54_46_214_71%7C1703980800%3A15_2_223
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUe0307269a6d744c68d239a38c6c823bf&KRTB&23485-OPUe0307269a6d744c68d239a38c6c823bf&KRTB&23524-OPUe0307269a6d744c68d239a38c6c823bf
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: XXK2tyUK0E
.pubmatic.com/ Name: pi
Value: 0:3
.c.appier.net/ Name: _auid
Value: hl68t8gFDMSltDdeOZWHZQ
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WMuw2AQAzFxABUzBGUKL8XxjmdbiBKSkZgQqhANJZc2Nc0S7IqTDO1bF-yOzuiFz0AGcBUlU5tcJq0YeG-vZGvgUIKjuU7hYSff48bqP-6CWoAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIytOX0JmMwjwQBRIbCgxzaGFyZXRocm91Z2gSCwjm0trRmYzCPBAFEhcKCHB1Ym1hdGljEgsIsvDr1pmMwjwQBRIWCgdzdng5dDUwEgsIqo2E2JmMwjwQBRIWCgdydWJpY29uEgsIlI7Y2ZmMwjwQBRgBIAEoAjILCOb11KKwjMI8EAU4AVoLYWRjb25kdWN0b3JgAg..
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12tphujmnf2c
.pippio.com/ Name: pxrc
Value: CLmqnqwGEgQIAhAAEgYI7OsBEAA=
.tribalfusion.com/ Name: ANON_ID
Value: a6nxvYMZaAC7pqGpS6IsbYvZcvDIh47lZdLevZbZa3QXSUUUWQMZd5BnZasjK3Zaj0SyjZbTtkoQWWJ0fpChZbvxuUHUSpRtgeD39RGa7eQElGfYFJ5e2jwEe2yZcCZaBlyET8XaJFiKkVYH
.linksynergy.com/ Name: rmuid
Value: 11863de4-3c2c-4774-9285-82f3e62d75b6
.linksynergy.com/ Name: icts
Value: 2023-12-24T02:19:37Z
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004%22%2C%22nxtrdr%22%3Afalse%7D
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUekpyRnRE
.intentiq.com/ Name: IQPData
Value: 1120628898#1703384377531#0#1703384377531
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1703384377533
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-hl68t8gFDMSltDdeOZWHZQ
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1917759399871012125
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e179f308-a202-11ee-be46-8b2898521c37&KRTB&23275-e179f308-a202-11ee-be46-8b2898521c37
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12tphujmnf2c
.quantserve.com/ Name: d
Value: ELQBCwHeKvijAA
.quantserve.com/ Name: mc
Value: 65879539-a22b5-f088b-08c00
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q&KRTB&19420-eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q&KRTB&22979-eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q&KRTB&23462-eF1tcnddZnxjCWd3LF14I35QbSdjWG0mflhJ-q6Q
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004&KRTB&17107-RX-68b096c2-d0b1-4e66-8520-94cda07faacf-004
.pubmatic.com/ Name: PugT
Value: 1703373668
.w55c.net/ Name: wfivefivec
Value: 3enfOnRG1Rhe5z5
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.w55c.net/ Name: matchpubmatic
Value: 5

9 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security warning URL: https://scripts.webcontentassessor.com/scripts/ef7354ec86f4378cf95ea8f0bd45b2cddbb4090244b9cb993353de7c7923a0f4
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://pixel-us-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://mb.moatads.com/n.js?e=35&ol=2909853614&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-z3tF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=FOX3&hp=1&zMoatAU=%2F4145%2Ftmz%2Fdesk%2Fother%2Flb1&zMoatGNID=4145&zMoatAU1=tmz&zMoatAU2=desk&zMoatAU3=other&zMoatAU4=lb1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1703384373899&de=244622739694&m=0&ar=cc84ca2002d-clean&iw=5e57383&q=2&cb=0&ym=0&cu=1703384373899&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5089884148%3A3032715969%3A6024231078%3A138392738672&zMoatMMV=%25%25PATTERN%3Am_mv%25&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=tmz.com%2Fpeople%2Fmaryse-ouellet&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmz.com%2Fpeople%2Fmaryse-ouellet%2F&id=1&ii=4&bo=tmz&bd=desk&zMoatOrigSlicer1=tmz&zMoatOrigSlicer2=desk&gw=fxnwsv2L3592D3FC21&fd=1&it=500&ti=0&ih=2&pe=1%3A1943%3A1943%3A0%3A1929&jm=-1&fs=206701&na=998004890&cs=0&ord=1703384373899&jv=1230974515&callback=DOMlessLLDcallback_2846728
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
javascript error URL: https://www.tmz.com/people/maryse-ouellet/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13258' from origin 'https://www.tmz.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.krxd.net/userdata/get?pub=1ec99b1c-44a5-4b51-bb4a-4d1543830ca0&callback=kx_partner_segments
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e376597-7051-4403-b461-4ee96ad364b3&gdpr=0&gdpr_consent=&expires=30
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7bd92.v.fwmrm.net
9cc50167fb6494c6c4a7b599a7318b76.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
api.btloader.com
api.rlcdn.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bk.r-ad.ne.jp
btloader.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
cdn.indexww.com
cdn.ketchjs.com
cdn.krxd.net
cdn.opecloud.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
cr-p3.ladsp.com
crb.kargo.com
creativecdn.com
cs.media.net
cs.minutemedia-prebid.com
cs.nex8.net
cs.yellowblue.io
csync.loopme.me
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
events-ssc.33across.com
exchange.mediavine.com
fastlane.rubiconproject.com
fox.demdex.net
fox.tagger.opecloud.com
foxkit.fox.com
foxnews-d.openx.net
foxus.tagger.opecloud.com
global.ketchcdn.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imagez.tmz.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
krk.kargo.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
ms-cookie-sync.presage.io
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-apac.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-s2s.media.net
prebid.a-mo.net
prod.fennec.atp.fox
prod.pyxis.atp.fox
prod.xid.atp.fox
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rubicon-match.dotomi.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s2s.t13.io
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
smetrics.tmz.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.foxnews.com
static.tmz.com
stats.g.doubleclick.net
strike.fox.com
sync-amz.ads.yieldmo.com
sync-axelmark-dsp.focas.jp
sync-dsp.ad-m.asia
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tagger.opecloud.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
tmz.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.tmz.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
cs.nex8.net
mb.moatads.com
pixel-us-apac.rubiconproject.com
sync-dsp.ad-m.asia
103.229.10.180
103.3.63.48
103.43.90.178
104.18.25.173
104.18.36.155
104.18.41.104
107.178.254.65
119.9.108.180
13.107.42.14
13.112.54.241
13.213.147.200
13.224.181.71
13.250.173.68
13.251.208.106
13.35.147.23
13.35.147.3
13.35.147.55
13.35.147.68
13.35.147.7
13.35.151.131
130.211.23.194
131.153.206.102
138.201.8.249
142.250.204.14
142.250.204.2
142.250.204.6
142.250.67.2
142.250.67.3
142.250.71.66
142.251.221.65
142.251.221.66
142.251.221.68
143.244.208.184
151.101.130.217
151.101.194.132
151.101.194.133
151.101.194.137
151.101.2.49
151.101.66.132
152.69.173.77
172.217.167.98
172.217.24.33
172.217.24.40
172.64.149.180
172.64.151.101
172.67.4.231
172.67.41.60
172.67.69.19
18.134.84.23
18.138.18.111
18.138.247.38
18.138.95.106
18.140.77.82
18.143.106.89
18.176.234.133
18.238.192.40
18.67.111.101
18.67.111.128
18.67.114.43
18.67.172.126
18.67.93.11
18.67.93.2
18.67.93.4
182.161.73.129
182.161.73.145
182.161.73.146
184.24.241.42
185.184.8.90
185.84.60.20
195.5.165.20
198.8.71.131
207.65.33.76
207.65.33.82
207.65.33.83
211.120.53.206
216.200.232.249
216.239.38.181
220.150.223.50
23.1.240.43
23.106.127.38
23.106.127.56
23.198.55.252
23.198.57.183
23.198.59.89
23.223.50.11
23.48.96.27
23.48.97.32
23.52.225.82
23.52.255.186
3.122.160.55
34.107.140.113
34.107.148.139
34.111.113.62
34.111.147.92
34.117.239.71
34.126.167.117
34.149.20.76
34.149.50.64
34.160.19.107
34.96.105.8
34.98.67.3
35.161.37.58
35.186.193.173
35.213.12.39
35.213.93.179
35.214.187.199
35.227.252.103
35.244.154.8
35.244.159.8
35.71.131.137
35.71.178.8
35.72.102.184
35.72.176.125
35.79.250.83
35.84.104.50
38.133.127.31
47.128.190.164
50.116.239.135
52.220.199.193
52.3.76.47
52.46.151.131
52.62.193.219
52.74.118.249
52.76.6.255
52.77.167.172
52.89.208.126
54.148.102.105
54.149.106.49
54.162.157.217
54.193.221.12
54.211.244.166
54.226.177.40
54.252.69.94
54.255.74.183
54.82.32.1
63.140.56.133
63.251.14.3
64.233.170.157
64.38.119.42
64.74.236.31
67.199.150.82
67.199.150.87
67.202.105.22
67.202.105.32
67.220.226.234
69.173.158.64
69.173.158.65
74.118.186.107
74.214.196.131
8.18.47.7
8.43.72.97
82.145.213.8
85.114.159.93
89.207.22.140
96.46.186.182
98.98.134.242
019b7226eb576f9cea64076ac9abc9357df192a55f1044968bdbb7b1b1843fbd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ff8f5b5be0775825cd80fda4db5a21a5aef72b1c376b75ec44696082262141
08c8bf5352ebbeae43143727ea23acff4db73e2e2c19f59bf70b30c5fd24de0b
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a58dfece42bbead9f399f364fdfa3c3cfda24d96df8c60f04b8063533950447
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d80fa61b10fbd68b3f91c466635a0eb5ef5663a0798a9f8342a5897bb93e795
0e2deffa2baee5a1def6b48db239b8b449d53e7a0fb130663fc2e63eff1a5683
0ed9f4489f29950f54053b4620800f6f1e061f3a467dfda552104034a71c3da9
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
13cc11faa86705027126cdf77fc30db92be1fc89d708a9da9edf1c300ff6bf68
14b2a9ea828843e604666a72815b92472aa89e54a6fccf0edf314460857c8bde
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9
194823d1ffd78b9a9db726ee2f253cfbdc42ca94f7ed4ed5fb322ee81c670589
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e1f4f2936987378c743934891c147383e819102948f17d11cae6a526882cc9d
1e7186b3a4096f721326036a574e0a527b987def33b75d6a6785abd5227debc4
248abdbd3f9da44442bc36cc56b28d3fc8fcb351a655271baed0e1b919095e69
2549ebc2830a5c67e1c046ab0dded0c13b4f95cf5239119e7f65903d5b4e64ff
2a1e03b4173e0415ce8044ca4658f798594f884bd050831d63d04d47c5a90419
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b874d2ac71c1b9f89eb9e1bfa6fd77dca55413caba63c028b0beffacb1bbb96
2d965c7d2303d31fc532b2562e2dfa52e848264ecfeea799ca763db40becaf08
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed14d6ef46a6c6770071ec0d3af689ebaec414436f32c5b107e8da392e709c1
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffbb25122eed3203c6b5d0457a1fbd4e2c7845afd95bdab0979f37fc7cf2ff0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a505bc6f5c7c047e4bc61224e6cc94e391216462205d73ff8edd0f62663546
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3
4a6a747f45437ab55033bc25d96d2cc8ec94cd652903f76338d731116c3b4f09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f688b0f4a76d976cc9fa0b932467afed25904be667cacc197f2fe17d53b17af
51afc8afb21fcdc397784380d2b7fd617e2435a83e8933964937ff2150345a00
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
57f32b44e6552998b7098e841b61b38cc2f2b1a2e58c9ae45031255caf0281d7
5d586ed914b0d1d0843ce877f39cd35b6e5252a0a05cb58e49ec5ff84a65678e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6283a1349f37e7c4ad382fdef3fdf0106b7884dccfb11ff117dcda5529fbc1b1
693ff6901bee8d5e2dd0fb64c10b0edc5fcfca86274ec579da3116ee8892bfe5
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f61402ae627f17a7a43d8f118a4fd7d85c18ad52b801ad79c0eb0b1b19fd48c
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119
736cd4a2ab3f82ac0e12220711d421bea6ac8b29af5713403c13c84fc749e719
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15
7647eda4133dda622cafa123e7e2a3e906469e8d31573d94ef4c0c563b2ca0f2
7897c1a9f15cfad3631cd00e4090ae63deaa4d5700d3717d55840ace46009b23
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf
8d01c9bd1747b505f13a0b5882382a113cd5493fdb66e1fb736e7e23d760b4aa
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e5bbfd8bc200489300d59fc2afbe34c958ffc4f86796a03bb8a8367012e6637
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9072391952418f5a7f87ff82e54fcff613c5a1f67b2b0a42ddf886608bcf2923
923c3f1f4f37d16eb42edfb911a94796ba3530906cbb1e57341de6748af99410
93902d77edd31b3f7bc96f38e80c5e152a76f079798ff16426c2cb61ffc37ed0
9579d3fe9aefc3de84350249249f4f4399f5a5f21bfd1a6a9eb8f54a57dfda34
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9d262ac9382b0e99ca6e45e54fc0fd5d7a73e29011c6592a5769197e0f55b492
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e
9fe1681eff50c09f05e49b7cbceb2ab631be115121172c03143db0e3732d0a71
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a184c92eae08dd020f51a252dea1c9d00f2e9549b60445f57f6c75e17eadda2d
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a497f3cc5e8aad2bdc0d5a1c84969d3df66ffcef7716c80c6a5434e6898ed330
a5955c9ba55b9107acb36500912e38a9ad577ecae28f7d59449b9dff4a8d32e5
a6c21364f409500d1fb958db55b234bc652a942d72c054f05b0984b98e94fc25
a6e1608fa15daca8c9d84431980be2484196cfd42212e943fc06f0a74dd6f8a0
a877e107ac086f4e17c1d148871f8c12ee48b5779be7de102e1284287f82d1bd
a91884c8c46d65f5d1d26858b89ee87646d90367db9e342ec5691682d48baba2
a9a9d156702e03ffa85433b9eae1403620d5ff8e76b91f32af60821c2ef08b29
aad2463012b8df8f9bad8abf48de42f9f3ac5cf1fa3b36805bc7620a8371e7a6
ab6731a2016973b5b08141995068eb11b42018ee118e10a29854e261879100c8
ab83aad4740edf8edba52ff08ee1f96fb9e04dd6ed361c38384bff5db63865ab
ac4b077053576cfb82fc307b0a729cf2f53607b4e00dbd228171d5c759a86d11
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adeac65db6e33de26d9e5ef1c7f747d98cd9cb8cf937e0ae66e0d66712292efc
aeb96d9143897c6849c02c99c056c6f73b1a4fd9100bff5335e1bfc8e3a1094f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cf56096ddb665989bcb168ce2f6a7d4d0763c977f918741678ff5b2703e289
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a
b3ef2c1a2995d026f11ad814a6a7b5a93207de66fa6c27aab3c7c53ce1bbdf33
b5152a82a2c9b459270a8dc7caabdba269dd2b15a588ae65a651ad907a8c2cbf
b55643fd04b3b3169e7cb81fbbb561abd10dc413a19045f7bef446810c4234c8
b5e18aa0b71e738893788382ee69ef481e2649807ca9b7502d2704f4c3a56000
b702b437633194e7ee7b19e8e1bc35d930c3c5b8208d3c26fab8be6d915b266e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb79e8a32ebcf43e5f0960df08e1960ba1cd267edf70cbb3ae13995bd28fc1e3
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bcff69700187a58223480861611dedb6e8775568696146b7acd8d7405d1456e3
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1
bf4f5ab0045686b26c1cae1052ec838ba10e9807774e88a277c61cba77481ec3
c10178f6e4d598b49b516bd20f53d838a61b3bee464d0339a389002e31f61479
c1240e39f70b4a93e5d18beeda99a866984682523f4525f11489571f0160052a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c114541cb2414f164e156ee66d93baba33676771da6f46dae48e25def73893
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c8e84baec8a95f5e12c82dbd7f47dc65dd066f75dc6184601073524101e53429
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc1f94acaa2032845a22acad293387186cc831f8893bd8033229c72b6ed0ce0b
ccb06d74c0fdad67bc043e546264d9dce15106759d41418727bd03eed61857ef
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d007701c860c9762eb5487e3a1f025e95d744f47ee9a5ff5bbb0655e7347dd48
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d47ef7515be475dd1fb82b229c9ba1fcbc16f79890fdcfde736e9ba97acb0e4c
d608f64530cc948ed0ea633649b248b00ebe43d6a1e44bbf6262f59e0640919d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0cfd53f37429b6217251f172833d092867a8f670f2f1995e3b284f73864c209
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d
f2bc49db2b0ebf70f73ce45db86755235972412f9a245147c34de90c7759e664
f35617f3fbecd9fdd66efab4665ca782371816b9d12b59616de0f110989d8e98
f3d08274c194e8f884374183f05abb3b30cbd31e8c789853ba40c7edd2ad049b
f4b06f5383bc9fea0f2f3aaed357a0061d20784e78469b702e4475baec2d57f3
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65
fb09dea30edefbcf196143f60e757b5c9c140e2ad456a663182860e786547cac
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff